urlscan.io logo urlscan.io
SecurityTrails logo

herschi.net Open in urlscan Pro
85.13.165.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://herschi.net/
Effective URL: https://herschi.net/
Submission: On March 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 41 HTTP transactions. The main IP is 85.13.165.77, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is herschi.net.
TLS certificate: Issued by R3 on March 4th 2023. Valid for: 3 months.
This is the only time herschi.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 85.13.165.77 34788 (NMM-AS D)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a01:4f8:1c17... 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.251.39.34 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
41 8
22    85.13.165.77 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd49416.kasserver.com
herschi.net
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
1    2a01:4f8:1c17:6617::1 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
moderate4.cleantalk.org
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
3    142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
googleads.g.doubleclick.net
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
22 herschi.net
herschi.net
230 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
235 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
6 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
696 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
601 B
1 cleantalk.org
moderate4.cleantalk.org — Cisco Umbrella Rank: 184923
364 B
41 7
Domain Requested by
22 herschi.net 1 redirects herschi.net
7 pagead2.googlesyndication.com herschi.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 moderate4.cleantalk.org herschi.net
41 9

This site contains no links.

Subject Issuer Validity Valid
herschi.net
R3		 2023-03-04 -
2023-06-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.cleantalk.org
Sectigo RSA Domain Validation Secure Server CA		 2022-09-12 -
2023-09-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://herschi.net/
Frame ID: DDECC0DC5B1B3AFF59552FD17DFF53AA
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3820672090301019&output=html&h=90&slotname=5042038782&adk=964164064&adf=3865401031&pi=t.ma~as.5042038782&w=728&lmt=1678229053&url=https%3A%2F%2Fherschi.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678229052987&bpp=14&bdt=202&idt=339&shv=r20230302&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=2014717849080&frm=20&pv=2&ga_vid=984201966.1678229053&ga_sid=1678229053&ga_hid=1728920203&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777877%2C44759926%2C31072791&oid=2&pvsid=3581725420008058&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=xz9gTYj4g0&p=https%3A//herschi.net&dtd=352
Frame ID: 37B93D97F4A79A5FB68C1C6E0AF3B7E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Frame ID: 89DE05AF595B45D228EF6C9FE1ABEBC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3820672090301019&output=html&adk=1812271804&adf=3025194257&lmt=1678229053&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fherschi.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678229053963&bpp=2&bdt=1178&idt=2&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8100d1b800110c63-22d443b946dd0099%3AT%3D1678229053%3ART%3D1678229053%3AS%3DALNI_MaMFakXaoIqTF-lVL54cxtz-HQaDQ&gpic=UID%3D00000bc15c5d14c8%3AT%3D1678229053%3ART%3D1678229053%3AS%3DALNI_Ma6dfNBzi1AUDDrzBkW-h_2t5k20A&prev_slotnames=5042038782&nras=1&correlator=2014717849080&frm=20&pv=1&ga_vid=984201966.1678229053&ga_sid=1678229053&ga_hid=1728920203&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777877%2C44759926%2C31072791&oid=2&pvsid=3581725420008058&tmod=324206186&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=19
Frame ID: 3D490FBD92E7F5851F9E90CA3E2A08FC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38D853C065EA4AD9F53A057C80E2E6AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19085DFBE310257D61A4E657BE7AF933
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Christian´s Hompage

Page URL History Show full URLs

  1. http://herschi.net/ HTTP 301
    https://herschi.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

473 kB
Transfer

1166 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://herschi.net/ HTTP 301
    https://herschi.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
herschi.net/
Redirect Chain
  • http://herschi.net/
  • https://herschi.net/
24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
c3fb6cdbdb5d6e7fa75fbfafbb58b1727b1ad89594fe98f417ea6a58b99d4801

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 22:44:12 GMT
link
<https://herschi.net/wp-json/>; rel="https://api.w.org/", <https://herschi.net/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://herschi.net/>; rel=shortlink
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
228
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 07 Mar 2023 22:44:12 GMT
Keep-Alive
timeout=2, max=1000
Location
https://herschi.net/
Server
Apache
style.css
herschi.net/wp-content/themes/picturesque/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/themes/picturesque/style.css
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
d790dc4ccd2e5df20abb24400abf01d94a7e2848aa085d3ca69fec56b6e4936f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
etag
"4752-4f8ea9a345800-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
4300
style.min.css
herschi.net/wp-includes/css/dist/block-library/ 		93 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Wed, 16 Nov 2022 00:37:38 GMT
server
Apache
etag
"172a9-5ed8badfadd83-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
11590
classic-themes.min.css
herschi.net/wp-includes/css/ 		217 B
220 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 13:36:31 GMT
server
Apache
etag
"d9-5ec7cedb4b47c-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
145
cleantalk-public.min.css
herschi.net/wp-content/plugins/cleantalk-spam-protect/css/ 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.2.1
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
732ed50433ac0b64ff46aac809ec7c4c42214ab43bbfa27bde87ae2bfaa48678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Sun, 29 Jan 2023 15:56:13 GMT
server
Apache
etag
"4f4-5f36923505cd5-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
444
styles.css
herschi.net/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Sun, 29 Jan 2023 15:42:31 GMT
server
Apache
etag
"af3-5f368f25086e5-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
870
jquery.min.js
herschi.net/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 13:36:31 GMT
server
Apache
etag
"15e54-5ec7cedb5411b-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
30350
jquery-migrate.min.js
herschi.net/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Sun, 31 Jan 2021 10:48:24 GMT
server
Apache
etag
"2bd8-5ba2ffa00c01f-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
3998
apbct-public-bundle.min.js
herschi.net/wp-content/plugins/cleantalk-spam-protect/js/ 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.2.1
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
0368ea5a5756685d66d1a09c0de0a6529e74f0b7315bee71d3da75a1cab6247a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Sun, 29 Jan 2023 15:56:13 GMT
server
Apache
etag
"cf9c-5f36923505cd5-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
13539
cropped-Zahnrad1.jpg
herschi.net/wp-content/uploads/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herschi.net/wp-content/uploads/cropped-Zahnrad1.jpg
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
4294c16b5ab43f41b9d3ff2e816835239af653288c5c1f186d99e14a22b29871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"c892-4f8ea9a345800"
content-length
51346
content-type
image/jpeg
52-300x176.jpg
herschi.net/wp-content/uploads/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herschi.net/wp-content/uploads/52-300x176.jpg
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
110867a09d0f727c5b3bd526457804f2eb8aa1cf829f28d4a028f358c3ecf0c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"677b-4f8ea9a345800"
content-length
26491
content-type
image/jpeg
show_ads.js
pagead2.googlesyndication.com/pagead/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc34763f1493fbe4bfbac954bdc29836e0f64ccc00d3ef1ff31b7f131cd579a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32506
x-xss-protection
0
server
cafe
etag
11030278271017961016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 22:44:12 GMT
2ecd8adeca13dcb5d60ac744db63da64.gif
moderate4.cleantalk.org/pixel/ 		43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moderate4.cleantalk.org/pixel/2ecd8adeca13dcb5d60ac744db63da64.gif
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:1c17:6617::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 22:44:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
index.js
herschi.net/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:12 GMT
content-encoding
br
last-modified
Sun, 29 Jan 2023 15:42:31 GMT
server
Apache
etag
"2945-5f368f250e4a4-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2909
index.js
herschi.net/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
br
last-modified
Sun, 29 Jan 2023 15:42:31 GMT
server
Apache
etag
"31d9-5f368f2509685-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
3879
drop-downs.js
herschi.net/wp-content/themes/picturesque/library/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/themes/picturesque/library/js/drop-downs.js?ver=20110920
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
24fb4e56c165dea5019d1a4525209335344359e75409ad8ca2fbdf2cb71580ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
br
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
etag
"1076-4f8ea9a345800-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1524
wp-emoji-release.min.js
herschi.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 00:12:33 GMT
server
Apache
etag
"48b9-5dfcaee0155ee-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
4614
bg.png
herschi.net/wp-content/themes/picturesque/images/ 		179 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herschi.net/wp-content/themes/picturesque/images/bg.png
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
9faed727eda4c3835c6f9a8beb75913c1db6176ec7886395220325ee60bfc9b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"b3-4f8ea9a345800"
content-length
179
content-type
image/png
yanonekaffeesatz-bold-webfont.woff
herschi.net/wp-content/themes/picturesque/fonts/yanone-kaffeesatz/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/themes/picturesque/fonts/yanone-kaffeesatz/yanonekaffeesatz-bold-webfont.woff
Requested by
Host: herschi.net
URL: https://herschi.net/wp-content/themes/picturesque/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
fd7ea9ace3b066d9cef5068b379eddeaa24c10b31a3cde9d28c3b85a8e584451

Request headers

Referer
https://herschi.net/wp-content/themes/picturesque/style.css
Origin
https://herschi.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"4624-4f8ea9a345800"
content-length
17956
content-type
font/woff
yanonekaffeesatz-regular-webfont.woff
herschi.net/wp-content/themes/picturesque/fonts/yanone-kaffeesatz/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://herschi.net/wp-content/themes/picturesque/fonts/yanone-kaffeesatz/yanonekaffeesatz-regular-webfont.woff
Requested by
Host: herschi.net
URL: https://herschi.net/wp-content/themes/picturesque/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
567b1035fa1b0dcf9afa17e5e82c2e9abd9ac1ef78e58b98cd7235a8db553f72

Request headers

Referer
https://herschi.net/wp-content/themes/picturesque/style.css
Origin
https://herschi.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"abf4-4f8ea9a345800"
content-length
44020
content-type
font/woff
53-300x70.jpg
herschi.net/wp-content/uploads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herschi.net/wp-content/uploads/53-300x70.jpg
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
a877d9c13e47ef4c7fb12082af51b96ad95913d490b1790a4ddd3ecf9c9ec059

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"14f0-4f8ea9a345800"
content-length
5360
content-type
image/jpeg
51.png
herschi.net/wp-content/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herschi.net/wp-content/uploads/51.png
Requested by
Host: herschi.net
URL: https://herschi.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
78b91cc6e0f704744d7be83b1e76fac5113add22ff59a0ba554ead7441d4f338

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"8d5-4f8ea9a345800"
content-length
2261
content-type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 		360 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
149536ab5a741447ab8fe03cd35179470c5e38b3fc372b602ed1be81146b7842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121464
x-xss-protection
0
server
cafe
etag
18256867623602401155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 22:44:13 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=herschi.net&callback=_gfp_s_&client=ca-pub-3820672090301019
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b944da14c18ad98d97e3d81007e8125f4210cd4e1c402261e545edec4e88adbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=herschi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=herschi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 37B9 		430 B
695 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3820672090301019&output=html&h=90&slotname=5042038782&adk=964164064&adf=3865401031&pi=t.ma~as.5042038782&w=728&lmt=1678229053&url=https%3A%2F%2Fherschi.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678229052987&bpp=14&bdt=202&idt=339&shv=r20230302&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=2014717849080&frm=20&pv=2&ga_vid=984201966.1678229053&ga_sid=1678229053&ga_hid=1728920203&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777877%2C44759926%2C31072791&oid=2&pvsid=3581725420008058&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=xz9gTYj4g0&p=https%3A//herschi.net&dtd=352
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8ced8151a4181fb2b5682893e63076d547063dbcacbf2a22c2977509f9b24a0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herschi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 22:44:13 GMT
expires
Tue, 07 Mar 2023 22:44:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
menu-arrows.png
herschi.net/wp-content/themes/picturesque/images/ 		209 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herschi.net/wp-content/themes/picturesque/images/menu-arrows.png
Requested by
Host: herschi.net
URL: https://herschi.net/wp-content/themes/picturesque/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.165.77 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd49416.kasserver.com
Software
Apache /
Resource Hash
def7f305cf21f23c3394b933bc5a7f8b025c47c14c1928b936c5612784448881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/wp-content/themes/picturesque/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
last-modified
Thu, 08 May 2014 22:00:00 GMT
server
Apache
accept-ranges
bytes
etag
"d1-4f8ea9a345800"
content-length
209
content-type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		141 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d8a9fdd38e03db7d62d1edf831fa7e5dbc4b698723d350fe3ffb1a532e9c4e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48296
x-xss-protection
0
server
cafe
etag
13091179647739084038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 22:44:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230302&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
633ae95eb3f61fa1a59f49e1e76d7013837dac51fec5cd086947f56da8e8b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11262
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 22:44:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/ Frame 89DE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herschi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 21:58:37 GMT
etag
2378337311435320485
expires
Tue, 21 Mar 2023 21:58:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=herschi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=herschi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D49 		0
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3820672090301019&output=html&adk=1812271804&adf=3025194257&lmt=1678229053&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fherschi.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678229053963&bpp=2&bdt=1178&idt=2&shv=r20230302&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8100d1b800110c63-22d443b946dd0099%3AT%3D1678229053%3ART%3D1678229053%3AS%3DALNI_MaMFakXaoIqTF-lVL54cxtz-HQaDQ&gpic=UID%3D00000bc15c5d14c8%3AT%3D1678229053%3ART%3D1678229053%3AS%3DALNI_Ma6dfNBzi1AUDDrzBkW-h_2t5k20A&prev_slotnames=5042038782&nras=1&correlator=2014717849080&frm=20&pv=1&ga_vid=984201966.1678229053&ga_sid=1678229053&ga_hid=1728920203&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44777877%2C44759926%2C31072791&oid=2&pvsid=3581725420008058&tmod=324206186&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3820672090301019&plah=herschi.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s38-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herschi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 22:44:14 GMT
expires
Tue, 07 Mar 2023 22:44:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herschi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 22:33:03 GMT
expires
Wed, 06 Mar 2024 22:33:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1908 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac42794d7e873805033ff23abc48f4c31766883c863b5cd8ce5926e4cb775869
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MBM5sf4l1p_76X_GMxA8kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://herschi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-MBM5sf4l1p_76X_GMxA8kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 22:44:14 GMT
expires
Tue, 07 Mar 2023 22:44:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
pagead2.googlesyndication.com/bg/ Frame 38D8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 16:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
23062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14343
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 16:19:52 GMT
generate_204
tpc.googlesyndication.com/ Frame 38D8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gkLOCg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:44:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1908 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230302&jk=3581725420008058&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230302&jk=3581725420008058&bg=!PD-lP2vNAAbv3-2Ez987ADkAdvg8WoDe7HRyWwEg3l1ZqLUPAx_q5DY0pCiXJGNizD8i2nks6-jCgyZwO0kt00-JhlWBJ9_vS8kCAAAAQVIAAAADaAEHCgAOBtbD2qD5s12O7sVGHpaZApXVz-Nm7QqdTgt8crIWH8PzwAWc_zBZ0f7olPxg6HdQkGzHqQzhYm7-Vqk05L5yR_C_7YvuaZLYHWCtm6kFb5BhLb15tBL7wYYOM8yMw3u4SJIQQFs_iQY2orn0Mvg0o9dsh-T03kuDhJ2u-I4vdt4mk02hz_6tosajNPxalAvWSvyR0laZS_O2cSHSZ_DK3GCe3RniYUi6G0iTf9CkD3XrOoGb-Nzzol557k-iTsvCYGiv9BoQzfmb4llSxeg1NE6UnK-YBVxD45nSxcuRoPt2phOFj9XQ_R5ZJdoBgCTIthh3PgeB4jUPjDDx8Txf-N8ZRxkIA64hRSlP5P0R8w9GU1EnuuBncebAmFADxrJMfZ-aosG0l_zg5ukRbM1le_H9UjetD7qV7oM_pWszYkWqQ2Nc6CwEkFARMJG7zR2E0EpmSF5FkV-A6CGqPakLp9bZXhkg4BHZOOZnca9mIAqx8dAmfObCj4VQlyeYF2rD6W9iCiyaKIJRCyRF4ibPHfeFb-xI7q20B264rbMkZmcevkMBjw4RXPahPKNWyEiXOyKR9ACQiUVL9hG4DpMqDso9yNX0xGN0GgXaq3AmV3b-e7XTKbDPHZTgWNOwHjLBrrRpg9MgLV8yH81ZZArtp9k-ilat4SH5bebyFykWHUPwQfhXMqKrPlTsRyX538vipfkt_7LGALRbJEhzGLkt5IiRO7dWojSTd4yL0NShs9AUUEE60e_AC-SyuSYZLarwXGS23hTE3ujHPj3dJZqlskSdl487vCW-StuhKgKhpnehhP7f9T6yqFq9CpGkvAOUSYhfVV28wHHRNBUG93r-FxyaD2Z6-tZSyG7uo06UoAC0LRBzpLAu23-DvNDnx2WE2t7CHYZ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://herschi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

294 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless function| apbct_attach_event_handler__backend object| _wpemojiSettings undefined| $ function| jQuery object| ctPublicFunctions object| ctPublic function| ownKeys function| _objectSpread function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| _toPropertyKey function| _toPrimitive function| ApbctCore function| apbct function| ApbctXhr function| ApbctAjax function| ApbctRest function| ctSetCookie function| ctDetectForcedAltCookiesForms function| ctSetAlternativeCookie function| ctGetCookie function| ctDeleteCookie function| apbct_public_sendAJAX function| apbct_public_sendREST function| apbctGenerateUniqueID object| apbctLocalStorage object| apbctSessionStorage object| ct_date number| ctTimeMs boolean| ctMouseEventTimerFlag object| ctMouseData number| ctMouseDataCounter object| ctCheckedEmails function| apbct_attach_event_handler function| apbct_remove_event_handler undefined| ctMouseReadInterval undefined| ctMouseWriteDataInterval function| ctFunctionFirstKey function| ctFunctionMouseMove function| ctMouseStopData function| ctKeyStopStopListening function| checkEmail function| ctSetPixelImg function| ctGetPixelUrl function| ctSetHasScrolled function| ctSetMouseMoved function| ctStartFieldsListening function| ctStopFieldsListening function| ctFunctionHasInputFocused function| ctFunctionHasKeyUp function| ctSetHasInputFocused function| ctSetHasKeyUp function| ctPreloadLocalStorage function| apbct_ready function| ctFillDecodedEmailHandler function| apbctAjaxEmailDecodeBulk function| apbctEmailEncoderCallbackBulk function| resetEncodedNodes function| getJavascriptClientData function| removeDoubleJsonEncoding function| ctProcessDecodedDataResult function| ctFillDecodedEmail function| ctShowDecodeComment function| apbct_collect_visible_fields function| apbct_visible_fields_set_cookie function| apbct_js_keys__set_input_value function| apbctGetScreenInfo function| ctParseBlockMessage function| ctSetPixelUrlLocalstorage function| ctNoCookieConstructHiddenField function| ctGetPageForms function| ctNoCookieAttachHiddenFieldsToForms object| cleantalkModal object| buttons_to_handle function| apbct_gdpr_handle_buttons function| ct_protect_external function| formIsExclusion function| apbctProcessIframes function| apbctProcessExternalForm function| apbct_replace_inputs_values_from_other_form function| isIntegratedForm function| sendAjaxCheckingFormData function| ct_check_internal function| ct_check_internal__is_exclude_form object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_tag_data object| google_sa_queue function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| easpa object| asgr object| asmrc object| asntp object| asntpv object| asntpl object| asntpm object| asntpc object| asna object| asnd object| asnp object| asns object| asmat object| asptt object| asro object| ascet object| asrc object| asbu object| aseb object| asla object| asaa object| asupm object| google_shadow_mode boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint object| swv object| wpcf7 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $j object| twemoji object| wp object| $ULs object| adsbygoogle object| GoogleGcLKhOms number| tmod function| google_spfd number| google_rum_task_id_counter object| google_image_requests

3 Cookies

Domain/Path Name / Value
.herschi.net/ Name: __gads
Value: ID=8100d1b800110c63-22d443b946dd0099:T=1678229053:RT=1678229053:S=ALNI_MaMFakXaoIqTF-lVL54cxtz-HQaDQ
.herschi.net/ Name: __gpi
Value: UID=00000bc15c5d14c8:T=1678229053:RT=1678229053:S=ALNI_Ma6dfNBzi1AUDDrzBkW-h_2t5k20A
.doubleclick.net/ Name: IDE
Value: AHWqTUntANvx_VF5ajKegWzQuVMWgVBC5Fs2JcT6T4QwWf37tfrTR9p7J0e2SNw8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
herschi.net
moderate4.cleantalk.org
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
142.251.39.34
2a00:1450:4001:811::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:400d:803::2004
2a00:1450:400d:806::2002
2a01:4f8:1c17:6617::1
85.13.165.77
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0368ea5a5756685d66d1a09c0de0a6529e74f0b7315bee71d3da75a1cab6247a
110867a09d0f727c5b3bd526457804f2eb8aa1cf829f28d4a028f358c3ecf0c7
149536ab5a741447ab8fe03cd35179470c5e38b3fc372b602ed1be81146b7842
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
24fb4e56c165dea5019d1a4525209335344359e75409ad8ca2fbdf2cb71580ba
3d8a9fdd38e03db7d62d1edf831fa7e5dbc4b698723d350fe3ffb1a532e9c4e6
4294c16b5ab43f41b9d3ff2e816835239af653288c5c1f186d99e14a22b29871
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567b1035fa1b0dcf9afa17e5e82c2e9abd9ac1ef78e58b98cd7235a8db553f72
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633ae95eb3f61fa1a59f49e1e76d7013837dac51fec5cd086947f56da8e8b982
732ed50433ac0b64ff46aac809ec7c4c42214ab43bbfa27bde87ae2bfaa48678
78b91cc6e0f704744d7be83b1e76fac5113add22ff59a0ba554ead7441d4f338
8ced8151a4181fb2b5682893e63076d547063dbcacbf2a22c2977509f9b24a0a
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9faed727eda4c3835c6f9a8beb75913c1db6176ec7886395220325ee60bfc9b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a877d9c13e47ef4c7fb12082af51b96ad95913d490b1790a4ddd3ecf9c9ec059
ac42794d7e873805033ff23abc48f4c31766883c863b5cd8ce5926e4cb775869
af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f
b944da14c18ad98d97e3d81007e8125f4210cd4e1c402261e545edec4e88adbf
bc34763f1493fbe4bfbac954bdc29836e0f64ccc00d3ef1ff31b7f131cd579a1
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3fb6cdbdb5d6e7fa75fbfafbb58b1727b1ad89594fe98f417ea6a58b99d4801
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d790dc4ccd2e5df20abb24400abf01d94a7e2848aa085d3ca69fec56b6e4936f
def7f305cf21f23c3394b933bc5a7f8b025c47c14c1928b936c5612784448881
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
fd7ea9ace3b066d9cef5068b379eddeaa24c10b31a3cde9d28c3b85a8e584451