urlscan.io logo urlscan.io
SecurityTrails logo

js-grinseln.wsi-demo.de Open in urlscan Pro
45.144.187.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://js-grinseln.wsi-demo.de/
Submission: On February 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 64 HTTP transactions. The main IP is 45.144.187.21, located in Germany and belongs to MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE. The main domain is js-grinseln.wsi-demo.de.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.
This is the only time js-grinseln.wsi-demo.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
41 45.144.187.21 15817 (MITTWALD-...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 1 23.1.196.33 16625 (AKAMAI-AS)
1 2a02:2e0:41b:... 12306 (PLUSLINE)
1 62.128.18.22 12337 (NORIS-NET...)
1 18.196.95.44 16509 (AMAZON-02)
6 2600:9000:251... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.64 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
64 10
41    45.144.187.21 (Germany)

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)
js-grinseln.wsi-demo.de
6    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    23.1.196.33 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-196-33.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a02:2e0:41b:1030:f:0:11:11 (Germany)

ASN12306 (PLUSLINE, DE)
tui-online.de
1    62.128.18.22 (Nuremberg, Germany)

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)
www4.srpa.de
1    18.196.95.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-44.eu-central-1.compute.amazonaws.com
travelsystem.de
6    2600:9000:2512:6200:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.bstatic.com
r.bstatic.com
3    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    52.85.61.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-64.ewr53.r.cloudfront.net
www.booking.com
3    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:809::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
41 wsi-demo.de
js-grinseln.wsi-demo.de
2 MB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
227 KB
6 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 14997
r.bstatic.com — Cisco Umbrella Rank: 100794
56 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 booking.com
www.booking.com — Cisco Umbrella Rank: 9746
2 KB
1 travelsystem.de
travelsystem.de
32 KB
1 srpa.de
www4.srpa.de
34 KB
1 tui-online.de
tui-online.de
39 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
599 B
64 10
Domain Requested by
41 js-grinseln.wsi-demo.de js-grinseln.wsi-demo.de
6 pagead2.googlesyndication.com js-grinseln.wsi-demo.de
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 r.bstatic.com cf.bstatic.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 cf.bstatic.com js-grinseln.wsi-demo.de
www.booking.com
1 www.google.com tpc.googlesyndication.com
1 www.booking.com cf.bstatic.com
1 travelsystem.de js-grinseln.wsi-demo.de
1 www4.srpa.de js-grinseln.wsi-demo.de
1 tui-online.de js-grinseln.wsi-demo.de
1 www.awin1.com 1 redirects
64 12

This site contains links to these domains. Also see Links.

Domain
www.schmetterling-select.de
www.die-griechischen-inseln.de
www.awin1.com
schmetterling-select.de
Subject Issuer Validity Valid
js-grinseln.wsi-demo.de
R3		 2024-02-03 -
2024-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www2.srpa.de
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
travelsystem.de
Amazon RSA 2048 M01		 2023-05-23 -
2024-06-20		 a year crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-12 -
2024-05-18		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://js-grinseln.wsi-demo.de/
Frame ID: 679A1D25CC48894AC1893D02DEE457F3
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Frame ID: 8B1451190418AF08AD86E5FE0D4B7DEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3861612286702947&output=html&h=60&slotname=7992614489&adk=808388550&adf=1255170682&pi=t.ma~as.7992614489&w=468&lmt=1706980394&format=468x60&url=https%3A%2F%2Fjs-grinseln.wsi-demo.de%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706980395721&bpp=4&bdt=968&idt=144&shv=r20240131&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=7345778718506&frm=20&pv=2&ga_vid=1816881884.1706980396&ga_sid=1706980396&ga_hid=2124088805&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080658%2C31080837%2C95320869%2C95324155%2C95324160&oid=2&pvsid=3256683557801135&tmod=1873383838&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=159
Frame ID: 67810F99E64ED4FD030B745CCE7C0D6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3861612286702947&output=html&adk=1812271804&adf=3025194257&lmt=1706980394&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fjs-grinseln.wsi-demo.de%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706980396209&bpp=2&bdt=1456&idt=2&shv=r20240131&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&nras=1&correlator=7345778718506&frm=20&pv=1&ga_vid=1816881884.1706980396&ga_sid=1706980396&ga_hid=2124088805&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080658%2C31080837%2C95320869%2C95324155%2C95324160&oid=2&pvsid=3256683557801135&tmod=1873383838&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=15
Frame ID: 9D9AB4AD9003667F9099952607C23B90
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=de&aid=2228110&target_aid=2228110&banner_id=108288&tmpl=affiliate_banner&fid=1706980396229&
Frame ID: EED661B3D6C15A75E6EBBEE717DE609E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 16D003EADD30104BA6F52682B06A6130
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5EF1F37CF2C37F82EC83F3EA0CD27B01
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Start

Detected technologies

Overall confidence: 50%
Detected patterns
  • (?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

55 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

2734 kB
Transfer

3298 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.awin1.com/cshow.php?s=2902238&v=10102&q=415155&r=394977 HTTP 302
  • https://tui-online.de/banner/affiliate/Banner/TUI%26TUIfly/728x90.jpg

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
js-grinseln.wsi-demo.de/ 		59 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
a2e4b76ca46fcd2899340b93a20f93b33dd82e63c7f0437bf40c592b04edbbb7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 03 Feb 2024 17:13:14 GMT
expires
Wed, 17 Aug 2005 00:00:00 GMT
last-modified
Sat, 03 Feb 2024 17:13:14 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-content-encoded-by
Joomla
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
mainstyle.css
js-grinseln.wsi-demo.de/components/com_jrealtimeanalytics/css/ 		587 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/components/com_jrealtimeanalytics/css/mainstyle.css?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
2b674718b51d6820106e0cbc47684870a8a4180e83868f2eb65b18c13b08b609
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:41:20 GMT
etag
"24b-609e244b16800"
content-type
text/css
accept-ranges
bytes
content-length
587
all.min.css
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/font-awesome5/css/ 		96 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/font-awesome5/css/all.min.css?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
3b961e8e82f12168fd8e04ab46f9b596aae9c7fa0ac8066112176957f336114b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"1803c-60f7576ccfdc0"
content-type
text/css
accept-ranges
bytes
content-length
98364
font-awesome.min.css
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/font-awesome/css/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/font-awesome/css/font-awesome.min.css?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"7918-60f7576ccfdc0"
content-type
text/css
accept-ranges
bytes
content-length
31000
icomoon.css
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/icomoon/css/ 		24 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/icomoon/css/icomoon.css?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
9a91bcec61bd280a01048dda0c906b2af60dbe4e2f0488fd2faae99d1ebd8710
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"5ffa-60f7576ccfdc0"
content-type
text/css
accept-ranges
bytes
content-length
24570
joomla-alert.min.css
js-grinseln.wsi-demo.de/media/vendor/joomla-custom-elements/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/vendor/joomla-custom-elements/css/joomla-alert.min.css?0.2.0
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
70afa630568bdfee5b7ce97098eeb038d6a1bb9af0a406dd0682efc9c00a2a29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"3bb-60e309ddd2980"
vary
Accept-encoding
content-type
text/css
accept-ranges
bytes
content-length
955
cookieconsent.min.css
js-grinseln.wsi-demo.de/plugins/system/gdpr/assets/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/gdpr/assets/css/cookieconsent.min.css?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
ff72500ad99a022a642521f036c66a845291658f7898ec19622dbf3a2e3e36a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:05 GMT
etag
"6283-60f7573950440"
content-type
text/css
accept-ranges
bytes
content-length
25219
97b7d8d1d722226a2cc45e40b2350a67.css
js-grinseln.wsi-demo.de/media/t4/optimize/css/ 		374 KB
374 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/t4/optimize/css/97b7d8d1d722226a2cc45e40b2350a67.css?daa72fea0e70285df2b6407161f2fb35
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
00ecc0b8180f65011cca123a402f850f9b8275b493184fd8376c42a190ee87db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 03 Feb 2024 12:11:59 GMT
etag
"5d703-6107922b8afc1"
content-type
text/css
accept-ranges
bytes
content-length
382723
jquery.min.js
js-grinseln.wsi-demo.de/media/vendor/jquery/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/vendor/jquery/js/jquery.min.js?3.7.1
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"7686-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
30342
jquery-noconflict.min.js
js-grinseln.wsi-demo.de/media/legacy/js/ 		27 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/legacy/js/jquery-noconflict.min.js?647005fc12b79b3ca2bb30c059899d5994e3e34d
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
b2780d4cc319da7a668fa616e02c74f77835975dd95c989340dc2538709ae805
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"2f-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
47
stream.js
js-grinseln.wsi-demo.de/components/com_jrealtimeanalytics/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/components/com_jrealtimeanalytics/js/stream.js?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
0e8bebd0bfcd72877e42c5c10b37d4e4d996c40642364a264ea44ae97aea1879
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:41:20 GMT
etag
"198d-609e244b16800"
content-type
application/javascript
accept-ranges
bytes
content-length
6541
heatmap.js
js-grinseln.wsi-demo.de/components/com_jrealtimeanalytics/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/components/com_jrealtimeanalytics/js/heatmap.js?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
1a7878760ac3fbb345d74bc051418aaef0acd6ac6a3d055c0783814efed369c2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:41:20 GMT
etag
"8bd-609e244b16800"
content-type
application/javascript
accept-ranges
bytes
content-length
2237
jquery-migrate.min.js
js-grinseln.wsi-demo.de/media/vendor/jquery-migrate/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/vendor/jquery-migrate/js/jquery-migrate.min.js?3.4.1
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
148a74b0921ad78021d716e8032ede1cdaf7ed7279cefd7d2acbe906add12a68
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"1320-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
4896
bootstrap.bundle.min.js
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/bootstrap/js/ 		77 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/bootstrap/js/bootstrap.bundle.min.js?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"1332b-60f7576ccfdc0"
content-type
application/javascript
accept-ranges
bytes
content-length
78635
core.min.js
js-grinseln.wsi-demo.de/media/system/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/system/js/core.min.js?ee06c8994b37d13d4ad21c573bbffeeb9465c0e2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
43286772a83ce259efb9e243953860ff86822af772b624994d2e69b16b5e963c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"c7e-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
3198
finder.min.js
js-grinseln.wsi-demo.de/media/com_finder/js/ 		1 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/com_finder/js/finder.min.js?a2c3894d062787a266d59d457ffba5481b639f64
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
8aae1318fc4db273999c16db9351b4fbece663dc52561781d8c0f97a3ab3565e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Origin
https://js-grinseln.wsi-demo.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"2c0-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
704
messages.min.js
js-grinseln.wsi-demo.de/media/system/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/system/js/messages.min.js?7f7aa28ac8e8d42145850e8b45b3bc82ff9a6411
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
251b55c8dbd66154c2163ee5e53808c394678405276d6ad5758e848ccd1d37be
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Origin
https://js-grinseln.wsi-demo.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"72d-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1837
dropdown.min.js
js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/dropdown.min.js?5.3.2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
ab9b6fb6e9491507f98fd4c081b9c3213664d446d51168d2bfb9665dbc57cb8b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Origin
https://js-grinseln.wsi-demo.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"979-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
2425
collapse.min.js
js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/collapse.min.js?5.3.2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
aa9c393e3c42f8c5d0b24bb39314e5894961a0dbc99adfee9b0b1dd97978879c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Origin
https://js-grinseln.wsi-demo.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"5fc-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1532
cookieconsent.min.js
js-grinseln.wsi-demo.de/plugins/system/gdpr/assets/js/ 		62 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/gdpr/assets/js/cookieconsent.min.js?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
76bdd6372b279e403fd7e458a68b0459c89965be8c78f1c52d29c21485d55395
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:05 GMT
etag
"f74a-60f7573950440"
content-type
application/javascript
accept-ranges
bytes
content-length
63306
init.js
js-grinseln.wsi-demo.de/plugins/system/gdpr/assets/js/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/gdpr/assets/js/init.js?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
fb755828679664b13119142d205a9c01ccf53beb818306e85ed206c2dc1bc30f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:05 GMT
etag
"6a2d-60f7573950440"
content-type
application/javascript
accept-ranges
bytes
content-length
27181
jquery.touchSwipe.min.js
js-grinseln.wsi-demo.de/components/com_droppics/assets/js/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/components/com_droppics/assets/js/jquery.touchSwipe.min.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
f3d38ac4a48d76a15a2096e22361711c0efbd096c1a28bc8e013c11a6b83e24b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 15:06:05 GMT
etag
"4fa0-60a96d3337140"
content-type
application/javascript
accept-ranges
bytes
content-length
20384
jquery.colorbox-min.js
js-grinseln.wsi-demo.de/components/com_droppics/assets/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/components/com_droppics/assets/js/jquery.colorbox-min.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
8eff4b22acc42f468a6032dd57d382a5d03146fce198972493eaa693724ac0b1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 15:06:05 GMT
etag
"2b77-60a96d3337140"
content-type
application/javascript
accept-ranges
bytes
content-length
11127
colorbox.init.js
js-grinseln.wsi-demo.de/components/com_droppics/assets/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/components/com_droppics/assets/js/colorbox.init.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
0f02335348ea4a5fce2a137fabc53fc7b5fc062003e8ff4fce3141be6170af03
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 15:06:05 GMT
etag
"1d7a-60a96d3337140"
content-type
application/javascript
accept-ranges
bytes
content-length
7546
js-offcanvas.pkgd.js
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/js-offcanvas/_js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/js-offcanvas/_js/js-offcanvas.pkgd.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
94ded34167c62e506fbe18a87e648ca1eac72c9556d469ed3ee51a2d80fe756d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"5f57-60f7576ccfdc0"
content-type
application/javascript
accept-ranges
bytes
content-length
24407
bodyScrollLock.min.js
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/bodyscrolllock/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/vendors/bodyscrolllock/bodyScrollLock.min.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"b16-60f7576ccfdc0"
content-type
application/javascript
accept-ranges
bytes
content-length
2838
offcanvas.js
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/js/offcanvas.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
76202c41c9fe1751890db288c11326493ed5804b58eb8b422ad76472c51ffd3d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"e38-60f7576ccfdc0"
content-type
application/javascript
accept-ranges
bytes
content-length
3640
template.js
js-grinseln.wsi-demo.de/templates/t4_blank/js/ 		714 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/templates/t4_blank/js/template.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
9187c9955fae426431bebae830ae6a5b889744adf4e59a48d94641e7d38db7ca
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:19 GMT
etag
"2ca-609e22f2cfbc0"
content-type
application/javascript
accept-ranges
bytes
content-length
714
base.js
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/js/base.js?229a2a4d7218ae15fcea1b9a9cdee7f2
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
dd34784ef520c494e64b176fd5e6098e76d21a6df97c249a08e2f9b01ba29f7a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"2366-60f7576ccfdc0"
content-type
application/javascript
accept-ranges
bytes
content-length
9062
megamenu.js
js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/t4/themes/base/js/megamenu.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
e313fb50aa2cf196c03b31b41117dd227fe1a5f8e1e65d8e84d8a54b8e7c0b56
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 21 Jan 2024 14:23:59 GMT
etag
"20ea-60f7576ccfdc0"
content-type
application/javascript
accept-ranges
bytes
content-length
8426
header-default.jpg
js-grinseln.wsi-demo.de/images/header-images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-grinseln.wsi-demo.de/images/header-images/header-default.jpg?2088091652
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
635d907a4150f077cb8e47cf2be557c684bbc2ffe52383dd012cb076a2e1ee43
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:19 GMT
etag
"143bfb-609e22f2cfbc0"
content-type
image/jpeg
accept-ranges
bytes
content-length
1326075
Lefkada_Strand_Porto_Katsiki_43548899.jpg
js-grinseln.wsi-demo.de/images/com_droppics/253/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-grinseln.wsi-demo.de/images/com_droppics/253/Lefkada_Strand_Porto_Katsiki_43548899.jpg?1681910947
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
e046ab33644911b6a4f692c0ba139aaa65c44d118529cf2df38354671b9ad739
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:22 GMT
etag
"9851-609e22f5ac280"
content-type
image/jpeg
accept-ranges
bytes
content-length
38993
signal.gif
js-grinseln.wsi-demo.de/plugins/system/jvlinkmanager/assets/images/ 		74 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-grinseln.wsi-demo.de/plugins/system/jvlinkmanager/assets/images/signal.gif
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
7bc049f35a4f98c886da303d962000f7fa3438dc5aa4d55a83ef6ba824b08575
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:14 GMT
etag
"4a-609e22ee0b080"
content-type
image/gif
accept-ranges
bytes
content-length
74
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69de0e4eea357023848b7c6783ae4e2ab3e07ab8f881f25d1b5ce5715d667e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51307
x-xss-protection
0
server
cafe
etag
10327930143715436708
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 03 Feb 2024 17:13:15 GMT
728x90.jpg
tui-online.de/banner/affiliate/Banner/TUI%26TUIfly/
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2902238&v=10102&q=415155&r=394977
  • https://tui-online.de/banner/affiliate/Banner/TUI%26TUIfly/728x90.jpg
39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tui-online.de/banner/affiliate/Banner/TUI%26TUIfly/728x90.jpg
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Server
2a02:2e0:41b:1030:f:0:11:11 , Germany, ASN12306 (PLUSLINE, DE),
Reverse DNS
Software
Apache /
Resource Hash
d5df61eaac599477e22565dae2deedea5dba9862dd3cc078685baeb8c4ccdc91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:16 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 09 Jan 2024 14:17:21 GMT
server
Apache
etag
"9aa9-60e83f8fb7e40"
content-type
image/jpeg
accept-ranges
bytes
content-length
39593

Redirect headers

Date
Sat, 03 Feb 2024 17:13:15 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://tui-online.de/banner/affiliate/Banner/TUI%26TUIfly/728x90.jpg
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Griechenland.jpg
www4.srpa.de/advertImg/dsi/468x60/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.srpa.de/advertImg/dsi/468x60/Griechenland.jpg
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.128.18.22 Nuremberg, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
b7f96b266a595e7b32124f6a2c362020ef0ca474dc6300b31cd42623057442c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sat, 03 Feb 2024 17:13:16 GMT
Last-Modified
Tue, 03 Sep 2013 10:14:47 GMT
Server
nginx
ETag
"685a4-864a-4e577f55993c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34378
tbe2IframeResizer.js
travelsystem.de/dynamic/tbe2_resize/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelsystem.de/dynamic/tbe2_resize/tbe2IframeResizer.js
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.95.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-95-44.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
64169ab553b276786030863e7fb66e5199d3dfe46ffc9b0e568e4c3e732c848f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 18 Dec 2023 13:22:38 GMT
server
Apache
etag
"8078-60cc8a4caa380"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
32888
flexiproduct.js
cf.bstatic.com/static/affiliate_base/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1706980395442
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:49:48 GMT
content-encoding
br
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
JFK50-P7
age
624207
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 13 Jun 2022 03:41:28 GMT
server
nginx
etag
W/"62a6b1e8-1849"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
Ns18asp4AvIAFRy7Z4dV8gh_YxLm1nWXB4OjP9GjtcadEKaSqn6Tcg==
expires
Mon, 26 Feb 2024 11:49:48 GMT
Thasos_Psili_Ammos_161654952.jpg
js-grinseln.wsi-demo.de/images/com_droppics/242/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-grinseln.wsi-demo.de/images/com_droppics/242/Thasos_Psili_Ammos_161654952.jpg
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
b2c480d1885e3d01d62561717b8604d20b42dc1e1c91effa6b09c23a48f929dc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:19 GMT
etag
"6831-609e22f2cfbc0"
content-type
image/jpeg
accept-ranges
bytes
content-length
26673
Samothraki_Pachia_Amos_37537952.jpg
js-grinseln.wsi-demo.de/images/com_droppics/239/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-grinseln.wsi-demo.de/images/com_droppics/239/Samothraki_Pachia_Amos_37537952.jpg
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
2a4c3a0c4ef9aff5355d06924c967f6025848a80e1bb9735462763039770d3b1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:21 GMT
etag
"4934-609e22f4b8040"
content-type
image/jpeg
accept-ranges
bytes
content-length
18740
Aghios_Efstratios_Ostkueste_1915562839.jpg
js-grinseln.wsi-demo.de/images/com_droppics/8/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-grinseln.wsi-demo.de/images/com_droppics/8/Aghios_Efstratios_Ostkueste_1915562839.jpg
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
495743ad9e6a679ad4c090941d4d44f86ea506c5904dc4a894f65cd972b719f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:20 GMT
etag
"6804-609e22f3c3e00"
content-type
image/jpeg
accept-ranges
bytes
content-length
26628
Lefkada_Strand_Porto_Katsiki_43548899.jpg
js-grinseln.wsi-demo.de/images/com_droppics/253/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-grinseln.wsi-demo.de/images/com_droppics/253/Lefkada_Strand_Porto_Katsiki_43548899.jpg
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
e046ab33644911b6a4f692c0ba139aaa65c44d118529cf2df38354671b9ad739
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 11 Nov 2023 15:35:22 GMT
etag
"9851-609e22f5ac280"
content-type
image/jpeg
accept-ranges
bytes
content-length
38993
popper.min.js
js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/popper.min.js?5.3.0
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
f534a736511d57e6673f4751edef892b97c95f0c609d22da3ba31d495c2fa0e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/dropdown.min.js?5.3.2
Origin
https://js-grinseln.wsi-demo.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"1e45-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
7749
dom.min.js
js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/dom.min.js?5.3.0
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
0953ab3763d959cf73d3b10688ef7973499f3de164f9cca293bc8ee553beccaf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://js-grinseln.wsi-demo.de/media/vendor/bootstrap/js/dropdown.min.js?5.3.2
Origin
https://js-grinseln.wsi-demo.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 05 Jan 2024 10:50:30 GMT
etag
"1a4c-60e309ddd2980"
vary
Accept-encoding
content-type
text/javascript
accept-ranges
bytes
content-length
6732
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js?bust=31080837
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bb8abf37067c9bace633ec1af10c5420587061691910cd4bf127385c8bda5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140847
x-xss-protection
0
server
cafe
etag
17498992294003497309
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 17:13:15 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame 8B14 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
75887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 20:08:28 GMT
etag
3890843268177463596
expires
Fri, 16 Feb 2024 20:08:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6781 		603 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3861612286702947&output=html&h=60&slotname=7992614489&adk=808388550&adf=1255170682&pi=t.ma~as.7992614489&w=468&lmt=1706980394&format=468x60&url=https%3A%2F%2Fjs-grinseln.wsi-demo.de%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706980395721&bpp=4&bdt=968&idt=144&shv=r20240131&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=7345778718506&frm=20&pv=2&ga_vid=1816881884.1706980396&ga_sid=1706980396&ga_hid=2124088805&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080658%2C31080837%2C95320869%2C95324155%2C95324160&oid=2&pvsid=3256683557801135&tmod=1873383838&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js?bust=31080837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Feb 2024 17:13:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9D9A 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3861612286702947&output=html&adk=1812271804&adf=3025194257&lmt=1706980394&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fjs-grinseln.wsi-demo.de%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706980396209&bpp=2&bdt=1456&idt=2&shv=r20240131&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&nras=1&correlator=7345778718506&frm=20&pv=1&ga_vid=1816881884.1706980396&ga_sid=1706980396&ga_hid=2124088805&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080658%2C31080837%2C95320869%2C95324155%2C95324160&oid=2&pvsid=3256683557801135&tmod=1873383838&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js?bust=31080837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Feb 2024 17:13:16 GMT
expires
Sat, 03 Feb 2024 17:13:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
flexiproduct.html
www.booking.com/ Frame EED6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=de&aid=2228110&target_aid=2228110&banner_id=108288&tmpl=affiliate_banner&fid=1706980396229&
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1706980395442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-64.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
adea0330e64909cd83cd93cf178716149ea65f0c71fbb8ef64ccd8ad987dde24
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private
content-encoding
br
content-length
1124
content-type
text/html; charset=UTF-8
date
Sat, 03 Feb 2024 17:13:16 GMT
nel
{"max_age":604800,"report_to":"default"}
report-to
{"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
server
nginx
strict-transport-security
max-age=86400; includeSubDomains
vary
User-Agent, Accept-Encoding
via
1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
x-amz-cf-id
1Y6wFcU8yTy3J2RHqfIW4D3VWG7puaUtFDhUkC5ONQ3-sIqOSm-0ZQ==
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.php
js-grinseln.wsi-demo.de/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/index.php?option=com_jrealtimeanalytics&format=json
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/media/vendor/jquery/js/jquery.min.js?3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
05b15381bdca30f6a0069e3c2e364f4496f7a362c273c2330c15fb5b3ad55a62
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://js-grinseln.wsi-demo.de/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 03 Feb 2024 17:13:16 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Sat, 03 Feb 2024 17:13:16 GMT
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-disposition
attachment; filename="joomla.json"
x-content-encoded-by
Joomla
expires
Wed, 17 Aug 2005 00:00:00 GMT
3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css
cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/ Frame EED6 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=de&aid=2228110&target_aid=2228110&banner_id=108288&tmpl=affiliate_banner&fid=1706980396229&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
258a405249df1898ae210d562b7a73457c378e5686bc45a66f2bf709bac59e3d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 05:44:10 GMT
content-encoding
br
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
JFK50-P7
age
1596546
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 08 Aug 2022 08:50:38 GMT
server
nginx
etag
W/"62f0ce5e-1931"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
IJfghMWUaOFROrC-Vz9BKoQr9vhzvNIowKOsNlfSXzAogEwv_0ognQ==
expires
Thu, 15 Feb 2024 05:44:10 GMT
8f8f91594b07c3401aee5de300e3d1acd54221f6.jpg
r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/728_six/ Frame EED6 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/728_six/8f8f91594b07c3401aee5de300e3d1acd54221f6.jpg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
76f0b5a18dc303c68602fb8f2c374cb22ebdfe2167e3dbbe0d7f534f1bd7f5c0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 10:05:44 GMT
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
JFK50-P7
age
1148852
x-cache
Hit from cloudfront
content-length
21876
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:48 GMT
server
nginx
etag
"5cadd1cc-5574"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rfgSsUGC6pKU9bnsIkNcdm6EaQGsG3CuFYN00c57cyHbmco5Rcnr3Q==
expires
Tue, 20 Feb 2024 10:05:44 GMT
beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff
cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/ Frame EED6 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=de&aid=2228110&target_aid=2228110&banner_id=108288&tmpl=affiliate_banner&fid=1706980396229&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:49:58 GMT
via
1.1 d07915e7a5c22513f7a2f462a7421cce.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
JFK50-P7
age
1038198
x-cache
Hit from cloudfront
content-length
24852
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:48 GMT
server
nginx
etag
"5cadd1cc-6114"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
jy8-1puan5mh6LmKPsCZnDsnJrH_BOAqULq3JQDtrvDw5ePkLCWnIw==
expires
Wed, 21 Feb 2024 16:49:58 GMT
0195055111ead85a393fabc53dd83aeb06040b75.svg
r.bstatic.com/static/affiliate_base/img/banners/bookingLogos/booking-com-logo-dark-backgrounds-mono/ Frame EED6 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.bstatic.com/static/affiliate_base/img/banners/bookingLogos/booking-com-logo-dark-backgrounds-mono/0195055111ead85a393fabc53dd83aeb06040b75.svg
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
754da64c4a7344dc24cfd8a781b834e9c2251b8c0bd218c3b582f745e56f44e1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 10:04:15 GMT
content-encoding
br
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
JFK50-P7
age
1148941
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 08 Aug 2022 08:50:41 GMT
server
nginx
etag
W/"62f0ce61-2110"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
15ANdNOgj_jmZDmEZCHWkH8w9leicXb9G1wCnHpqZ5pp_hcR7FsG5w==
expires
Tue, 20 Feb 2024 10:04:15 GMT
5fed8c51212b08fc2d6eecc876d4ee88acb855f7.png
r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_side_104/ Frame EED6 		450 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_side_104/5fed8c51212b08fc2d6eecc876d4ee88acb855f7.png
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:6200:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
630ff3f5e3fb3bc8d9f615285a6a9c7cbe291e4500f5db996293a58a65e0ee5c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cf.bstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 10:23:48 GMT
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
JFK50-P7
age
1147768
x-cache
Hit from cloudfront
content-length
450
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:47 GMT
server
nginx
etag
"5cadd1cb-1c2"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
iQDiGqNyr9kXwZcr1W-NgFubmlVrG47a-WNnj4Ms32AQWyfIwWKE2w==
expires
Tue, 20 Feb 2024 10:23:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js?bust=31080837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72255e8d9432fd3702c332b36d2a872fbea2101666c3794120c75ad698beab1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12432
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_fy2021.js?bust=31080837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 17:13:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 16D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
95813
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 14:36:23 GMT
expires
Sat, 01 Feb 2025 14:36:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5EF1 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a04013501a9489ab34cf7591a822d8fdbba75355891cdea3f04f7ef67368a1a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yWzNk4Per96j5Nz6r6TXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://js-grinseln.wsi-demo.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yWzNk4Per96j5Nz6r6TXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Feb 2024 17:13:17 GMT
expires
Sat, 03 Feb 2024 17:13:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 16D0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 20:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 20:09:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5EF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=3256683557801135&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 16D0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LWOqrg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 17:13:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=3256683557801135&bg=!fH-lfzDNAAa8BdJLnAU7ADQBe5WfOH7vSIvzlbSaE3EGS7Em3PZMpdMA2vU7PtA-QEQAp1v-ZRsAOWk2VCv1EOLkqWkJAgAAAGVSAAAAAmgBBwoATaOmaeKzt1pEXVw_HuDQ51jbbqtsfr6qGEXMC1jWmvZwDIxGCSTB1mFgBVMkI5q-cuPXLAHfeo_0rCL3-ZMiJHXzXurxg8mGQ2YSvJJwmQLS-yoH9MxAFmKTZsYwTciLI1IWVSylzaVXabspcHk5hR-gZwu8WnLzmxJ2Q2d-CQYbL6iGsrVrI0Ttwyi2Lx_nLIoqHV0etS24bYyorr7t1of1eQkZhbXHjlJcnH1BziBg9mksdgTGuWyz5fU9Q36hxORN4teHwJbO4u6OBUKz1mcKL0sgaM4Wk0M9l3dZbcKs7QDEmLsbAZiRyFTQ19YgwG2mwO56HQHOgJI_5BfaGkE1ThQo0W1jSN_BnEgEWwSszq1ZP-bl3akn3vKU98-Hsvyrwlu94oz8qMgCZpDbHz4LxclYFhoZcQ-bcYdHcWhaIMNrr-0xm43ZDFmSF9C1-_QAd3g8ZyP2reM_Y9d5ON94lR2DbOe81M5XgzI2CEnfiilnC80UShSMN7cHzti9KWtpEwUCPk5bYS8qAlsXqDoVc99R1U7a7HmThn2xJLMPaaptR3IoGdrjLr_3awoQOVr8A7-VbpqOQQ37FB9_2tulzx1zYXlb3SglMOSSe4mYmS9HAU-8NLrgZs2gg-0Ne063q8PiY79pyxxytNs2DaL1Ah11PTNYdPwHPz8rls4AYQJWPnVKIjm6oX8w5jT9nlRcqAO2sSdALE5N_7GNbUA7CSzbdwKBjvhwHDShT5BVueX_1qI__e4wTp1HZnvt6vAQDDomInW2O2vWL5tiRPuLpXeynFSemJ5iFeZxsMaCXN1RVd8_SDt37jzW0uH46w0TQHbtXlhz90QX0oUdqaXimpd3OvaB83V20jQPnJOv8NEopThypv2sg-oZMNlTd1PmL1EAPxO5bBWBg8c-x4F8HAQp_uBWU8KohGzRdlx2ZR-lorS8tEKl7VF_298qaIWCyk6RPYVZsif4GxW66ILNbBLKkr5vLP3dds1t0lvlsJmzESFgCWCb3pfNozAePzqCZUiw9CNOZvXoTFCmi6fb1LIMPcC93AFpNMUWzUBozMc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js-grinseln.wsi-demo.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
index.php
js-grinseln.wsi-demo.de/ 		2 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js-grinseln.wsi-demo.de/index.php?option=com_jrealtimeanalytics&format=json
Requested by
Host: js-grinseln.wsi-demo.de
URL: https://js-grinseln.wsi-demo.de/media/vendor/jquery/js/jquery.min.js?3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.144.187.21 , Germany, ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://js-grinseln.wsi-demo.de/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 03 Feb 2024 17:13:20 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Sat, 03 Feb 2024 17:13:20 GMT
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-disposition
attachment; filename="joomla.json"
x-content-encoded-by
Joomla
expires
Wed, 17 Aug 2005 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery object| bootstrap function| sanitizeHtml object| Joomla undefined| resizeTimer number| droppicsSriptImageloadedLoaded number| w number| h object| utils object| componentNamespace object| bodyScrollLock string| COM_JREALTIME_NETWORK_ERROR string| jrealtimeBaseURI object| gdprConfigurationOptions string| gdpr_ajax_livesite number| gdpr_enable_log_cookie_consent object| adsbygoogle function| _i_ function| _r_ object| BookingAff object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| sendScrollPositionToTBE2 function| tbe2Resize function| iFrameResize function| JRealtimeStream function| JRealtimeHeatmap object| $jscomp object| cookieconsent boolean| plgGdprAllCookiesDisabledByScript object| plgGdprObserverMutationTags boolean| plgGdprCustomScriptExecutionGeneric boolean| detectedOldIPhone undefined| iphone4 undefined| iphone5 function| plgGdprDisableAllCookies function| plgGdprShowReloadWindow function| plgGdprCssEscape number| google_rum_task_id_counter function| droppicsColorboxInit object| onepageNavLinks function| mobileCheck boolean| isTouchDevice object| $toggle undefined| gdprIsCookieConsentPresent object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
js-grinseln.wsi-demo.de/ Name: db4aab138f2632e180e5c3dfa4e84cea
Value: 480bdcc134d867745c0fdc66237a931a
.awin1.com/ Name: awpv10102
Value: 394977|1706980395
.awin1.com/ Name: AWSESS
Value: 415155:2902238
.doubleclick.net/ Name: IDE
Value: AHWqTUnM34S802nu55TbbD64Huh6Qr-7E9JlCAJuDWU8XLp1P1jSEffwKGsvLpq_
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk9VFRi41fIni8RQYFQdixR5MRVhU%2BdMK2vPtvZzGtPsgZXso77tfSqimLjx3tIhYVE3XG0joXWpJU4YNVtM61aJXke6%2Bm4l4w4Ogh2n9aVpWOrtnazGV7iaEcz6k%2FLR48vWwPeXWOqe8BsVEzn1Yru

10 Console Messages

Source Level URL
Text
security warning URL: https://js-grinseln.wsi-demo.de/
Message:
Mixed Content: The page at 'https://js-grinseln.wsi-demo.de/' was loaded over HTTPS, but requested an insecure element 'http://www4.srpa.de/advertImg/dsi/468x60/Griechenland.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://js-grinseln.wsi-demo.de/(Line 843)
Message:
Mixed Content: The page at 'https://js-grinseln.wsi-demo.de/' was loaded over HTTPS, but requested an insecure element 'http://www4.srpa.de/advertImg/dsi/468x60/Griechenland.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://js-grinseln.wsi-demo.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3861612286702947&output=html&h=60&slotname=7992614489&adk=808388550&adf=1255170682&pi=t.ma~as.7992614489&w=468&lmt=1706980394&format=468x60&url=https%3A%2F%2Fjs-grinseln.wsi-demo.de%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706980395721&bpp=4&bdt=968&idt=144&shv=r20240131&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=7345778718506&frm=20&pv=2&ga_vid=1816881884.1706980396&ga_sid=1706980396&ga_hid=2124088805&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080658%2C31080837%2C95320869%2C95324155%2C95324160&oid=2&pvsid=3256683557801135&tmod=1873383838&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=159
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://js-grinseln.wsi-demo.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js-grinseln.wsi-demo.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js-grinseln.wsi-demo.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js-grinseln.wsi-demo.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js-grinseln.wsi-demo.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js-grinseln.wsi-demo.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf.bstatic.com
googleads.g.doubleclick.net
js-grinseln.wsi-demo.de
pagead2.googlesyndication.com
r.bstatic.com
tpc.googlesyndication.com
travelsystem.de
tui-online.de
www.awin1.com
www.booking.com
www.google.com
www4.srpa.de
18.196.95.44
23.1.196.33
2600:9000:2512:6200:5:bf05:acc0:93a1
2607:f8b0:4006:809::2004
2607:f8b0:4006:80d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2002
2a02:2e0:41b:1030:f:0:11:11
45.144.187.21
52.85.61.64
62.128.18.22
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00ecc0b8180f65011cca123a402f850f9b8275b493184fd8376c42a190ee87db
05b15381bdca30f6a0069e3c2e364f4496f7a362c273c2330c15fb5b3ad55a62
0953ab3763d959cf73d3b10688ef7973499f3de164f9cca293bc8ee553beccaf
0e8bebd0bfcd72877e42c5c10b37d4e4d996c40642364a264ea44ae97aea1879
0f02335348ea4a5fce2a137fabc53fc7b5fc062003e8ff4fce3141be6170af03
148a74b0921ad78021d716e8032ede1cdaf7ed7279cefd7d2acbe906add12a68
1a7878760ac3fbb345d74bc051418aaef0acd6ac6a3d055c0783814efed369c2
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
251b55c8dbd66154c2163ee5e53808c394678405276d6ad5758e848ccd1d37be
258a405249df1898ae210d562b7a73457c378e5686bc45a66f2bf709bac59e3d
2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c
2a4c3a0c4ef9aff5355d06924c967f6025848a80e1bb9735462763039770d3b1
2b674718b51d6820106e0cbc47684870a8a4180e83868f2eb65b18c13b08b609
3b961e8e82f12168fd8e04ab46f9b596aae9c7fa0ac8066112176957f336114b
43286772a83ce259efb9e243953860ff86822af772b624994d2e69b16b5e963c
495743ad9e6a679ad4c090941d4d44f86ea506c5904dc4a894f65cd972b719f6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630ff3f5e3fb3bc8d9f615285a6a9c7cbe291e4500f5db996293a58a65e0ee5c
635d907a4150f077cb8e47cf2be557c684bbc2ffe52383dd012cb076a2e1ee43
64169ab553b276786030863e7fb66e5199d3dfe46ffc9b0e568e4c3e732c848f
69de0e4eea357023848b7c6783ae4e2ab3e07ab8f881f25d1b5ce5715d667e75
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
70afa630568bdfee5b7ce97098eeb038d6a1bb9af0a406dd0682efc9c00a2a29
72255e8d9432fd3702c332b36d2a872fbea2101666c3794120c75ad698beab1e
754da64c4a7344dc24cfd8a781b834e9c2251b8c0bd218c3b582f745e56f44e1
76202c41c9fe1751890db288c11326493ed5804b58eb8b422ad76472c51ffd3d
76bdd6372b279e403fd7e458a68b0459c89965be8c78f1c52d29c21485d55395
76f0b5a18dc303c68602fb8f2c374cb22ebdfe2167e3dbbe0d7f534f1bd7f5c0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bb8abf37067c9bace633ec1af10c5420587061691910cd4bf127385c8bda5bc
7bc049f35a4f98c886da303d962000f7fa3438dc5aa4d55a83ef6ba824b08575
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8aae1318fc4db273999c16db9351b4fbece663dc52561781d8c0f97a3ab3565e
8eff4b22acc42f468a6032dd57d382a5d03146fce198972493eaa693724ac0b1
9187c9955fae426431bebae830ae6a5b889744adf4e59a48d94641e7d38db7ca
94ded34167c62e506fbe18a87e648ca1eac72c9556d469ed3ee51a2d80fe756d
9a91bcec61bd280a01048dda0c906b2af60dbe4e2f0488fd2faae99d1ebd8710
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c
a04013501a9489ab34cf7591a822d8fdbba75355891cdea3f04f7ef67368a1a8
a2e4b76ca46fcd2899340b93a20f93b33dd82e63c7f0437bf40c592b04edbbb7
aa9c393e3c42f8c5d0b24bb39314e5894961a0dbc99adfee9b0b1dd97978879c
ab9b6fb6e9491507f98fd4c081b9c3213664d446d51168d2bfb9665dbc57cb8b
adea0330e64909cd83cd93cf178716149ea65f0c71fbb8ef64ccd8ad987dde24
b2780d4cc319da7a668fa616e02c74f77835975dd95c989340dc2538709ae805
b2c480d1885e3d01d62561717b8604d20b42dc1e1c91effa6b09c23a48f929dc
b7f96b266a595e7b32124f6a2c362020ef0ca474dc6300b31cd42623057442c6
d5df61eaac599477e22565dae2deedea5dba9862dd3cc078685baeb8c4ccdc91
dd34784ef520c494e64b176fd5e6098e76d21a6df97c249a08e2f9b01ba29f7a
e046ab33644911b6a4f692c0ba139aaa65c44d118529cf2df38354671b9ad739
e313fb50aa2cf196c03b31b41117dd227fe1a5f8e1e65d8e84d8a54b8e7c0b56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3d38ac4a48d76a15a2096e22361711c0efbd096c1a28bc8e013c11a6b83e24b
f534a736511d57e6673f4751edef892b97c95f0c609d22da3ba31d495c2fa0e6
fb755828679664b13119142d205a9c01ccf53beb818306e85ed206c2dc1bc30f
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff72500ad99a022a642521f036c66a845291658f7898ec19622dbf3a2e3e36a5