Submitted URL: http://188.68.49.140/
Effective URL: http://188.68.49.140/de
Submission: On January 13 via manual — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 188.68.49.140, located in Sassenburg, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is 188.68.49.140.
This is the only time 188.68.49.140 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
114 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6151
612 B
2 google.com
www.google.com — Cisco Umbrella Rank: 8
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
16 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
7 KB
28 7
Domain Requested by
3 www.googletagmanager.com 188.68.49.140
2 www.google.de 188.68.49.140
2 www.google.com 1 redirects 188.68.49.140
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdnjs.cloudflare.com 188.68.49.140
28 8

This site contains links to these domains. Also see Links.

Domain
certitude.consulting
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 1 frames:

Primary Page: http://188.68.49.140/de
Frame ID: 9577755A9FB2108BCE43835081AD9A2B
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Certitude Consulting Wien - Informationssicherheit - Information Security

Page URL History Show full URLs

  1. http://188.68.49.140/ HTTP 302
    http://188.68.49.140/de Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)

Page Statistics

28
Requests

39 %
HTTPS

78 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

805 kB
Transfer

1391 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://188.68.49.140/ HTTP 302
    http://188.68.49.140/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://www.googletagmanager.com/gtag/js?id=AW-757629512&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=AW-757629512&l=dataLayer&cx=c
Request Chain 24
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&auid=216803405.1642064359&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5-nfYe_WH67Bx_APgJeA6A4&sscte=1&crd=CNPgGw HTTP 302
  • https://www.google.com/pagead/1p-conversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&auid=216803405.1642064359&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=5-nfYe_WH67Bx_APgJeA6A4&random=1677486933&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&auid=216803405.1642064359&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=5-nfYe_WH67Bx_APgJeA6A4&random=1677486933&resp=GooglemKTybQhCsO&ipr=y&prhg=0

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request de
188.68.49.140/
Redirect Chain
  • http://188.68.49.140/
  • http://188.68.49.140/de
28 KB
5 KB
Document
General
Full URL
http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
5805440b482fda846d2968fbf20d86a6b21d81396e052a776b5238494ae43162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 13 Jan 2022 08:59:18 GMT
Server
Apache
Cache-Control
max-age=240, public, s-maxage=240
X-Content-Digest
en5805440b482fda846d2968fbf20d86a6b21d81396e052a776b5238494ae43162
Age
0
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Length
4492
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 13 Jan 2022 08:59:18 GMT
Server
Apache
Cache-Control
no-cache, private
Location
/de
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Length
256
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
all.min.css
188.68.49.140/assets/css/
53 KB
12 KB
Stylesheet
General
Full URL
http://188.68.49.140/assets/css/all.min.css
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 24 Feb 2019 22:49:21 GMT
Server
Apache
ETag
"d4b8-582aba281fe40-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
11814
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=98
main.min.css
188.68.49.140/assets/css/
219 KB
30 KB
Stylesheet
General
Full URL
http://188.68.49.140/assets/css/main.min.css
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
3ede9ca0c2dafddd2e409c8364ee2d022d8c428a1ea3dc1703722b6fcccf4475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Jul 2020 14:45:29 GMT
Server
Apache
ETag
"36c64-5ab08ca7f9440-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
30499
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
addition_seo.css
188.68.49.140/assets/css/
494 B
713 B
Stylesheet
General
Full URL
http://188.68.49.140/assets/css/addition_seo.css
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
414297d04e02c6c83232eade7d05781842853da70cf471ab9c3e22bee2de54e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 10 Dec 2019 10:31:26 GMT
Server
Apache
ETag
"1ee-5995703a67b80-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
225
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
js
www.googletagmanager.com/gtag/
91 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135413723-1
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bec806ee157decc521004539665764cf0ea0cc838fd34de4852033210fcf5f82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:59:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36627
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jan 2022 08:59:19 GMT
js
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-757629512
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39737a723541a55c827b6c99f08cbf6b46b896e4b4dcc5fecd431801c25a68c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:59:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39952
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jan 2022 08:59:19 GMT
certitude_logo.svg
188.68.49.140/assets/img/
4 KB
5 KB
Image
General
Full URL
http://188.68.49.140/assets/img/certitude_logo.svg
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
c31dab81ba072454d46dbe12214f76bc2b45c88a05326686a4736bdb78336732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 24 Feb 2019 03:03:32 GMT
Server
Apache
ETag
"1063-5829b11b26900"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4195
X-XSS-Protection
1; mode=block
Certitude.jpg
188.68.49.140/media/37/download/
189 KB
189 KB
Image
General
Full URL
http://188.68.49.140/media/37/download/Certitude.jpg?v=2
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
5d756e2d952d178a1b7189d7f246f94848c87981137bb0b3b9c0ff11f65e420b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
X-Content-Type-Options
nosniff
Age
0
Content-Disposition
attachment; filename=certitude.jpeg; filename*=utf-8''Certitude.jpg
Connection
Keep-Alive
Content-Length
193082
X-XSS-Protection
1; mode=block
X-Content-Digest
ene3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Last-Modified
Tue, 05 Mar 2019 23:35:10 GMT
Server
Apache
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Adrian%20Almasan-62.jpg
188.68.49.140/media/62/download/
139 KB
139 KB
Image
General
Full URL
http://188.68.49.140/media/62/download/Adrian%20Almasan-62.jpg?v=1
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
1f13199950ae2ff3bcfa6f85379bfd8e5f9215412fcdc481adfbb1177e16e784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
X-Content-Type-Options
nosniff
Age
0
Content-Disposition
attachment; filename=adrian-almasan-62.jpeg; filename*=utf-8''Adrian%20Almasan-62.jpg
Connection
Keep-Alive
Content-Length
142068
X-XSS-Protection
1; mode=block
X-Content-Digest
ene3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Last-Modified
Wed, 06 Oct 2021 16:03:46 GMT
Server
Apache
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Adrian%20Almasan-66.jpg
188.68.49.140/media/63/download/
144 KB
144 KB
Image
General
Full URL
http://188.68.49.140/media/63/download/Adrian%20Almasan-66.jpg?v=1
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
4f5336efb430b1fdb1c210eefe7731ecf3f603c1fd4c5dd6a0d7713ffc2e2584
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
X-Content-Type-Options
nosniff
Age
0
Content-Disposition
attachment; filename=adrian-almasan-66.jpeg; filename*=utf-8''Adrian%20Almasan-66.jpg
Connection
Keep-Alive
Content-Length
147201
X-XSS-Protection
1; mode=block
X-Content-Digest
ene3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Last-Modified
Wed, 06 Oct 2021 16:03:56 GMT
Server
Apache
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Cache-Control
public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://188.68.49.140/
Origin
http://188.68.49.140
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:59:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
659988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6451
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwuM4F6%2Fi1ejTpB4dBTLNw0NLc8t5B68UVxIOIMgZxWdENfFHq3C9471oB1AhlZIIlf2LqxfpUkzHf8PyOv7DJpUO%2BJ9gwxof%2FBr1xIEa6m%2F4y3ilN%2FIjDSlDhBF%2Br7gP%2F7gc3IQGg3G7H4TSGxiEiBe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ccd6d8409256993-FRA
expires
Tue, 03 Jan 2023 08:59:19 GMT
vendor.js
188.68.49.140/assets/js/
142 KB
45 KB
Script
General
Full URL
http://188.68.49.140/assets/js/vendor.js
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
50a8422567c7367fec63baa0ee5d6883c1a5e17e9f725c4885c232c295009fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Mar 2019 22:43:34 GMT
Server
Apache
ETag
"23668-5840189209180-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
45265
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
main.min.js
188.68.49.140/assets/js/
5 KB
2 KB
Script
General
Full URL
http://188.68.49.140/assets/js/main.min.js
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
9e770c224205b1c205e20bd47e087c804107544fd0cc9729745299d2c6d75e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Oct 2019 13:07:30 GMT
Server
Apache
ETag
"1447-595a7b73f2880-gzip"
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1531
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=99
roboto-regular.woff2
188.68.49.140/assets/fonts/
15 KB
16 KB
Font
General
Full URL
http://188.68.49.140/assets/fonts/roboto-regular.woff2
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/assets/css/main.min.css
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
636b9f6e86e6ddb29f2c542a2ac8df470af354cc57ff45bd4892ddcbe9badfe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://188.68.49.140/assets/css/main.min.css
Origin
http://188.68.49.140
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Feb 2019 09:41:23 GMT
Server
Apache
ETag
"3da4-581c35843d6c0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15780
X-XSS-Protection
1; mode=block
robotomono-regular.woff2
188.68.49.140/assets/fonts/
16 KB
17 KB
Font
General
Full URL
http://188.68.49.140/assets/fonts/robotomono-regular.woff2
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/assets/css/main.min.css
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
4afcda0f9981f668bf13f6931dc37a5bc619efafbb942ccd4344c8b58e2cd516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://188.68.49.140/assets/css/main.min.css
Origin
http://188.68.49.140
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Feb 2019 09:41:23 GMT
Server
Apache
ETag
"41c0-581c35843d6c0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
16832
X-XSS-Protection
1; mode=block
icomoon.ttf
188.68.49.140/assets/fonts/
1 KB
2 KB
Font
General
Full URL
http://188.68.49.140/assets/fonts/icomoon.ttf?4i3bt4
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/assets/css/main.min.css
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
7fd5115e8eea72a032c895bbf24bcadf3a9fd96cf860e26d960718f4cb5c31b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://188.68.49.140/assets/css/main.min.css
Origin
http://188.68.49.140
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Jan 2019 14:17:04 GMT
Server
Apache
ETag
"544-58020bf849800"
X-Frame-Options
sameorigin
Content-Type
font/ttf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1348
X-XSS-Protection
1; mode=block
frankruhllibre-regular.woff2
188.68.49.140/assets/fonts/
20 KB
20 KB
Font
General
Full URL
http://188.68.49.140/assets/fonts/frankruhllibre-regular.woff2
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/assets/css/main.min.css
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
4f18eaf685ab37358ac3a511a35b25b1186deede881762e18a8cfd6e14a23d54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://188.68.49.140/assets/css/main.min.css
Origin
http://188.68.49.140
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Feb 2019 09:41:23 GMT
Server
Apache
ETag
"5038-581c35843d6c0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
20536
X-XSS-Protection
1; mode=block
robotomono-bold.woff2
188.68.49.140/assets/fonts/
16 KB
17 KB
Font
General
Full URL
http://188.68.49.140/assets/fonts/robotomono-bold.woff2
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/assets/css/main.min.css
Protocol
HTTP/1.1
Server
188.68.49.140 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
v2202012136597136722.happysrv.de
Software
Apache /
Resource Hash
c1939c680eb76493fd37fe31082942b27224716ec62087ee230c1038e2f41f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://188.68.49.140/assets/css/main.min.css
Origin
http://188.68.49.140
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 08:59:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Feb 2019 09:41:23 GMT
Server
Apache
ETag
"4100-581c35843d6c0"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
16640
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135413723-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5065
date
Thu, 13 Jan 2022 07:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 13 Jan 2022 09:34:54 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=AW-757629512&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=AW-757629512&l=dataLayer&cx=c
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-757629512&l=dataLayer&cx=c
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
H2
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d3c1077123793eadfba93c1a288262e03dc932d733a36b93a6c78e98923763e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:59:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39971
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jan 2022 08:59:19 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=AW-757629512&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
conversion_async.js
www.googleadservices.com/pagead/
38 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-757629512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14835
x-xss-protection
0
server
cafe
etag
2630088915750441828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Jan 2022 08:59:19 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1158010535&t=pageview&_s=1&dl=http%3A%2F%2F188.68.49.140%2Fde&ul=en-us&de=UTF-8&dt=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1558137855&gjid=1511133831&cid=31802628.1642064359&tid=UA-135413723-1&_gid=387131127.1642064359&_r=1&gtm=2ou1a0&z=718638603
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://188.68.49.140/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:59:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://188.68.49.140
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/757629512/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757629512/?random=1642064359452&cv=9&fst=1642064359452&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f24d9816730fd8c172a24ad7ecab70dea64d54eb926369330b983494f68de68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1065
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/757629512/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/757629512/?random=1642064359455&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&auid=216803405.1642064359&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e6ecdf9cb585528bfbc817afaf296d1d4ac37d89012ef7e2f1939b4daa732ef0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1190
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135413723-1&cid=31802628.1642064359&jid=1558137855&gjid=1511133831&_gid=387131127.1642064359&_u=YEBAAUAAAAAAAC~&z=1180770945
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://188.68.49.140/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 13 Jan 2022 08:59:19 GMT
content-type
text/plain
access-control-allow-origin
http://188.68.49.140
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/757629512/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
  • https://www.google.de/pagead/1p-conversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&auid=216803405.1642064359&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=5-nfYe_WH67Bx_APgJeA6A4&random=1677486933&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:59:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/757629512/?random=1278528720&cv=9&fst=1642064359455&num=1&label=DTI5COa2jqoBEMiEoukC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&auid=216803405.1642064359&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=5-nfYe_WH67Bx_APgJeA6A4&random=1677486933&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/757629512/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/757629512/?random=1642064359452&cv=9&fst=1642060800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&async=1&fmt=3&is_vtc=1&random=2370980692&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/757629512/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/757629512/?random=1642064359452&cv=9&fst=1642060800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1a0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F188.68.49.140%2Fde&tiba=Certitude%20Consulting%20Wien%20-%20Informationssicherheit%20-%20Information%20Security&async=1&fmt=3&is_vtc=1&random=2370980692&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: 188.68.49.140
URL: http://188.68.49.140/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://188.68.49.140/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange function| gtag object| dataLayer function| Popper function| $ function| jQuery object| bootstrap object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
188.68.49.140/ Name: _gcl_au
Value: 1.1.216803405.1642064359
188.68.49.140/ Name: _ga
Value: GA1.1.31802628.1642064359
188.68.49.140/ Name: _gid
Value: GA1.1.387131127.1642064359
188.68.49.140/ Name: _gat_gtag_UA_135413723_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
googleads.g.doubleclick.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.130
188.68.49.140
2606:4700::6810:135e
2a00:1450:4001:802::2004
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:400c:c06::9a
0f24d9816730fd8c172a24ad7ecab70dea64d54eb926369330b983494f68de68
1f13199950ae2ff3bcfa6f85379bfd8e5f9215412fcdc481adfbb1177e16e784
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
39737a723541a55c827b6c99f08cbf6b46b896e4b4dcc5fecd431801c25a68c1
3ede9ca0c2dafddd2e409c8364ee2d022d8c428a1ea3dc1703722b6fcccf4475
414297d04e02c6c83232eade7d05781842853da70cf471ab9c3e22bee2de54e8
4afcda0f9981f668bf13f6931dc37a5bc619efafbb942ccd4344c8b58e2cd516
4f18eaf685ab37358ac3a511a35b25b1186deede881762e18a8cfd6e14a23d54
4f5336efb430b1fdb1c210eefe7731ecf3f603c1fd4c5dd6a0d7713ffc2e2584
50a8422567c7367fec63baa0ee5d6883c1a5e17e9f725c4885c232c295009fbc
5805440b482fda846d2968fbf20d86a6b21d81396e052a776b5238494ae43162
5d756e2d952d178a1b7189d7f246f94848c87981137bb0b3b9c0ff11f65e420b
636b9f6e86e6ddb29f2c542a2ac8df470af354cc57ff45bd4892ddcbe9badfe3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3c1077123793eadfba93c1a288262e03dc932d733a36b93a6c78e98923763e
7fd5115e8eea72a032c895bbf24bcadf3a9fd96cf860e26d960718f4cb5c31b2
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9e770c224205b1c205e20bd47e087c804107544fd0cc9729745299d2c6d75e84
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bec806ee157decc521004539665764cf0ea0cc838fd34de4852033210fcf5f82
c1939c680eb76493fd37fe31082942b27224716ec62087ee230c1038e2f41f0e
c31dab81ba072454d46dbe12214f76bc2b45c88a05326686a4736bdb78336732
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e6ecdf9cb585528bfbc817afaf296d1d4ac37d89012ef7e2f1939b4daa732ef0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e