heizoel-online.net Open in urlscan Pro
104.21.16.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heizoel-online.net/
Effective URL:
https://heizoel-online.net/
Submission: On December 17 via manual (December 17th 2024, 8:22:09 am UTC) from DE — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 33 HTTP transactions. The main IP is 104.21.16.1, located in and belongs to CLOUDFLARENET, US. The main domain is heizoel-online.net.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.

This is the only time heizoel-online.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	104.21.16.1 104.21.16.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.122.53 18.66.122.53	16509 (AMAZON-02) (AMAZON-02)
2	104.18.186.31 104.18.186.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
3	34.96.65.117 34.96.65.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	35.172.245.152 35.172.245.152	14618 (AMAZON-AES) (AMAZON-AES)
5	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2 4	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
33	11

8 104.21.16.1 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

heizoel-online.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-53.fra60.r.cloudfront.net

ob.esnlocco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.65.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.65.96.34.bc.googleusercontent.com

monitor.fraudblocker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.172.245.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-245-152.compute-1.amazonaws.com

obs.esnlocco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	heizoel-online.net 1 redirects heizoel-online.net	237 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182	7 KB
6	esnlocco.com ob.esnlocco.com — Cisco Umbrella Rank: 115741 obs.esnlocco.com — Cisco Umbrella Rank: 100419	153 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3	633 B
3	fraudblocker.com monitor.fraudblocker.com — Cisco Umbrella Rank: 77568	25 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	98 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	51 KB
33	8

	Domain	Requested by
8	heizoel-online.net	1 redirects heizoel-online.net
5	www.google.com	www.googletagmanager.com heizoel-online.net
5	obs.esnlocco.com	ob.esnlocco.com heizoel-online.net
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com ob.esnlocco.com
3	td.doubleclick.net	www.googletagmanager.com ob.esnlocco.com
3	monitor.fraudblocker.com	heizoel-online.net monitor.fraudblocker.com ob.esnlocco.com
2	www.googleadservices.com	1 redirects ob.esnlocco.com
2	www.googletagmanager.com	heizoel-online.net www.googletagmanager.com
2	cdn.jsdelivr.net	heizoel-online.net
1	ob.esnlocco.com	heizoel-online.net
33	10

This site contains no links.

Subject Issuer	Validity	Valid
heizoel-online.net WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
*.esnlocco.com Amazon RSA 2048 M03	`2024-03-06` - `2025-04-04`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
monitor.fraudblocker.com WR3	`2024-11-27` - `2025-02-25`	3 months	crt.sh
www.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
www.googleadservices.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://heizoel-online.net/
Frame ID: 9843964ADAE9EC04476C8D56FC280A63
Requests: 26 HTTP requests in this frame

Frame: https://heizoel-online.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 76DEEBB4201840F0F1E0168A85A15C7E
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16672483340?random=1734423724258&cv=11&fst=1734423724258&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 1E80CDE2171C65FBABF6402BADDF0F9E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fheizoel-online.net
Frame ID: 7F4CA64FCFD236809B8A2FE6568C5BEE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16672483340?random=1734423724659&cv=11&fst=1734423724659&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E9C4B8B35C313734C6DD6979DCE9EA90
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16672483340?random=1734423724667&cv=11&fst=1734423724667&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&label=PvZnCM62tvQZEIzQh44-&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&gtm_ee=1&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Frame ID: 818312143BA0598401A11A0EAD773AB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heizöl günstig bestellen - heizoel-online.net

Page URL History Show full URLs

http://heizoel-online.net/ HTTP 307
https://heizoel-online.net/ HTTP 307
http://heizoel-online.net/ HTTP 307
https://heizoel-online.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

33
Requests

85 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

572 kB
Transfer

1366 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heizoel-online.net/ HTTP 307
https://heizoel-online.net/ HTTP 307
http://heizoel-online.net/ HTTP 307
https://heizoel-online.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://heizoel-online.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://heizoel-online.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

Request Chain 18

https://www.googleadservices.com/pagead/conversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0&ct_cookie_present=false&random=1144522617&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIkK-R8K-uigMVTY39Bx3dfhBOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC8 HTTP 302
https://www.google.com/pagead/1p-conversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0&ct_cookie_present=false&random=1144522617&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIkK-R8K-uigMVTY39Bx3dfhBOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC8&is_vtc=1&cid=CAQSKQCa7L7dp-PbKLUEbO37zRQffcUtXrVcJIaa-cHo_ZtOaGdXR9ZMOto-&random=585911816

Request Chain 25

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/?random=1639008886&cv=11&fst=1734423724667&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&label=PvZnCM62tvQZEIzQh44-&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&gtm_ee=1&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIm62R8K-uigMV7ZP9Bx1ehwL0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC9CV0NoQUlnTi1FdXdZUTdZaUM2YkRlaU0xQkVpMEFtb3F3QVpmRzJDTHJVN01pcTUwX3ZYT0xhdWVjdXBWNDdPVzdHek80RnlFVEsxQzJybHRmdEtUZWs5QQ HTTP 302
https://www.google.com/pagead/1p-conversion/16672483340/?random=1639008886&cv=11&fst=1734423724667&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&label=PvZnCM62tvQZEIzQh44-&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&gtm_ee=1&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIm62R8K-uigMV7ZP9Bx1ehwL0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC9CV0NoQUlnTi1FdXdZUTdZaUM2YkRlaU0xQkVpMEFtb3F3QVpmRzJDTHJVN01pcTUwX3ZYT0xhdWVjdXBWNDdPVzdHek80RnlFVEsxQzJybHRmdEtUZWs5QQ&is_vtc=1&cid=CAQSKQCa7L7d49doWIBA56g0hYpVMTU71tZes1MbEOFQW_bpMaK8w9anTfPM&random=3019040129

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heizoel-online.net/
Redirect Chain

http://heizoel-online.net/
https://heizoel-online.net/
http://heizoel-online.net/
https://heizoel-online.net/

13 KB
5 KB

2536ms
2536ms

Document
text/html

104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heizoel-online.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.14 PleskLin
Resource Hash: c6df19355a80711fc5c32dfed6942564ff8a55c28421b78432cd6fe2cbfd6c42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f3580b318e5e3d8-OTP
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 08:22:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7k1oSYPuE0wruKALo7qSiDF11cs%2BSLOuuj70i%2FHciuZwJoxMekS6U6focKzl%2BBq2GNr%2F5DP9ihjpurvmZiSeCr5zqQ6PuxdpvbOC8a38gUrH6UdXgWue5wUWYALERH9EGeBabAU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=26100&min_rtt=26037&rtt_var=4151&sent=11&recv=14&lost=0&retrans=0&sent_bytes=3901&recv_bytes=2375&delivery_rate=154699&cwnd=253&unsent_bytes=0&cid=1d596924f6135f0f&ts=4863&x=0"
vary: Accept-Encoding
x-powered-by: PHP/8.3.14 PleskLin

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://heizoel-online.net/
Non-Authoritative-Reason: DNS

GET
H2 200 078f170d19dae0437fd4f071956f8641.js Show response
ob.esnlocco.com/i/ 469 KB
151 KB 1700ms
138ms Script
text/javascript 18.66.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js
Requested by: Host: heizoel-online.net
URL: https://heizoel-online.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-53.fra60.r.cloudfront.net
Software: Caddy /
Resource Hash: 7a4e04df4023f466699006bc4c2b7d8f44149b61b41416e7158c3613d5e469cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "754ba-jir1Yw9gS0dimPz+KxRE/Hp6x/o"
age: 40227
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
expires: Tue, 17 Dec 2024 09:11:36 GMT
x-cache: Hit from cloudfront
content-length: 154294
x-amz-cf-id: SZCBzEFlqTx4aJiylnAgKe-oAa2Qch5EziPrpiUPeTU6L9en6p6unQ==
date: Mon, 16 Dec 2024 21:11:36 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: FRA60-P2

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 216 KB
26 KB 1712ms
143ms Stylesheet
text/css 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
age: 1659479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfZ0JdNnr41%2BmgR9SW4ime3qHeEcOhWdEo6ZSaw1lZjc9NnSMN%2FANBoGQ2LeKWWsJ5ANOAp2X4yHs7fSpkjfkxQqc4jI7QQXkfapVvQO%2BdzlHpMXM55W8LaOfWljqWiui0g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 17 Dec 2024 08:22:03 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220074-FRA, cache-lga21942-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f3580ce890dc9cb-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26379
server: cloudflare
x-jsd-version: 5.3.0-alpha1

GET
H2 200 custom.css
heizoel-online.net/css/ 942 B
925 B 1156ms
1155ms Stylesheet
text/css 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heizoel-online.net/css/custom.css
Requested by: Host: heizoel-online.net
URL: https://heizoel-online.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9f74edfee51d490b15c18991baddecf3af31f3dedb258194ef286312ec92fc29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "3ae-628c715d847f6-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bODeg6wDJpZJYRpA3pCUGSkpWQrX5RG7DBaKiCd8ho1Ptnyhz6yT7gGoaG4bE5O7AcXuuqz6A0ipdTHyLG0ZfYkLATGvkhu2Uqh7Wd5bSTAoUYwms4eXPMhRXWZSXD8rebwq5h4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26069&min_rtt=26021&rtt_var=1019&sent=19&recv=20&lost=0&retrans=0&sent_bytes=9142&recv_bytes=2653&delivery_rate=361048&cwnd=257&unsent_bytes=0&cid=1d596924f6135f0f&ts=5494&x=0"
date: Tue, 17 Dec 2024 08:22:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 08 Dec 2024 19:16:30 GMT
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version: 0.01
cf-ray: 8f3580c49bbbe3d8-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 403
x-powered-by: PleskLin
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
98 KB 647ms
93ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16672483340

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

07bcc79c7465ec5e69fea01b195ac5568c271b2ac59c7d18b99d8db1ba79375d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 17 Dec 2024 08:22:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 08:22:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 17 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100104
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hlogo.png
heizoel-online.net/img/ 15 KB
15 KB 1156ms
1156ms Image
image/png 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heizoel-online.net/img/hlogo.png
Requested by: Host: heizoel-online.net
URL: https://heizoel-online.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 46d7e14f6aee29e227246c015d3fc8a2257cf1bd10ffb0b3ba8e75906af67346

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cf-cache-status: MISS
etag: "6754c06e-3a7b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WODsvt1IrdoO6W7lFSGPakt%2FY8gd0Ki8rNPJBQHmj2Rjaw5UhV%2Bc4a20KVtuXTcoCFVoBxH19xOSL%2BD2rhN1rPv7XNRdYYGEXYTwR%2BoNPBW3LrJICG7t%2FwvvNWg1wk67NjZvlPA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26060&min_rtt=26007&rtt_var=590&sent=21&recv=22&lost=0&retrans=0&sent_bytes=10133&recv_bytes=2653&delivery_rate=361048&cwnd=257&unsent_bytes=0&cid=1d596924f6135f0f&ts=5524&x=0"
date: Tue, 17 Dec 2024 08:22:01 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 21:38:54 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3580c49bbce3d8-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14971
x-powered-by: PleskLin
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ 79 KB
25 KB 1671ms
102ms Script
application/javascript 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13ad7-v/eN2cAqUAirQ2QpSHOc5Yx2GyE"
age: 1469696
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQOjHch%2FS8Rla52DM35devZImbOXe9aXy%2BRZOfRw2juzNQdC8v9wSiAULYLKx4vypSNzkFdKv2nnzSuyfYGuuEGHqojI3LoX5sKyFvamtYT6YKUEJSQ145xySWGO%2BYU5iXk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Tue, 17 Dec 2024 08:22:03 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220023-FRA, cache-lga21931-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f3580ce890fc9cb-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24765
server: cloudflare
x-jsd-version: 5.3.0-alpha1

GET
H2 200 fbt.js Show response
monitor.fraudblocker.com/ 56 KB
24 KB 353ms
100ms Script
application/javascript 34.96.65.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.fraudblocker.com/fbt.js?sid=v5SoZQFcx82S_jce_hhl7
Requested by: Host: heizoel-online.net
URL: https://heizoel-online.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.65.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.65.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b0a2eb4e88ce930ac64b7b7c99ec5271eee3b610efca075ee95e1b4b866abd10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=haJ/fA==, md5=wjh8Unqv0eCnsVZGNzY1Iw==
etag: "c2387c527aafd1e0a7b1564637363523"
age: 2463
x-goog-stored-content-encoding: gzip
expires: Tue, 17 Dec 2024 11:41:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 24176
date: Tue, 17 Dec 2024 07:41:00 GMT
last-modified: Thu, 29 Feb 2024 23:59:10 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6vbZK7AiZu7Fi-rd_3FLBx4YuGrW4SC9cuUi8CYmQolH_kltdU035v4oHVQ-o0kTefGNMzigo
cache-control: max-age=14400, must-revalidate
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1709251150301007
content-length: 24176
server: UploadServer

GET
H2 200 banner.jpg
heizoel-online.net/img/ 173 KB
174 KB 249ms
249ms Image
image/jpeg 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heizoel-online.net/img/banner.jpg
Requested by: Host: heizoel-online.net
URL: https://heizoel-online.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 41cfd9d9eb8006946fbee5d26b688cf4f62da95f4e7ef278638e7ae93f8d7297

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cf-cache-status: MISS
etag: "674d5994-2b53f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FuLgYSylRi5cBRNZ%2BqSG2pMegAVydqdLiIy60Mh97E0DaNtAyYc1TDtlZNETHidtUSjHWZ3BEVz3oiLKMSUTYbBZYD875ujWT46YfAncZWOvWjh6VWdLguwDgD%2Fin5%2FMYo8a7Ls%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26092&min_rtt=25980&rtt_var=149&sent=50&recv=43&lost=0&retrans=0&sent_bytes=31273&recv_bytes=2941&delivery_rate=862963&cwnd=257&unsent_bytes=0&cid=1d596924f6135f0f&ts=7325&x=0"
date: Tue, 17 Dec 2024 08:22:03 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 06:54:12 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3580cfab4be3d8-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 177471
x-powered-by: PleskLin
server: cloudflare

GET
H2

200

main.js Show response
heizoel-online.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 76DE
Redirect Chain

https://heizoel-online.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://heizoel-online.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

9 KB
5 KB

77ms
77ms

Script
application/javascript

104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heizoel-online.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Server

104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d449ef09bfc81d41579147b595bd0dc1e3ed715cb7bfc9cad6c01cc6418c1906

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z05Fx0ghboIOaGsHm9EYh6pDX7cfrgE4RHojW9QUI7CkcvUkNS%2BzggsRraJpg5Rj9O1cHJtmOnbQyNVpn2%2FTuVnG0AqyyToaMPYi6YLsSu8XF1g2GEAiC2tBXx6Y43Emu805K3k%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f3580d08bcee3d8-OTP
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26227&min_rtt=26007&rtt_var=261&sent=42&recv=36&lost=0&retrans=0&sent_bytes=26436&recv_bytes=2941&delivery_rate=862963&cwnd=257&unsent_bytes=0&cid=1d596924f6135f0f&ts=7297&x=0"
date: Tue, 17 Dec 2024 08:22:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWVC6l5HxZPmLrfbJVxvHD8XIrqA3Pc0nfJdIwmRHk9njxdd2RW4q5XLcowZN82C3Vnv6yGHsF%2ByV9YLny27RyKCRvIpLfSO4mxHAf7wslgEr4gSC%2F6vD3dTjmK%2FgO9ggTbu41I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f3580cfeb73e3d8-OTP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=TCP&rtt=26134&min_rtt=26007&rtt_var=101&sent=41&recv=34&lost=0&retrans=0&sent_bytes=25879&recv_bytes=2845&delivery_rate=862963&cwnd=257&unsent_bytes=0&cid=1d596924f6135f0f&ts=7198&x=0"
date: Tue, 17 Dec 2024 08:22:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ct Show response
obs.esnlocco.com/ 3 KB
1 KB 1033ms
305ms Script
text/javascript 35.172.245.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnlocco.com/ct?id=78328&url=https%3A%2F%2Fheizoel-online.net%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1734423723616&hl=2&op=0&ag=4270235709&rand=04052120178912050999872070215222530018422125075867501922762923501162101087826100091081&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDExNzhdLFsiYWJuY2giLDFdLFstMSwiLSJdLFstMTUsIi0iXSxbLTE3LCI4Il0sWy0yMSwiLSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNTUsIjIiXSxbLTEwLCItIl0sWy0yMywiKyJdLFstMjcsIlsyMDAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTYyLCI4MCJdLFstNjksIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NzkxMjU0NixcInVqaHNcIjo0MzE5MDk4LFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy0zMSwiZmFsc2UiXSxbLTQxLCItIl0sWy01MCwiLSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTE2LCIwIl0sWy0yNSwiLSJdLFstMzQsIi0iXSxbLTQ0LCIwLDAsMCw1Il0sWy00OCwiMCwwIl0sWy01MiwiLSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkUFhCa1JVVTFOU1VvREZoWldXeGRjU2xkVlZscGFWaGRhVmxRV1VCWUpEZ0ZmQ0E0SlhRZ0FYVmhjQ1EwS0RsOWREVjhKRGdnQURBOWZBUThOQ0JkVFNnTUlBdzhPQUFvS0VCVllUUmxMR1JGUlRVMUpTZ01XRmxaYkYxeEtWMVZXV2xwV0YxcFdWQlpRRmdrT0FWOElEZ2xkQ0FCZFdGd0pEUW9PWDEwTlh3a09DQUFNRDE4QkR3MElGMU5LQXdnRERnc1BDQTBRIl0sWy02MCwiLSJdLFstNjcsIi0iXSxbLTY4LCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTUzLCIxMDAiXSxbLTU4LCItIl0sWy04LCItIl0sWy0yMCwiLSJdLFstMjQsIltdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNDcsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTE5LCJbOTAsOTAsOTAsOTAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyODUsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwLDBdIl0sWy0yOSwiLSJdLFstMzUsIlsxNzM0NDIzNzIzNjA3LC0xXSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxMCJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy02NSwiLSJdLFstNzAsIi0iXSxbLTIsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTEyLCJudWxsIl0sWy0zMiwiLSJdLFstNDYsIjAiXSxbLTU5LCJkZWZhdWx0Il0sWy02MSwie1wid2dzbFwiOlwiNDtwYWNrZWRfNHg4X2ludGVnZXJfZG90X3Byb2R1Y3Q7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02NiwiZ2VvbG9jYXRpb24sY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjcm9zc29yaWdpbmlzb2xhdGVkLHNjcmVlbndha2Vsb2NrLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LHNoYXJlZHN0b3JhZ2VzZWxlY3R1cmwsY2h1YWFyY2gsY29tcHV0ZXByZXNzdXJlLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksdXNiLGNoc2F2ZWRhdGEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsc2hhcmVkc3RvcmFnZSxydW5hZGF1Y3Rpb24sY2h1YWZvcm1mYWN0b3JzLGNoZG93bmxpbmssb3RwY3JlZGVudGlhbHMscGF5bWVudCxjaHVhLGNodWFtb2RlbCxjaGVjdCxhdXRvcGxheSxjYW1lcmEscHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxhY2NlbGVyb21ldGVyLGNodWFwbGF0Zm9ybXZlcnNpb24saWRsZWRldGVjdGlvbixwcml2YXRlYWdncmVnYXRpb24saW50ZXJlc3Rjb2hvcnQsY2h2aWV3cG9ydGhlaWdodCxsb2NhbGZvbnRzLGNodWFwbGF0Zm9ybSxtaWRpLGNodWFmdWxsdmVyc2lvbix4cnNwYXRpYWx0cmFja2luZyxjbGlwYm9hcmRyZWFkLGdhbWVwYWQsZGlzcGxheWNhcHR1cmUsa2V5Ym9hcmRtYXAsam9pbmFkaW50ZXJlc3Rncm91cCxjaHdpZHRoLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24sYnJvd3Npbmd0b3BpY3MsZW5jcnlwdGVkbWVkaWEsZ3lyb3Njb3BlLHNlcmlhbCxjaHJ0dCxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsdW5sb2FkLGNoZHByLGNocHJlZmVyc2NvbG9yc2NoZW1lLGNodWF3b3c2NCxhdHRyaWJ1dGlvbnJlcG9ydGluZyxmdWxsc2NyZWVuLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGhpZCxjaHVhYml0bmVzcyxzdG9yYWdlYWNjZXNzLHN5bmN4aHIsY2hkZXZpY2VtZW1vcnksY2h2aWV3cG9ydHdpZHRoLHBpY3R1cmVpbnBpY3R1cmUsbWFnbmV0b21ldGVyLGNsaXBib2FyZHdyaXRlLG1pY3JvcGhvbmUiXSxbLTksIisiXSxbLTEzLCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy00MCwiMzMiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstMzMsIi0iXSxbLTM4LCJpLC0xLC0xLDMwMTEsMCwwLDAsMCwwLDI1MzgsLTEsMCw3NjU5LjIsNzY1OS4yLDc3NTAsNzc1MSJdLFstNDUsIi0iXSxbLTUxLCItIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIxNDQxMzcwMTMyXCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy03MSwiYTAxMTAwMTAxMDAxMDAxMDEwMDAxMDEwMDExMTExMDEwMDAwMTAiXSxbImJuY2giLDExNl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy0xNCwiLSJdLFstNDksIi0iXSxbLTYzLCIwIl0sWyJkZGIiLCIwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMiwyLDEsMCwwLDAsMSwwLDIsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwzLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwIl1d&dep=0&pre=0&sdd=&cri=p36IzxdQ75&pto=7753&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1734423723.aeK9FwnF9ZtzAiky&suid=1.1734423723.ubfZbC1tsykhdoXM&tuid=1.1734423723.uMzB2tK4euwhBQmI&fbc=-&gtm=W10%3D&it=11%2C5808%2C1815&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=Ojk2Oi0%2BOTY6LSY5NjstJj8%2BNjstJj88NjstJj8yNjstJj46NjstaGA2Oi1uc2hKeHJlaDY6LWVkbXk2Oi17c2w2Lj5JZGlhbmh%2FLjk7RGlhbmh%2FLj5P
Requested by: Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-245-152.compute-1.amazonaws.com
Software: /
Resource Hash: 00e54666709763310a70a6482d295c3e2cd6e92fa56f367976ac4d7877ec5e7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://heizoel-online.net
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1215
date: Tue, 17 Dec 2024 08:22:04 GMT
content-type: text/javascript

POST
H2 200 8f3580b318e5e3d8 Show response
heizoel-online.net/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 76DE 0
997 B 143ms
133ms XHR
text/plain 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heizoel-online.net/cdn-cgi/challenge-platform/h/g/jsd/r/8f3580b318e5e3d8
Requested by: Host: heizoel-online.net
URL: https://heizoel-online.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkGAiRiXiVPhwbGhuyA2BAgPbrtOAJG2zieOxoo2i8qMSqXLjeuDVA%2B07Ty36dvqOXQwX%2BYwVKhyI7IpoT3Q02lJhV%2BGxrzLx6WMNIgYAG6uqfo%2F2I0HsA%2BbdH2DvJUJOHa3sJY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f3580d19c92e3d8-OTP
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26221&min_rtt=25976&rtt_var=82&sent=200&recv=104&lost=0&retrans=0&sent_bytes=210684&recv_bytes=19426&delivery_rate=4475499&cwnd=312&unsent_bytes=0&cid=1d596924f6135f0f&ts=7530&x=0"
content-length: 0
date: Tue, 17 Dec 2024 08:22:03 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 p.js Show response
monitor.fraudblocker.com/ 2 B
268 B 179ms
178ms Script
application/javascript 34.96.65.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.fraudblocker.com/p.js?sid=v5SoZQFcx82S_jce_hhl7&vid=7b3ee6e730370d60d560b6a281cf9122&tz=Europe%2FBerlin&os=Linux%20x86_64&b=Chrome%20131.0.0.0&bo=0
Requested by: Host: monitor.fraudblocker.com
URL: https://monitor.fraudblocker.com/fbt.js?sid=v5SoZQFcx82S_jce_hhl7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.65.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.65.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

x-goog-metageneration: 4
x-goog-hash: crc32c=Fz0s1w==, md5=e8DuY2s7g0hPw7k0iGO9Ig==
etag: "7bc0ee636b3b83484fc3b9348863bd22"
x-goog-stored-content-encoding: identity
expires: Wed, 17 Dec 2025 08:22:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2
date: Tue, 17 Dec 2024 08:22:04 GMT
last-modified: Wed, 18 May 2022 00:10:50 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC4XTRQGyqp4xljumoDNYn9sW3MkpynTdabQFbOzQs7krY-Jh9j5LKlghPusUPBDQo0
cache-control: no-store
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1652832650614216
content-length: 2
server: UploadServer

POST
H2 200 collect
www.google.com/ccm/ 0
0 716ms
76ms Ping
text/plain 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fheizoel-online.net%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=971235703.1734423724&dt=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&auid=738746704.1734423724&navt=n&npa=0&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734423724264&tfd=8400&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16672483340
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/ 4 KB
2 KB 736ms
105ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/?random=1734423724258&cv=11&fst=1734423724258&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16672483340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

def640425d0aec4fdf885bbabeb44740e83cb7efa9a350ab6cc16c3edeef9317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2249
date: Tue, 17 Dec 2024 08:22:04 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16672483340
td.doubleclick.net/td/rul/ Frame 1E80 0
0 707ms
89ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16672483340?random=1734423724258&cv=11&fst=1734423724258&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16672483340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heizoel-online.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 08:22:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 7F4C 0
0 706ms
98ms Document
text/html 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fheizoel-online.net

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16672483340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 400605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 17:05:19 GMT
expires: Fri, 12 Dec 2025 17:05:19 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/ 4 KB
3 KB 321ms
81ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/?random=1734423724659&cv=11&fst=1734423724659&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1de234c5a68181b01cf7dc01a5cc13d03a750f4592fdf79e04e079e85284e7a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2249
date: Tue, 17 Dec 2024 08:22:04 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16672483340
td.doubleclick.net/td/rul/ Frame E9C4 0
0 340ms
108ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16672483340?random=1734423724659&cv=11&fst=1734423724659&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heizoel-online.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 08:22:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.com/pagead/1p-conversion/16672483340/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0&ct_cookie_present=false&random=1144522617&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIw...
https://www.google.com/pagead/1p-conversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0&ct_cookie_present=false&random=1144522617&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08...

42 B
108 B

86ms
86ms

Image
image/gif

142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0&ct_cookie_present=false&random=1144522617&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIkK-R8K-uigMVTY39Bx3dfhBOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC8&is_vtc=1&cid=CAQSKQCa7L7dp-PbKLUEbO37zRQffcUtXrVcJIaa-cHo_ZtOaGdXR9ZMOto-&random=585911816

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 17 Dec 2024 08:22:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/16672483340/?label=PvZnCM62tvQZEIzQh44-&guid=ON&script=0&ct_cookie_present=false&random=1144522617&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAg&pscrd=IhMIkK-R8K-uigMVTY39Bx3dfhBOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC8&is_vtc=1&cid=CAQSKQCa7L7dp-PbKLUEbO37zRQffcUtXrVcJIaa-cHo_ZtOaGdXR9ZMOto-&random=585911816
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Tue, 17 Dec 2024 08:22:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 tc_imp.gif
obs.esnlocco.com/tracker/ 43 B
79 B 234ms
233ms Image
image/gif 35.172.245.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.esnlocco.com/tracker/tc_imp.gif?e=37dfbd8ee84e001269eac337e94088999225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59198e6f2f17071a10acf9f29f671d8ad28e017e3d4dfe7f2505853fdc64c20634042b9a57055e34560ec6b86b1d77be26bb25cb43e2943cee5169b20b2b6416d241f054bbd4829d6ce67d59bb6ccaba2832c45d6d1f205b9cc80274ed1aaee7ddf33116e30cc7a771e027b56dc049957460ee71509e41147f758f562ba5d8a2f761ff65967eb86e8f52612fe08c62694c2f0ade3a908d6aa8466aa5c6ae234e7b3cd6982e3e8b903f4f7c15335e14a28d2b7e7e01b6e65b3bd9eae72482e45f26482cfda7a390ce70bedfdb0eee50955c3b60ccea9fe4a5369689b13d932112c3a79c3e1215f06169ac8c0621ac84e97e9d5ebb02f2c712dd50939a268e6760ca84788639c98cbdedd1baa70638ea3de2eee8235028ae9136c1f71ded574c02d454469783c39081daa270866ad0deeddb36ae6b7874dc2b65d484964a20c0f874bb41bfd30dd837ae770213148c78ff01dfd3a57abb9133ca10a7d79cd727c019416edc501f54725f55c1ec3bf40a9482c720a5bf6bf69720cca9efbe25cfffa711266e86a9067d8ae6521453a4b8ac67a43a9aea40eee02eb27fbc309553d412cba93cc71a20f8af92663c3f7c022a0b5f16b6e08c6cd604ab46525e2af0b753c29b1f05e2a5deb9be70dfebe4fdebe4bda50e1668e94d94b7476f8440611fd5605a736fe82afa0d10b4ac9f15830a936ffaf27784aa118b384a78741076019ddee5dc3f7f51981b4297d0c7fee29c3957edb1f93edf942b2f87ba6f2e75ebd59c0f75a52d975e811be43c9f16d9cb14fab92ca7e6c2a09a0319ebb57e24da04c7d0c9b90a8e2e7440179e032e4ca3e11bd6fe1ecb85899c0589d6fb6c5d6603e762f567ff02ebde378438413d536e283df3508d823a49ab2f9df6e73fd8d35fcc2926ed03762f9ce1cd181ab333e78410c6156e4319ed292683b3c53788046bd89719a2dcd4e3921d990e17301ff26b370bcac51e56bb20f5af823f85d6ec065e79be78794b7d8f650cb9cab5414fc7707b85c6db029c99&cri=p36IzxdQ75&ts=1054&cb=1734423724671
Requested by: Host: heizoel-online.net
URL: https://heizoel-online.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-245-152.compute-1.amazonaws.com
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Tue, 17 Dec 2024 08:22:04 GMT
pragma: no-cache
content-type: image/gif

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/16672483340/ 5 KB
3 KB 353ms
85ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/16672483340/?random=1734423724667&cv=11&fst=1734423724667&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&label=PvZnCM62tvQZEIzQh44-&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&gtm_ee=1&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a53e9044f8b98f86159c38ec28a43df0f3913d870d9916cd537581eefbbadf4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2566
date: Tue, 17 Dec 2024 08:22:04 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16672483340
td.doubleclick.net/td/rul/ Frame 8183 0
0 336ms
108ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16672483340?random=1734423724667&cv=11&fst=1734423724667&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&label=PvZnCM62tvQZEIzQh44-&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&gtm_ee=1&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0

Requested by

Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heizoel-online.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 08:22:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET 95f2f928-e7ee-463d-a107-65d8b4cd712c
https://heizoel-online.net/ Frame 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/16672483340/ 42 B
309 B 87ms
83ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16672483340/?random=1734423724659&cv=11&fst=1734422400000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dIPWH68MYHcB9vPAk3kB2AKne8PBh3w&random=1784662157&rmt_tld=0&ipr=y

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 17 Dec 2024 08:22:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.com/pagead/1p-user-list/16672483340/ 42 B
108 B 83ms
81ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16672483340/?random=1734423724258&cv=11&fst=1734422400000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7denixxEQ-ofZSPn_YpaO7Bkpfh9Wirg&random=1576350990&rmt_tld=0&ipr=y

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 17 Dec 2024 08:22:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

/
www.google.com/pagead/1p-conversion/16672483340/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16672483340/?random=1639008886&cv=11&fst=1734423724667&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=10...
https://www.google.com/pagead/1p-conversion/16672483340/?random=1639008886&cv=11&fst=1734423724667&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102...

42 B
108 B

84ms
84ms

Image
image/gif

142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/16672483340/?random=1639008886&cv=11&fst=1734423724667&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&label=PvZnCM62tvQZEIzQh44-&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&gtm_ee=1&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIm62R8K-uigMV7ZP9Bx1ehwL0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC9CV0NoQUlnTi1FdXdZUTdZaUM2YkRlaU0xQkVpMEFtb3F3QVpmRzJDTHJVN01pcTUwX3ZYT0xhdWVjdXBWNDdPVzdHek80RnlFVEsxQzJybHRmdEtUZWs5QQ&is_vtc=1&cid=CAQSKQCa7L7d49doWIBA56g0hYpVMTU71tZes1MbEOFQW_bpMaK8w9anTfPM&random=3019040129

Requested by

Host: heizoel-online.net
URL: https://heizoel-online.net/

Protocol

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 17 Dec 2024 08:22:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/16672483340/?random=1639008886&cv=11&fst=1734423724667&bg=ffffff&guid=ON&async=1&gtm=45be4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fheizoel-online.net%2F&label=PvZnCM62tvQZEIzQh44-&hn=www.googleadservices.com&frm=0&tiba=Heiz%C3%B6l%20g%C3%BCnstig%20bestellen%20-%20heizoel-online.net&gtm_ee=1&npa=0&pscdl=noapi&auid=738746704.1734423724&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIm62R8K-uigMV7ZP9Bx1ehwL0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhtodHRwczovL2hlaXpvZWwtb25saW5lLm5ldC9CV0NoQUlnTi1FdXdZUTdZaUM2YkRlaU0xQkVpMEFtb3F3QVpmRzJDTHJVN01pcTUwX3ZYT0xhdWVjdXBWNDdPVzdHek80RnlFVEsxQzJybHRmdEtUZWs5QQ&is_vtc=1&cid=CAQSKQCa7L7d49doWIBA56g0hYpVMTU71tZes1MbEOFQW_bpMaK8w9anTfPM&random=3019040129
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Tue, 17 Dec 2024 08:22:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 favicon.png
heizoel-online.net/ 36 KB
36 KB 247ms
247ms Other
image/png 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heizoel-online.net/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e7e350990f48d7bcc9869a78effd9e96856dda35e149a7d26030cc4d0f36e511

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

cf-cache-status: MISS
etag: "67549c00-8eeb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMipaqxngCnX3Ke%2FbdiChvrjqUyc3EuVDbEJ1bDqI1mYiWyAK6e%2BmbFkVjDVJRV0%2B18XwYZp2M0yAdoTUJmAh0fLChs%2BQ2vTXaPRaZiQtgw3GQXBrY1cLd7Ee%2FZidpYZaMecess%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26191&min_rtt=25976&rtt_var=87&sent=202&recv=106&lost=0&retrans=0&sent_bytes=211703&recv_bytes=19920&delivery_rate=4475499&cwnd=313&unsent_bytes=0&cid=1d596924f6135f0f&ts=9101&x=0"
date: Tue, 17 Dec 2024 08:22:05 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 19:03:28 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3580dabae7e3d8-OTP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36587
x-powered-by: PleskLin
server: cloudflare

POST
H2 200 mon Show response
obs.esnlocco.com/ 0
149 B 165ms
163ms XHR
application/json 35.172.245.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnlocco.com/mon
Requested by: Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-245-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://heizoel-online.net/

Response headers

access-control-allow-origin: https://heizoel-online.net
content-length: 0
date: Tue, 17 Dec 2024 08:22:05 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.esnlocco.com/ 0
16 B 166ms
164ms XHR
application/json 35.172.245.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnlocco.com/mon
Requested by: Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-245-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://heizoel-online.net/

Response headers

access-control-allow-origin: https://heizoel-online.net
content-length: 0
date: Tue, 17 Dec 2024 08:22:05 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H2 200 b.js Show response
monitor.fraudblocker.com/ 2 B
186 B 229ms
229ms Script
application/javascript 34.96.65.117
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.fraudblocker.com/b.js?sid=v5SoZQFcx82S_jce_hhl7&vid=7b3ee6e730370d60d560b6a281cf9122&tz=Europe%2FBerlin&os=Linux%20x86_64&b=Chrome%20131.0.0.0&bo=0
Requested by: Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.65.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 117.65.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://heizoel-online.net/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=Fz0s1w==, md5=e8DuY2s7g0hPw7k0iGO9Ig==
etag: "7bc0ee636b3b83484fc3b9348863bd22"
x-goog-stored-content-encoding: identity
expires: Wed, 17 Dec 2025 08:22:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2
date: Tue, 17 Dec 2024 08:22:06 GMT
last-modified: Fri, 30 Sep 2022 21:34:18 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC5EIlTcIOhrECYEaUhx0S7gQkgRZvraN1fzzFdRlZBVymjtcS9K-LJu0z3JxV_QLds
cache-control: no-store
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1664573658484855
content-length: 2
server: UploadServer

POST
H2 200 mon Show response
obs.esnlocco.com/ 0
39 B 169ms
168ms XHR
application/json 35.172.245.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.esnlocco.com/mon
Requested by: Host: ob.esnlocco.com
URL: https://ob.esnlocco.com/i/078f170d19dae0437fd4f071956f8641.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-245-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://heizoel-online.net/

Response headers

access-control-allow-origin: https://heizoel-online.net
content-length: 0
date: Tue, 17 Dec 2024 08:22:07 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST mon
obs.esnlocco.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: heizoel-online.net
URL: blob:https://heizoel-online.net/95f2f928-e7ee-463d-a107-65d8b4cd712c

Domain: obs.esnlocco.com
URL: https://obs.esnlocco.com/mon

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
heizoel-online.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4d7kunmj3oto307um3asmihdv5
.heizoel-online.net/	1970-01-21 03:58:27	Name: _cq_duid Value: 1.1734423723.aeK9FwnF9ZtzAiky
.heizoel-online.net/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1734423723.ubfZbC1tsykhdoXM
.heizoel-online.net/	1970-01-21 10:32:39	Name: cf_clearance Value: 36n1aZJ9ZrNPH.jxLNAtXAo8jUDnbvccyxkgBWqXTbA-1734423723-1.2.1.1-q9cEyJZiVbyO6xMIpQ.IkMXoQ9TmfbyFlvU3TjmOI8mYxHJ9UQy6BrkYDRDai6MdJoowKKjQev_nZ2VUKNeXOL0Wug8iwCF1q8EyvtIaIVA6GcDmmse1qLv5r0UsU3r_kNnuozvHICfp1tE5wjtl9STy4aFOPRpZnHX.6mLYEO7abOHu7o3Nl9byX3twe6yhqsFOEHsovRxaQcz7.CD8YVPJPR_n37l8ToeANookTKYhrK4OTbIDkSsV3PegALV2uKTHAzutQa.YuaLx4q7.YduvOkd13UTjf7G1DQwMYP8ieDFtOVrgkaP5fpHItssdZMAjdkoNSZlbuLqhFSFwmXpg_FVsAC_9ZNOmvsIpuHeFCBfGXfraiKxFkgiS70fq
.heizoel-online.net/	1970-01-21 03:56:39	Name: _gcl_au Value: 1.1.738746704.1734423724
obs.esnlocco.com/	1970-01-21 09:50:54	Name: cg_uuid Value: d8a76b2f07b124365241895511ba060b
.heizoel-online.net/	1970-01-21 01:48:30	Name: _cq_pxg Value: 3\|287173\|16672483340\|event=conversion
.doubleclick.net/	1970-01-21 11:23:03	Name: IDE Value: AHWqTUkRcDSRo8ds3duuC2wWey-L7bSSDq0PTd6lhHqam0_hNZpFynMSb8Y2oZKC

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://heizoel-online.net/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A070002D74190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
googleads.g.doubleclick.net
heizoel-online.net
monitor.fraudblocker.com
ob.esnlocco.com
obs.esnlocco.com
td.doubleclick.net
www.google.com
www.googleadservices.com
www.googletagmanager.com
heizoel-online.net
obs.esnlocco.com
104.18.186.31
104.21.16.1
142.250.185.136
142.250.185.162
142.250.186.130
142.250.186.68
18.66.122.53
216.58.206.66
34.96.65.117
35.172.245.152
00e54666709763310a70a6482d295c3e2cd6e92fa56f367976ac4d7877ec5e7f
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
07bcc79c7465ec5e69fea01b195ac5568c271b2ac59c7d18b99d8db1ba79375d
1de234c5a68181b01cf7dc01a5cc13d03a750f4592fdf79e04e079e85284e7a9
41cfd9d9eb8006946fbee5d26b688cf4f62da95f4e7ef278638e7ae93f8d7297
46d7e14f6aee29e227246c015d3fc8a2257cf1bd10ffb0b3ba8e75906af67346
7a4e04df4023f466699006bc4c2b7d8f44149b61b41416e7158c3613d5e469cb
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f74edfee51d490b15c18991baddecf3af31f3dedb258194ef286312ec92fc29
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a53e9044f8b98f86159c38ec28a43df0f3913d870d9916cd537581eefbbadf4d
b0a2eb4e88ce930ac64b7b7c99ec5271eee3b610efca075ee95e1b4b866abd10
c6df19355a80711fc5c32dfed6942564ff8a55c28421b78432cd6fe2cbfd6c42
d449ef09bfc81d41579147b595bd0dc1e3ed715cb7bfc9cad6c01cc6418c1906
def640425d0aec4fdf885bbabeb44740e83cb7efa9a350ab6cc16c3edeef9317
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e350990f48d7bcc9869a78effd9e96856dda35e149a7d26030cc4d0f36e511
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

heizoel-online.net Open in urlscan Pro 104.21.16.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

85 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

11 IPs

2 Countries

572 kBTransfer

1366 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

heizoel-online.net Open in urlscan Pro
104.21.16.1 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

85 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

572 kB
Transfer

1366 kB
Size

8
Cookies

33 HTTP transactions
0 data transactions