www.dkbaktuelle.com Open in urlscan Pro
137.184.111.84 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://santagolfjdkb2102.clickfunnels.com/optin6f7vvwpu
Effective URL:
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
Submission: On October 06 via automatic, source phishtank (October 6th 2021, 5:09:37 pm UTC) — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 52 HTTP transactions. The main IP is 137.184.111.84, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.dkbaktuelle.com.
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.

This is the only time www.dkbaktuelle.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DKB (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 11	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.16.116.2 52.16.116.2	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:3247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 25	137.184.111.84 137.184.111.84	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	15

11 2606:4700::6810:10c2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

santagolfjdkb2102.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.116.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-116-2.eu-west-1.compute.amazonaws.com

track.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:3247 (United States)

ASN13335 (CLOUDFLARENET, US)

jcmusiclab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 137.184.111.84 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.dkbaktuelle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	dkbaktuelle.com 2 redirects www.dkbaktuelle.com	69 KB
15	clickfunnels.com 2 redirects santagolfjdkb2102.clickfunnels.com www.clickfunnels.com images.clickfunnels.com app.clickfunnels.com assets.clickfunnels.com	759 KB
2	cloudflare.com cdnjs.cloudflare.com	358 KB
2	jsdelivr.net cdn.jsdelivr.net	47 KB
2	fontawesome.com use.fontawesome.com	17 KB
1	jquery.com code.jquery.com	30 KB
1	jcmusiclab.com jcmusiclab.com	776 B
1	google.com www.google.com	987 B
1	nr-data.net bam-cell.nr-data.net	925 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	addevent.com track.addevent.com
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googleapis.com fonts.googleapis.com	3 KB
52	13

	Domain	Requested by
25	www.dkbaktuelle.com	2 redirects jcmusiclab.com www.dkbaktuelle.com
6	app.clickfunnels.com	1 redirects santagolfjdkb2102.clickfunnels.com www.clickfunnels.com app.clickfunnels.com
4	www.clickfunnels.com	santagolfjdkb2102.clickfunnels.com
3	santagolfjdkb2102.clickfunnels.com	1 redirects static.cloudflareinsights.com
2	cdnjs.cloudflare.com	www.dkbaktuelle.com
2	cdn.jsdelivr.net	www.dkbaktuelle.com
2	use.fontawesome.com	santagolfjdkb2102.clickfunnels.com
1	code.jquery.com	www.dkbaktuelle.com
1	jcmusiclab.com	www.google.com
1	www.google.com	santagolfjdkb2102.clickfunnels.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	assets.clickfunnels.com
1	js-agent.newrelic.com	santagolfjdkb2102.clickfunnels.com
1	track.addevent.com	santagolfjdkb2102.clickfunnels.com
1	static.cloudflareinsights.com	santagolfjdkb2102.clickfunnels.com
1	images.clickfunnels.com	santagolfjdkb2102.clickfunnels.com
1	fonts.googleapis.com	santagolfjdkb2102.clickfunnels.com
52	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-23` - `2022-08-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
addevent.com Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
dkbaktuelle.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
Frame ID: 9D6F9FEF164D539093D577B929BEF7FF
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Das kann Bank | DKB AG

Page URL History Show full URLs

https://santagolfjdkb2102.clickfunnels.com/optin6f7vvwpu HTTP 302
https://santagolfjdkb2102.clickfunnels.com/optin1633431167565 Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiI1Z69qLHz... Page URL
https://jcmusiclab.com/portfolio-archive/sidney-benneth-o-nauta-ano-2021/ Page URL
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy?pwd=dkbagde92 HTTP 301
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/?pwd=dkbagde92 HTTP 302
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

52
Requests

96 %
HTTPS

71 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

1302 kB
Transfer

4556 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://santagolfjdkb2102.clickfunnels.com/optin6f7vvwpu HTTP 302
https://santagolfjdkb2102.clickfunnels.com/optin1633431167565 Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiI1Z69qLHzAhWy4IUKHSexARsQFnoECAoQAQ&url=https%3A%2F%2Fjcmusiclab.com%2Fportfolio-archive%2Fsidney-benneth-o-nauta-ano-2021%2F&usg=AOvVaw38OPPg3gZZGSpkE0Ssn42x Page URL
https://jcmusiclab.com/portfolio-archive/sidney-benneth-o-nauta-ano-2021/ Page URL
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy?pwd=dkbagde92 HTTP 301
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/?pwd=dkbagde92 HTTP 302
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://santagolfjdkb2102.clickfunnels.com/optin6f7vvwpu HTTP 302
https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Request Chain 11

https://app.clickfunnels.com/cf.js HTTP 301
https://www.clickfunnels.com/cf.js

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

optin1633431167565 Show response
santagolfjdkb2102.clickfunnels.com/
Redirect Chain

https://santagolfjdkb2102.clickfunnels.com/optin6f7vvwpu
https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

46 KB
13 KB

77ms
77ms

Document
text/html

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

3df30f24b3ea55e410452fdbcc9d946cedb32f33f67b308cc0aac78406eb1cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: santagolfjdkb2102.clickfunnels.com
:scheme: https
:path: /optin1633431167565
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: __cf_bm=nQDt.Ch6vXUS1eJ.9fsyl0cP5EJL_xzadIoxOUlltjc-1633540171-0-AZxfFmUrknnB35YP+AMbYnpM9gsU9tmmQ+Uq/1+zEz19offHC5m/IgIvpMfvUHJzpRfxf2/itFElL4XAq2XNHOOWciF7QClI+0fzGjwtU3Hu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-type: text/html; charset=utf-8
cf-ray: 69a07f785d231f25-FRA
access-control-allow-origin: *
age: 564
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Tue, 05 Oct 2021 17:13:43 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200 OK
x-content-digest: c74256acb516dea7f67412d9e5a7510575fa1141
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 7ba524eca0bd589b98f582b0a0b950bb
x-runtime: 0.220150
server: cloudflare
content-encoding: br

Redirect headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-type: text/html; charset=utf-8
location: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
cf-ray: 69a07f74f8041f25-FRA
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 53185dcce22a23bb8ca9028dcb7b5344
x-runtime: 0.137566
set-cookie: __cf_bm=nQDt.Ch6vXUS1eJ.9fsyl0cP5EJL_xzadIoxOUlltjc-1633540171-0-AZxfFmUrknnB35YP+AMbYnpM9gsU9tmmQ+Uq/1+zEz19offHC5m/IgIvpMfvUHJzpRfxf2/itFElL4XAq2XNHOOWciF7QClI+0fzGjwtU3Hu; path=/; expires=Wed, 06-Oct-21 17:39:31 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare

GET
H2 200 lander.css
www.clickfunnels.com/assets/ 425 KB
70 KB 72ms
61ms Stylesheet
text/css 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/assets/lander.css

Requested by

Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 824
last-modified: Mon, 04 Oct 2021 16:34:02 GMT
server: cloudflare
etag: W/"615b2cfa-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 69a07f790e8a1f25-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 06 Oct 2021 17:29:31 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 72ms
46ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7938127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: H4FDMQCVAX1QJR1N
x-amz-id-2: R5U5V03xCJ1tQCjdvXnzHl6w9igM00Jpy6MhtaLP8VoCz5keh41FBeT76zB9Rs+GodO16HmJBmg=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6Ssoy3AlUggINtmcC0lN%2BZrKm%2B%2Btx8fz0yf8luV7qFQU%2Bgn8nDPwn9jUp6EMYANBjtoxTogPnTNveZkSBHrAIv%2FCB9Ms8DTx3uTz41DSFIf77vqAoInOOy3hbKCVkKf4WMDRMc2u4JMud6Y%2F7CmTl5o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 69a07f791fe65c2c-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 78ms
52ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7938127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: H4F59D1N5HGP5X17
x-amz-id-2: YUdlAsA+TtJD+rHh62FdzZps5qHRs16q+LPxOPSwnBMavIM5gcZ75Y7cLfPddqE+iN9nZYEEHPw=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J57KnkUHFmWtHgV7DF7C0Y6SQcEWdkHfHTPtqE3OMC1PFF2xQcWqJcLwK0SdVUtstOqJ8THnIjWpHFCpYjPjIWqbOjTZ27WR5GGINiamESmhgOj8kJb6Eosm6LDTyItopwyxZ7AlDXthe%2BmSBhzu9KbQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 69a07f791fea5c2c-FRA

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 41ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40b1e129fd55c17b3a1234e2ef332ca0cd7526573e60f78fa7fe11cc4b52549f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 16:57:48 GMT
server: ESF
date: Wed, 06 Oct 2021 17:09:31 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 17:09:31 GMT

GET
H2 200 application.js Show response
www.clickfunnels.com/assets/userevents/ 5 KB
2 KB 53ms
53ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/assets/userevents/application.js

Requested by

Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 806
last-modified: Mon, 04 Oct 2021 16:34:02 GMT
server: cloudflare
etag: W/"615b2cfa-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 69a07f799f521f25-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 06 Oct 2021 17:29:31 GMT

GET
H2 200 lander.js Show response
www.clickfunnels.com/assets/ 2 MB
659 KB 79ms
70ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/assets/lander.js

Requested by

Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7654b05d26ff7640811ff6adb2e757693ac43f4904829660de3b4659351dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 816
last-modified: Mon, 04 Oct 2021 16:34:02 GMT
server: cloudflare
etag: W/"615b2cfa-23604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 69a07f790e8c1f25-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 06 Oct 2021 17:29:31 GMT

GET
H2 200 ClickfunnelsTag.png
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ 5 KB
6 KB 61ms
51ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by: Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
cf-cache-status: HIT
age: 3853
cf-polished: origFmt=png, origSize=9030
cf-ray: 69a07f79bf811f25-FRA
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
content-disposition: inline; filename="ClickfunnelsTag.webp"
content-length: 5276
x-amz-id-2: RR5AfJilw+NyBv+uvB2vu/T68CFo8M/mh8QxBFfqQuavOQDf7JhcCfLY1Qqg9We+rSVCtpfrP6U=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a633777156a5ffeb58c92d3d59fa4e34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 6S3SKZZ0BP42W2C1
cache-control: public, max-age=2073600
accept-ranges: bytes
content-type: image/webp
expires: Sat, 30 Oct 2021 17:09:31 GMT

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
459 B 44ms
43ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 810
last-modified: Mon, 04 Oct 2021 16:34:01 GMT
server: cloudflare
etag: W/"615b2cf9-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 69a07f79af6a1f25-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 06 Oct 2021 17:29:31 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 76ms
57ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:31 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a07f79ce97434b-FRA

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cf.js Show response
www.clickfunnels.com/
Redirect Chain

https://app.clickfunnels.com/cf.js
https://www.clickfunnels.com/cf.js

18 KB
5 KB

95ms
94ms

Script
application/x-javascript

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/cf.js

Requested by

Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 361
last-modified: Mon, 04 Oct 2021 16:34:02 GMT
server: cloudflare
etag: W/"615b2cfa-476a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 69a07f7cdd0a1f25-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Redirect headers

date: Wed, 06 Oct 2021 17:09:32 GMT
cf-cache-status: HIT
access-control-allow-origin: *
server: cloudflare
age: 1150
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
location: https://www.clickfunnels.com/cf.js
access-control-allow-credentials: true
strict-transport-security: max-age=0
cf-ray: 69a07f7c1b751f25-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
307 B 294ms
267ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=MzBPYzIrVVFuRllKd2RURFpOSk56dz09LS1lS1RKUGJLUlV3ZUM4QUhRbGpzK1VRPT0%3D--2ef14c78ba1f6e2f89efbc4b5730573546995225&page_id=ZWdtVW5MNWxpckhSa2hyT3R5SThOUT09LS1UdkxranFTVlJadWYvMVhVbFlnSld3PT0%3D--11130485f8fd32dfde5ab13576ca6cda81a139e6&funnel_step_id=N1VzeTRhbGRzZzlSWlJMVTEya2IrZz09LS1oMDl5Z25rMTVUMFZENWl6aUNUMDdRPT0%3D--3b9f792d81055c92ddbe238e3b933f9c465ef3ed&user_id=ZWpnQmZhM280SkJHU21zdWpaVE8xQT09LS1YemZXMklCb1J6dDRBRkFnT3VQS1lnPT0%3D--75ed2d206b2e7b080125593d47005c1b2fc8a38b&account_id=WGtIajVBZWVyNmgvZXIwR2UvVzUwZz09LS05Vys3djdsTEk4dTRZcWtONDFLK0tBPT0%3D--1ef55d812189a4db19cca8732d43aa054c7f4fa6&page_code=NTEwNjk2NjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=95617abb-d1cf-4e22-996d-8cad69ca496f&url=https%3A%2F%2Fsantagolfjdkb2102.clickfunnels.com%2Foptin1633431167565

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:32 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 9531582a614639967692cc8f7c992139
x-runtime: 0.030078
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 69a07f7c4806c2f4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
307 B 533ms
507ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=MzBPYzIrVVFuRllKd2RURFpOSk56dz09LS1lS1RKUGJLUlV3ZUM4QUhRbGpzK1VRPT0%3D--2ef14c78ba1f6e2f89efbc4b5730573546995225&page_id=ZWdtVW5MNWxpckhSa2hyT3R5SThOUT09LS1UdkxranFTVlJadWYvMVhVbFlnSld3PT0%3D--11130485f8fd32dfde5ab13576ca6cda81a139e6&funnel_step_id=N1VzeTRhbGRzZzlSWlJMVTEya2IrZz09LS1oMDl5Z25rMTVUMFZENWl6aUNUMDdRPT0%3D--3b9f792d81055c92ddbe238e3b933f9c465ef3ed&user_id=ZWpnQmZhM280SkJHU21zdWpaVE8xQT09LS1YemZXMklCb1J6dDRBRkFnT3VQS1lnPT0%3D--75ed2d206b2e7b080125593d47005c1b2fc8a38b&account_id=WGtIajVBZWVyNmgvZXIwR2UvVzUwZz09LS05Vys3djdsTEk4dTRZcWtONDFLK0tBPT0%3D--1ef55d812189a4db19cca8732d43aa054c7f4fa6&page_code=NTEwNjk2NjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=ac844995-f976-4e40-89df-889d6328b4b7&url=https%3A%2F%2Fsantagolfjdkb2102.clickfunnels.com%2Foptin1633431167565

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:32 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 8a8f9e5406b1b07f66714ec5f4bcf21f
x-runtime: 0.038637
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 69a07f7c480ac2f4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
813 B 265ms
239ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=MzBPYzIrVVFuRllKd2RURFpOSk56dz09LS1lS1RKUGJLUlV3ZUM4QUhRbGpzK1VRPT0%3D--2ef14c78ba1f6e2f89efbc4b5730573546995225&page_id=ZWdtVW5MNWxpckhSa2hyT3R5SThOUT09LS1UdkxranFTVlJadWYvMVhVbFlnSld3PT0%3D--11130485f8fd32dfde5ab13576ca6cda81a139e6&funnel_step_id=N1VzeTRhbGRzZzlSWlJMVTEya2IrZz09LS1oMDl5Z25rMTVUMFZENWl6aUNUMDdRPT0%3D--3b9f792d81055c92ddbe238e3b933f9c465ef3ed&user_id=ZWpnQmZhM280SkJHU21zdWpaVE8xQT09LS1YemZXMklCb1J6dDRBRkFnT3VQS1lnPT0%3D--75ed2d206b2e7b080125593d47005c1b2fc8a38b&account_id=WGtIajVBZWVyNmgvZXIwR2UvVzUwZz09LS05Vys3djdsTEk4dTRZcWtONDFLK0tBPT0%3D--1ef55d812189a4db19cca8732d43aa054c7f4fa6&page_code=NTEwNjk2NjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=535d46e5-2cd7-49bd-97f1-35a63ed50d7e&url=https%3A%2F%2Fsantagolfjdkb2102.clickfunnels.com%2Foptin1633431167565

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:32 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: f14a463f5f30cf84a0a2ca03340d32aa
x-runtime: 0.036597
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 69a07f7c480cc2f4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H/1.1 200
OK /
track.addevent.com/atc/ 0
0 137ms
32ms Image
text/html 52.16.116.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=d0f0c29d-b6a8-47ec-c32c-82b4d86e9207&url=https%3A%2F%2Fsantagolfjdkb2102.clickfunnels.com%2Foptin1633431167565&cache=1633540172224
Requested by: Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.116.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-116-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, X-Access-Token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 24ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: VW8CCHGKR4ZK6Z03
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by: cache-fra19167-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1633540172.415340,VS0,VE0
date: Wed, 06 Oct 2021 17:09:32 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 16134

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
913 B 81ms
80ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:32 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 597298
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Wed, 29 Sep 2021 15:55:25 GMT
server: cloudflare
etag: "61548c6d-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 17:09:32 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 69a07f7d7df01f25-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 track Show response
app.clickfunnels.com/v1/ 118 B
438 B 194ms
194ms XHR
text/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/v1/track?_unique=0.22012572837982214&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//santagolfjdkb2102.clickfunnels.com/optin1633431167565&_title=Free%20Report%20-%20Sign%20Up&_key=p4et94m7&_page_key=o7gfu4duobdd69s4&_fid=11482617&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://santagolfjdkb2102.clickfunnels.com/optin1633431167565&_referrer=

Requested by

Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/cf.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

9ca4051118d2418534341c66783c405c82d0d3a105f49be8e8870f6e87868eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:32 GMT
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
content-encoding: br
x-request-id: 3666a116d4c66293da0d676a0465d8f4
x-runtime: 0.029282
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 69a07f7d89c9c2f4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

POST
H2 200 rum Show response
santagolfjdkb2102.clickfunnels.com/cdn-cgi/ 0
200 B 14ms
14ms XHR
text/plain 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://santagolfjdkb2102.clickfunnels.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://santagolfjdkb2102.clickfunnels.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cf_bm=nQDt.Ch6vXUS1eJ.9fsyl0cP5EJL_xzadIoxOUlltjc-1633540171-0-AZxfFmUrknnB35YP+AMbYnpM9gsU9tmmQ+Uq/1+zEz19offHC5m/IgIvpMfvUHJzpRfxf2/itFElL4XAq2XNHOOWciF7QClI+0fzGjwtU3Hu; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTEwNjk2NjU=:visited=true; cf:visitor_id=ee717b7c-54df-4458-a71d-9d7f4dac6bf7; addevent_track_cookie=d0f0c29d-b6a8-47ec-c32c-82b4d86e9207
content-length: 6829
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: santagolfjdkb2102.clickfunnels.com
referer: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Wed, 06 Oct 2021 17:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://santagolfjdkb2102.clickfunnels.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 69a07f7e2ee41f25-FRA
vary: Origin

GET
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam-cell.nr-data.net/1/ 49 B
925 B 157ms
138ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1210.e2a3f80&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1698&ck=1&ref=https://santagolfjdkb2102.clickfunnels.com/optin1633431167565&ap=227&be=658&fe=1383&dc=1161&perf=%7B%22timing%22:%7B%22of%22:1633540171012,%22n%22:0,%22r%22:0,%22re%22:555,%22f%22:555,%22dn%22:555,%22dne%22:555,%22c%22:555,%22ce%22:555,%22rq%22:556,%22rp%22:633,%22rpe%22:634,%22dl%22:636,%22di%22:1159,%22ds%22:1161,%22de%22:1214,%22dc%22:1382,%22l%22:1382,%22le%22:1489%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1140&fcp=1140&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 17:09:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlVTAAQBXFFTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoDBlEOWXRMB05WAhtDAFUPClNRBAAEB1RVUVVTUEBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 69a07f7f9e5a4e38-FRA

GET
H2 200 url Show response
www.google.com/ 1021 B
987 B 63ms
37ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiI1Z69qLHzAhWy4IUKHSexARsQFnoECAoQAQ&url=https%3A%2F%2Fjcmusiclab.com%2Fportfolio-archive%2Fsidney-benneth-o-nauta-ano-2021%2F&usg=AOvVaw38OPPg3gZZGSpkE0Ssn42x

Requested by

Host: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0248c7533d61acdfee82cfe1dbe8ace01be8a1fcc4ad2e7bfc6eba6e925a42ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiI1Z69qLHzAhWy4IUKHSexARsQFnoECAoQAQ&url=https%3A%2F%2Fjcmusiclab.com%2Fportfolio-archive%2Fsidney-benneth-o-nauta-ano-2021%2F&usg=AOvVaw38OPPg3gZZGSpkE0Ssn42x
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://santagolfjdkb2102.clickfunnels.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://santagolfjdkb2102.clickfunnels.com/

Response headers

date: Wed, 06 Oct 2021 17:09:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 505
x-xss-protection: 0
set-cookie: CONSENT=PENDING+858; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST NRJS-fc902efb332119fff33
bam-cell.nr-data.net/events/1/ 0
0

POST rum
santagolfjdkb2102.clickfunnels.com/cdn-cgi/ 0
0

GET
H2 200 / Show response
jcmusiclab.com/portfolio-archive/sidney-benneth-o-nauta-ano-2021/ 190 B
776 B 512ms
357ms Document
text/html 2606:4700:3036::6815:3247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jcmusiclab.com/portfolio-archive/sidney-benneth-o-nauta-ano-2021/
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiI1Z69qLHzAhWy4IUKHSexARsQFnoECAoQAQ&url=https%3A%2F%2Fjcmusiclab.com%2Fportfolio-archive%2Fsidney-benneth-o-nauta-ano-2021%2F&usg=AOvVaw38OPPg3gZZGSpkE0Ssn42x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 747ab15ba70423bcac90e457a373762e8d1d591d8b1bec35ea4dca689ec78999

Request headers

:method: GET
:authority: jcmusiclab.com
:scheme: https
:path: /portfolio-archive/sidney-benneth-o-nauta-ano-2021/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/

Response headers

date: Wed, 06 Oct 2021 17:09:33 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0QuOm7oAVlrHsXF%2Fi%2Fof38x8y%2F75rFUKI1FwIkHNAOjbEG13Tfa4ycJgl2yeN6bzwhqfCI8PtpbLS1bWrDSyUbUaqTVLjyhPdXbtcPRyPNe%2F5QaTMBTCZb0I6gv%2B%2FRm3ElCofrpYaKauSHapA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69a07f841e7d0ea7-FRA
content-encoding: br

GET
H2

200

Primary Request PtuHRR.php Show response
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/
Redirect Chain

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy?pwd=dkbagde92
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/?pwd=dkbagde92
https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

15 KB
3 KB

174ms
174ms

Document
text/html

137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Requested by

Host: jcmusiclab.com
URL: https://jcmusiclab.com/portfolio-archive/sidney-benneth-o-nauta-ano-2021/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PHP/7.4.24 PleskLin

Resource Hash

a5c8662e5ed63a18a303129c70c0e65c3bf22cb6a93bc839f52a070e54f9881a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:method: GET
:authority: www.dkbaktuelle.com
:scheme: https
:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://jcmusiclab.com/
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jcmusiclab.com/portfolio-archive/sidney-benneth-o-nauta-ano-2021/

Response headers

server: nginx
date: Wed, 06 Oct 2021 17:09:35 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.24 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: br

Redirect headers

server: nginx
date: Wed, 06 Oct 2021 17:09:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.4.24 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4; path=/
location: clients/PtuHRR.php?verification#_
strict-transport-security: max-age=15768000; includeSubDomains

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
24 KB 158ms
88ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2337900
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19138-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 69a07f93cca14e92-FRA

GET
H2 200 helpers.css
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/css/ 41 KB
3 KB 151ms
150ms Stylesheet
text/css 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/css/helpers.css

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/css/helpers.css
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:35 GMT
content-encoding: br
last-modified: Thu, 03 Dec 2020 19:23:20 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"5fc93b28-a318"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css

GET
H2 200 style.css
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/css/ 6 KB
2 KB 146ms
146ms Stylesheet
text/css 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/css/style.css

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

041a3b1bb72355bb1ea072ab495af7ff2a4f8e0d7fe1bf8962fd60b1831641c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/css/style.css
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:35 GMT
content-encoding: br
last-modified: Sat, 02 Oct 2021 03:55:36 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"6157d838-179b"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/css

GET
H2 200 logo.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 3 KB
3 KB 191ms
186ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/logo.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/logo.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
last-modified: Fri, 01 Oct 2021 06:14:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "6156a74c-be2"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3042

GET
H2 200 lo2.png
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 1 KB
1 KB 192ms
187ms Image
image/png 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/lo2.png

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

d81bd3809c4beb500c3068d0c35dd68123f46a15422eac006f9162403a2669e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/lo2.png
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
last-modified: Sat, 02 Oct 2021 01:50:32 GMT
server: nginx
x-powered-by: PleskLin
etag: "6157bae8-474"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 1140

GET
H2 200 ss.png
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 1 KB
1 KB 221ms
216ms Image
image/png 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ss.png

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

f9aca263f4666ffe4c4abf0780e22470abc88389284774dcae17c2a470120223

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ss.png
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
last-modified: Sat, 02 Oct 2021 01:48:38 GMT
server: nginx
x-powered-by: PleskLin
etag: "6157ba76-503"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 1283

GET
H2 200 ss2.png
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 539 B
754 B 221ms
216ms Image
image/png 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ss2.png

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

ed3610839500f4d04a21a1a6a998856463ef4cc20c442235fe33e1daf2c4f311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ss2.png
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "21b-5cd54e9063b80"
last-modified: Sat, 02 Oct 2021 01:50:54 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 539

GET
H2 200 img.jpg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 12 KB
12 KB 287ms
283ms Image
image/jpeg 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/img.jpg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

de763dedf5fbf5a7f0a42ca06cccba4f37f85a35a4bcb378ad5ae886c884bfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/img.jpg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
last-modified: Fri, 01 Oct 2021 07:01:46 GMT
server: nginx
x-powered-by: PleskLin
etag: "6156b25a-301d"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 12317

GET
H2 200 clavier.png
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 594 B
809 B 288ms
283ms Image
image/png 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/clavier.png

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

fa620c4eda4c4857cc0b9cb5eb4417b18f31bae5418859925fbdcad9b622c032

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/clavier.png
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "252-5cd45a62da500"
last-modified: Fri, 01 Oct 2021 07:38:28 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 594

GET
H2 200 username.png
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 877 B
1 KB 288ms
284ms Image
image/png 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/username.png

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

c6d71f0cabdc2af1691c40822100e37a64f4d6f40738c2fe768f72e0a5ecfb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/username.png
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "36d-5cd480b829580"
last-modified: Fri, 01 Oct 2021 10:29:58 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 877

GET
H2 200 password.png
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 702 B
917 B 288ms
284ms Image
image/png 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/password.png

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

8bb16d5637aecc1ae70b7859f7c6c99e9158f55330fb09fafbdf525eebd20330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/password.png
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "2be-5cd480cd24700"
last-modified: Fri, 01 Oct 2021 10:30:20 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 702

GET
H2 200 t%C3%A9l%C3%A9chargement.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 208 B
426 B 288ms
284ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/t%C3%A9l%C3%A9chargement.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/t%C3%A9l%C3%A9chargement.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "d0-5cd45b6de1b00"
last-modified: Fri, 01 Oct 2021 07:43:08 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 208

GET
H2 200 t%C3%A9l%C3%A9chargement%20(1).svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 846 B
1 KB 288ms
285ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/t%C3%A9l%C3%A9chargement%20(1).svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/t%C3%A9l%C3%A9chargement%20(1).svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "34e-5cd462a61a380"
last-modified: Fri, 01 Oct 2021 08:15:26 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 846

GET
H2 200 large.jpg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 29 KB
29 KB 309ms
305ms Image
image/jpeg 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/large.jpg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

5408d9f3668d380c3148ecc04f9401c082f980a88d86962bc906baf0d7abdb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/large.jpg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
last-modified: Fri, 01 Oct 2021 08:35:34 GMT
server: nginx
x-powered-by: PleskLin
etag: "6156c856-7218"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 29208

GET
H2 200 f-bo.png
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 228 B
442 B 312ms
308ms Image
image/png 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/f-bo.png

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

5dccaf064f696cf33c7e12f65f34c21cdbdbf8b988c24aadff68faab44a2f037

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/f-bo.png
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "e4-5cd46d6297800"
last-modified: Fri, 01 Oct 2021 09:03:28 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 228

GET
H2 200 facebook.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 686 B
905 B 312ms
309ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/facebook.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

0b969bfdbb0496aa56664660247d76c9696b29a6e79a126c38acb9983e058ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/facebook.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "2ae-5cd4781773a80"
last-modified: Fri, 01 Oct 2021 09:51:22 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 686

GET
H2 200 insta.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 944 B
1 KB 314ms
311ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/insta.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

fe73e87e02eadba5240358a4eeebeb334e6d8e7eaa9d024f41644241f3adaadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/insta.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "3b0-5cd4782e57080"
last-modified: Fri, 01 Oct 2021 09:51:46 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 944

GET
H2 200 twi.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 856 B
1 KB 314ms
312ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/twi.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

d75a13cddae198bbb040efae849b4daa89b3059e03d928714b074c37a4a8ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/twi.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "358-5cd4783d99480"
last-modified: Fri, 01 Oct 2021 09:52:02 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 856

GET
H2 200 you.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 669 B
888 B 315ms
313ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/you.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

a30c546ea7a8f0861fbe49a030bc0fcc707c7de128c265881d4010906d1e5fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/you.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "29d-5cd47850ac180"
last-modified: Fri, 01 Oct 2021 09:52:22 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 669

GET
H2 200 in.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 864 B
1 KB 316ms
313ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/in.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

44916913841d34baa376b3b72911ed27f16629909ed5c4f1a59be98af036e8af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/in.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "360-5cd47861d6a00"
last-modified: Fri, 01 Oct 2021 09:52:40 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 864

GET
H2 200 xing.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 871 B
1 KB 316ms
314ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/xing.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

54d31025c9536bf38b4f89d7fdc5261bb87dfe924d7445a7d56b43533c86e8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/xing.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
etag: "367-5cd47878ba000"
last-modified: Fri, 01 Oct 2021 09:53:04 GMT
server: nginx
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
x-accel-version: 0.01
accept-ranges: bytes
content-length: 871

GET
H2 200 dkb.svg
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/ 3 KB
3 KB 357ms
356ms Image
image/svg+xml 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/dkb.svg

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

1c9524bad0ee009f3f9e6af79cf3363acbcd6a4f03eec2ca8c16ff794358d81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/imgs/dkb.svg
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
last-modified: Fri, 01 Oct 2021 09:55:44 GMT
server: nginx
x-powered-by: PleskLin
etag: "6156db20-af8"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2808

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 138ms
42ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:35 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1633540175.dop168.fr8.t,1633540175.cds246.fr8.hn,1633540175.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 117ms
49ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2337900
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19180-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 69a07f93cca54e92-FRA

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ 1 MB
355 KB 122ms
49ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2040560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 362308
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-123bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVJql3GYm7lvnUuGtNyyhKHE9X3X%2BIxrGQuk95tzlxhEd2h8EWV6DBPKbOGIcVMA5K%2F%2BKwiwAY6QMe3I5GG23wPsqvaSTqAVLFpyuwfnqotc77gbt6v5GG1IPI9DD6sX1OQhOOpYc7na6OvZ1hJEvNmt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69a07f93d9054a74-FRA
expires: Mon, 26 Sep 2022 17:09:35 GMT

GET
H2 200 jquery.payment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/ 8 KB
3 KB 121ms
48ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3617384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-210b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTmEYdMlRqjA7bBNcqsCOCr6sTLQ9HksOGVzGrFrF8ydQtOAD7w2SlxqvFrfbCZR0gzw1L6FFDWWaITumL6AxdLOaQCr1qbQDAHES0GOFhXIygMlupiiUVPixVxKd7kT9XCg4Bz5bqfyrYdckbnbOYgO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69a07f93d9074a74-FRA
expires: Mon, 26 Sep 2022 17:09:35 GMT

GET
H2 200 script.js Show response
www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/js/ 154 B
308 B 191ms
186ms Script
application/javascript 137.184.111.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/js/script.js

Requested by

Host: www.dkbaktuelle.com
URL: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.184.111.84 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PleskLin

Resource Hash

01066344ed84a8cfc6518af2398dead9ce515b86e710c4ad301049541722ddd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:path: /Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/assets/js/script.js
pragma: no-cache
cookie: PHPSESSID=jc9iffrhrlkhviel14dtc7ahd4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dkbaktuelle.com
referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.dkbaktuelle.com/Angabener/beraten/t874t437RwWMn6NVnQ6Nvy/clients/PtuHRR.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:09:36 GMT
content-encoding: br
last-modified: Sun, 20 Dec 2020 04:10:22 GMT
x-accel-version: 0.01
x-powered-by: PleskLin
etag: W/"9a-5b6dd852e8780"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: application/javascript
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1210.e2a3f80&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2271&ck=1&ref=https://santagolfjdkb2102.clickfunnels.com/optin1633431167565

Domain: santagolfjdkb2102.clickfunnels.com
URL: https://santagolfjdkb2102.clickfunnels.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DKB (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clickfunnels.com/	1970-01-19 21:45:41	Name: __cf_bm Value: nQDt.Ch6vXUS1eJ.9fsyl0cP5EJL_xzadIoxOUlltjc-1633540171-0-AZxfFmUrknnB35YP+AMbYnpM9gsU9tmmQ+Uq/1+zEz19offHC5m/IgIvpMfvUHJzpRfxf2/itFElL4XAq2XNHOOWciF7QClI+0fzGjwtU3Hu
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:aff_sub2 Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:aff_sub3 Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:aff_sub Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:affiliate_id Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:cf_affiliate_id Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:content Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:medium Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:name Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:source Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:term Value:
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:NTEwNjk2NjU Value: :visited=true
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: cf:visitor_id Value: ee717b7c-54df-4458-a71d-9d7f4dac6bf7
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: addevent_track_cookie Value: d0f0c29d-b6a8-47ec-c32c-82b4d86e9207
santagolfjdkb2102.clickfunnels.com/	1969-12-31 23:59:59	Name: is_eu Value: true
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: o7gfu4duobdd69s4 Value: true
santagolfjdkb2102.clickfunnels.com/	1970-01-20 06:31:16	Name: 11482617_viewed_1 Value: 1
.google.com/	1970-01-25 20:05:16	Name: CONSENT Value: PENDING+858
www.dkbaktuelle.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jc9iffrhrlkhviel14dtc7ahd4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
assets.clickfunnels.com
bam-cell.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
images.clickfunnels.com
jcmusiclab.com
js-agent.newrelic.com
santagolfjdkb2102.clickfunnels.com
static.cloudflareinsights.com
track.addevent.com
use.fontawesome.com
www.clickfunnels.com
www.dkbaktuelle.com
www.google.com
bam-cell.nr-data.net
santagolfjdkb2102.clickfunnels.com
137.184.111.84
151.101.2.137
162.247.243.146
2001:4de0:ac18::1:a:3b
2606:4700:3031::ac43:d645
2606:4700:3036::6815:3247
2606:4700::6810:10c2
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6810:5f41
2606:4700::6810:cc2
2a00:1450:4001:801::200a
2a00:1450:4001:82f::2004
52.16.116.2
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
01066344ed84a8cfc6518af2398dead9ce515b86e710c4ad301049541722ddd9
0248c7533d61acdfee82cfe1dbe8ace01be8a1fcc4ad2e7bfc6eba6e925a42ee
041a3b1bb72355bb1ea072ab495af7ff2a4f8e0d7fe1bf8962fd60b1831641c7
0b969bfdbb0496aa56664660247d76c9696b29a6e79a126c38acb9983e058ee9
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
1c9524bad0ee009f3f9e6af79cf3363acbcd6a4f03eec2ca8c16ff794358d81d
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
3192ba93cb31f7fecf507ab899b4279ced7d91716f9fd5e3b200410375a6cbf0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3df30f24b3ea55e410452fdbcc9d946cedb32f33f67b308cc0aac78406eb1cd7
40b1e129fd55c17b3a1234e2ef332ca0cd7526573e60f78fa7fe11cc4b52549f
44916913841d34baa376b3b72911ed27f16629909ed5c4f1a59be98af036e8af
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5408d9f3668d380c3148ecc04f9401c082f980a88d86962bc906baf0d7abdb28
54d31025c9536bf38b4f89d7fdc5261bb87dfe924d7445a7d56b43533c86e8cb
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5dccaf064f696cf33c7e12f65f34c21cdbdbf8b988c24aadff68faab44a2f037
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
6095c4b2fc25c6534e68ddcbcd1fb58f2634036f75262042c215c74a9285bc79
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
72e1af139f74424d56589a3d06474355afb141c3bd72a38d141c19f851bbc2ca
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
747ab15ba70423bcac90e457a373762e8d1d591d8b1bec35ea4dca689ec78999
8bb16d5637aecc1ae70b7859f7c6c99e9158f55330fb09fafbdf525eebd20330
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
9ca4051118d2418534341c66783c405c82d0d3a105f49be8e8870f6e87868eac
a30c546ea7a8f0861fbe49a030bc0fcc707c7de128c265881d4010906d1e5fcb
a5c8662e5ed63a18a303129c70c0e65c3bf22cb6a93bc839f52a070e54f9881a
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ad7654b05d26ff7640811ff6adb2e757693ac43f4904829660de3b4659351dbc
c6d71f0cabdc2af1691c40822100e37a64f4d6f40738c2fe768f72e0a5ecfb54
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
d75a13cddae198bbb040efae849b4daa89b3059e03d928714b074c37a4a8ecf7
d81bd3809c4beb500c3068d0c35dd68123f46a15422eac006f9162403a2669e0
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de763dedf5fbf5a7f0a42ca06cccba4f37f85a35a4bcb378ad5ae886c884bfcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3610839500f4d04a21a1a6a998856463ef4cc20c442235fe33e1daf2c4f311
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765
f9aca263f4666ffe4c4abf0780e22470abc88389284774dcae17c2a470120223
fa620c4eda4c4857cc0b9cb5eb4417b18f31bae5418859925fbdcad9b622c032
fe73e87e02eadba5240358a4eeebeb334e6d8e7eaa9d024f41644241f3adaadd

www.dkbaktuelle.com Open in urlscan Pro 137.184.111.84 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

71 %IPv6

13 Domains

17 Subdomains

15 IPs

4 Countries

1302 kBTransfer

4556 kBSize

19 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dkbaktuelle.com Open in urlscan Pro
137.184.111.84 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

71 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

1302 kB
Transfer

4556 kB
Size

19
Cookies

52 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!