postkarten.lima-city.de Open in urlscan Pro
2a00:f48:2000:affe::50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.postkarten.lima-city.at/
Effective URL:
https://postkarten.lima-city.de/noe
Submission: On December 24 via automatic, source certstream-suspicious (December 24th 2021, 11:28:11 am UTC) — Scanned from DE

Summary HTTP 40 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 40 HTTP transactions. The main IP is 2a00:f48:2000:affe::50, located in Germany and belongs to TTM, DE. The main domain is postkarten.lima-city.de.
TLS certificate: Issued by R3 on October 30th 2021. Valid for: 3 months.

This is the only time postkarten.lima-city.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 8	2a00:f48:2000... 2a00:f48:2000:affe::50	47447 (TTM) (TTM)
1	52.95.114.233 52.95.114.233	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 1	52.95.124.70 52.95.124.70	16509 (AMAZON-02) (AMAZON-02)
1	52.94.216.147 52.94.216.147	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::272	54113 (FASTLY) (FASTLY)
2	52.94.218.163 52.94.218.163	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
40	19

8 2a00:f48:2000:affe::50 (Germany) 3 redirects

ASN47447 (TTM, DE)

www.postkarten.lima-city.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
postkarten.lima-city.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.114.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ir-de.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.124.70 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rcm-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.216.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ws-eu.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::272 (United States)

ASN54113 (FASTLY, US)

images-eu.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.218.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

fls-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	214 KB
7	lima-city.de 2 redirects postkarten.lima-city.de	38 KB
5	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	35 KB
4	amazon-adsystem.com 1 redirects ir-de.amazon-adsystem.com rcm-eu.amazon-adsystem.com fls-eu.amazon-adsystem.com	1 KB
3	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	82 KB
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	ssl-images-amazon.com images-eu.ssl-images-amazon.com	5 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	646 B
1	assoc-amazon.com ws-eu.assoc-amazon.com	44 KB
1	lima-city.at 1 redirects www.postkarten.lima-city.at	220 B
40	14

	Domain	Requested by
8	pagead2.googlesyndication.com	postkarten.lima-city.de pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	postkarten.lima-city.de	2 redirects postkarten.lima-city.de
6	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fls-eu.amazon-adsystem.com	ws-eu.assoc-amazon.com
2	www.google-analytics.com	postkarten.lima-city.de
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	images-eu.ssl-images-amazon.com	ws-eu.assoc-amazon.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ws-eu.assoc-amazon.com	postkarten.lima-city.de
1	rcm-eu.amazon-adsystem.com	1 redirects
1	ir-de.amazon-adsystem.com	postkarten.lima-city.de
1	www.postkarten.lima-city.at	1 redirects
40	21

This site contains links to these domains. Also see Links.

Domain
www.amazon.de

Subject Issuer	Validity	Valid
oderat.12hp.at R3	`2021-10-30` - `2022-01-28`	3 months	crt.sh
www.assoc-amazon.it Amazon	`2021-09-23` - `2022-08-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ws-eu.assoc-amazon.com Amazon	`2021-11-05` - `2022-10-21`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2021-08-09` - `2022-07-24`	a year	crt.sh
fls-eu.amazon-adsystem.com Amazon	`2021-07-01` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://postkarten.lima-city.de/noe
Frame ID: BF194CA85C03D45533CAD5C4CBB0B287
Requests: 17 HTTP requests in this frame

Frame: https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr
Frame ID: 027E8561D66FBE8F620F99D871F6E331
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 930417D318FE45C9CEAAB03A38CA4B55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915872678596134&output=html&h=125&slotname=4691237070&adk=1794753953&adf=214406473&pi=t.ma~as.4691237070&w=125&lmt=1640345286&psa=0&format=125x125&url=https%3A%2F%2Fpostkarten.lima-city.de%2Fnoe&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640345286694&bpp=4&bdt=149&idt=85&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=7610225616596&frm=20&pv=2&ga_vid=1614283314.1640345287&ga_sid=1640345287&ga_hid=1187539907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=586&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=4199943186215282&pem=75&tmod=651&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=a411LQJsPC&p=https%3A//postkarten.lima-city.de&dtd=105
Frame ID: 66AEEF01CB8D5A9E40669F9DED9CE49C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915872678596134&output=html&adk=1812271804&adf=3025194257&lmt=1640345286&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpostkarten.lima-city.de%2Fnoe&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640345286709&bpp=1&bdt=164&idt=97&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=125x125&nras=1&correlator=7610225616596&frm=20&pv=1&ga_vid=1614283314.1640345287&ga_sid=1640345287&ga_hid=1187539907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=4199943186215282&pem=75&tmod=651&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=101
Frame ID: 708B6CD3D321DF24F6B6A0D01052C461
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 5874667EC96BB664FE7749B6DAD33928
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFDAC67FA0A0231F1A59411BF209ADDB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B56205386E005C25688B78B1F62B0E98
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Alte Ansichtskarten und Postkarten

Page URL History Show full URLs

https://www.postkarten.lima-city.at/ HTTP 301
http://postkarten.lima-city.de/ HTTP 301
https://postkarten.lima-city.de/ HTTP 301
https://postkarten.lima-city.de/noe Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

40
Requests

98 %
HTTPS

74 %
IPv6

14
Domains

21
Subdomains

19
IPs

4
Countries

479 kB
Transfer

1019 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.amazon.de/gp/search?ie=UTF8&camp=1638&creative=6742&index=books&keywords=der%20bezirk%20in%20alten%20ansichtskarten&linkCode=ur2&tag=postkartenlimacity-21&linkId=TAFDDHGR7H3A2JKZ
Title: Weitere Ansichten und Bücher

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.postkarten.lima-city.at/ HTTP 301
http://postkarten.lima-city.de/ HTTP 301
https://postkarten.lima-city.de/ HTTP 301
https://postkarten.lima-city.de/noe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://rcm-eu.amazon-adsystem.com/e/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr HTTP 302
https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request noe Show response
postkarten.lima-city.de/
Redirect Chain

https://www.postkarten.lima-city.at/
http://postkarten.lima-city.de/
https://postkarten.lima-city.de/
https://postkarten.lima-city.de/noe

4 KB
2 KB

53ms
52ms

Document
text/html

2a00:f48:2000:affe::50
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://postkarten.lima-city.de/noe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

openresty / PHP/7.4.26

Resource Hash

f6a8415cabf9e5d6588f0981d3fe3b9db0384ba87ba4c45aff3c3aad575a2cab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty
date: Fri, 24 Dec 2021 11:28:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
x-lima-id: arM6zJI5yiXMbTpcOP
x-powered-by: PHP/7.4.26
content-security-policy: upgrade-insecure-requests
content-encoding: gzip

Redirect headers

server: openresty
date: Fri, 24 Dec 2021 11:28:08 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-lima-id: ar9WkCAyKsNRBbdfQy
x-powered-by: PHP/7.4.26
location: /noe
content-security-policy: upgrade-insecure-requests

GET
H2 200 style.css
postkarten.lima-city.de/ref/ 2 KB
1 KB 34ms
34ms Stylesheet
text/css 2a00:f48:2000:affe::50
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://postkarten.lima-city.de/ref/style.css

Requested by

Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

openresty /

Resource Hash

932a9e5a57f819bfbcfd685ef28eb5b964f1d9bfd7dba2837649dd43483140b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/noe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:08 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2012 10:08:01 GMT
server: openresty
etag: W/"86b-4b98ab3dbe240"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
x-lima-id: arxVuNwvfYlvoph8aW
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests
expires: Sun, 23 Jan 2022 11:28:06 GMT

GET
H2 200 ga.js Show response
postkarten.lima-city.de/ 475 B
818 B 33ms
33ms Script
application/javascript 2a00:f48:2000:affe::50
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://postkarten.lima-city.de/ga.js

Requested by

Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

openresty /

Resource Hash

f0b0a17df33e7319a24dfb7c1532867de136ebc7e61a43e6c36434142b487a6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/noe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:08 GMT
last-modified: Wed, 15 Oct 2014 15:07:11 GMT
server: openresty
etag: "1db-505777c7765c0"
vary: Accept-Encoding
content-type: application/javascript
x-lima-id: arAq4OGDSWLYuND0Ht
cache-control: max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 475
expires: Fri, 31 Dec 2021 11:28:06 GMT

GET
H2 200 topleft.gif
postkarten.lima-city.de/ref/ 32 KB
33 KB 43ms
43ms Image
image/gif 2a00:f48:2000:affe::50
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://postkarten.lima-city.de/ref/topleft.gif

Requested by

Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

openresty /

Resource Hash

30f1e456aee1d3a055b5ee7b84de01f8db488015997e4a683e73c59d5f132968

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/noe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:08 GMT
last-modified: Wed, 01 Jun 2011 11:46:42 GMT
server: openresty
etag: "81b9-4a4a512fd6c80"
content-type: image/gif
x-lima-id: arxyQWb3nrOi6CoFie
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 33209
expires: Sun, 23 Jan 2022 11:28:06 GMT

GET
H/1.1 200 ir
ir-de.amazon-adsystem.com/e/ 42 B
159 B 139ms
29ms Image
image/gif 52.95.114.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir-de.amazon-adsystem.com/e/ir?t=postkartenlimacity-21&l=ur2&o=3
Requested by: Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.114.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache
Connection: close
Content-Length: 42
Content-Type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 63ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c3069de6ceadb1df1f32d7183ab5cd6a1a4388485e4ca99edee8e223c304f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51822
x-xss-protection: 0
server: cafe
etag: 2462160815367283554
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 11:28:06 GMT

GET
H2 200 scripts.js Show response
postkarten.lima-city.de/ref/ 1 KB
881 B 31ms
31ms Script
application/javascript 2a00:f48:2000:affe::50
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://postkarten.lima-city.de/ref/scripts.js

Requested by

Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:affe::50 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

openresty /

Resource Hash

e4e15f9553c98f70b6fd8725b2a78fbc8ea887124410db4bd2ed48e9db3e6bfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/noe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:08 GMT
content-encoding: gzip
last-modified: Wed, 01 Jun 2011 11:46:40 GMT
server: openresty
etag: W/"526-4a4a512dee800"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-lima-id: arh6SrBZ5aCrMGNrMP
cache-control: max-age=604800
content-security-policy: upgrade-insecure-requests
expires: Fri, 31 Dec 2021 11:28:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6792
date: Fri, 24 Dec 2021 09:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Dec 2021 11:34:54 GMT

GET
H/1.1

200
200

cm Show response
ws-eu.assoc-amazon.com/widgets/ Frame 027E
Redirect Chain

https://rcm-eu.amazon-adsystem.com/e/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr
https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr

44 KB
44 KB

141ms
37ms

Document
text/html

52.94.216.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr
Requested by: Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 27b0d79083e8dbefadb77b44316a279edace8fb80e2c237efbc563138a82ce24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 24 Dec 2021 11:28:06 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
charset: UTF-8
Access-Control-Allow-Origin: *
Content-Length: 44881
Vary: User-Agent
Connection: close
Content-Type: text/html;charset=UTF-8

Redirect headers

Server: Server
Date: Fri, 24 Dec 2021 11:28:06 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 339
Connection: keep-alive
x-amz-rid: R4WRT5CBN8TFQTGBPH1K
Location: https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Permissions-Policy: interest-cohort=()

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 65ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16192935-1&cid=1614283314.1640345287&jid=947828584&gjid=126899954&_gid=1156843434.1640345287&_u=IGBAgEABAAAAAE~&z=845355803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://postkarten.lima-city.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Dec 2021 11:28:06 GMT
content-type: text/plain
access-control-allow-origin: https://postkarten.lima-city.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1187539907&t=pageview&_s=1&dl=https%3A%2F%2Fpostkarten.lima-city.de%2Fnoe&ul=en-us&de=UTF-8&dt=Alte%20Ansichtskarten%20und%20Postkarten&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=947828584&gjid=126899954&cid=1614283314.1640345287&tid=UA-16192935-1&_gid=1156843434.1640345287&z=534757546

Requested by

Host: postkarten.lima-city.de
URL: https://postkarten.lima-city.de/noe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Dec 2021 01:49:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34729
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 51ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6915872678596134&plah=postkarten.lima-city.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Dec 2021 11:28:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 9304 11 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Dec 2021 18:37:20 GMT
expires: Thu, 06 Jan 2022 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 60646
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
646 B 53ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=postkarten.lima-city.de&callback=_gfp_s_&client=ca-pub-6915872678596134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6915872678596134&plah=postkarten.lima-city.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

fd4aee45669a6359bc41bd25d574f3a62674ee52dbaa911da48b7ee36c9fa334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=postkarten.lima-city.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Dec 2021 11:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=postkarten.lima-city.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Dec 2021 11:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 66AE 83 KB
29 KB 492ms
478ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915872678596134&output=html&h=125&slotname=4691237070&adk=1794753953&adf=214406473&pi=t.ma~as.4691237070&w=125&lmt=1640345286&psa=0&format=125x125&url=https%3A%2F%2Fpostkarten.lima-city.de%2Fnoe&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640345286694&bpp=4&bdt=149&idt=85&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=7610225616596&frm=20&pv=2&ga_vid=1614283314.1640345287&ga_sid=1640345287&ga_hid=1187539907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=586&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=4199943186215282&pem=75&tmod=651&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=a411LQJsPC&p=https%3A//postkarten.lima-city.de&dtd=105

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e6d77c0aa417919e0c73f355408174c6818ee87fb4d53867cc972c8952feb60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Dec 2021 11:28:07 GMT
server: cafe
content-length: 29937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Dec 2021 11:28:07 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 708B 0
19 B 95ms
90ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915872678596134&output=html&adk=1812271804&adf=3025194257&lmt=1640345286&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpostkarten.lima-city.de%2Fnoe&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640345286709&bpp=1&bdt=164&idt=97&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=125x125&nras=1&correlator=7610225616596&frm=20&pv=1&ga_vid=1614283314.1640345287&ga_sid=1640345287&ga_hid=1187539907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=4199943186215282&pem=75&tmod=651&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=101

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 24 Dec 2021 11:28:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 24 Dec 2021 11:28:06 GMT
cache-control: private

GET
H2 200 DE_Asso_18-7-14_banners_SSD_changes_120x90.gif
images-eu.ssl-images-amazon.com/images/G/03/associates/maitri/banner/ Frame 027E 5 KB
5 KB 33ms
7ms Image
image/gif 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-eu.ssl-images-amazon.com/images/G/03/associates/maitri/banner/DE_Asso_18-7-14_banners_SSD_changes_120x90.gif
Requested by: Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99b5c85a3bef4ea9af935605a11ad2bfe8f45944c771c48e903b596499879ee1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-eu.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: https://www.amazon.de
date: Fri, 24 Dec 2021 11:28:07 GMT
last-modified: Tue, 12 Aug 2014 06:32:02 GMT
age: 65343
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 03:02:38 GMT
cache-control: max-age=86400,public
x-amz-ir-id: 472fc99e-2935-4729-8285-2955c3c7dc90
accept-ranges: bytes
content-type: image/gif
content-length: 5038
x-served-by: cache-dca17758-DCA, cache-fra19130-FRA

GET
H/1.1 200
OK json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 027E 43 B
200 B 137ms
31ms Image
image/gif 52.94.218.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1640345286986&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22DE%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by: Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.218.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-eu.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 24 Dec 2021 11:28:06 GMT
x-amzn-RequestId: 5b458564-f670-4e9c-9c55-94eb24112eaf
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 027E 43 B
200 B 136ms
30ms Image
image/gif 52.94.218.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1640345286986&p=%7B%22program%22%3A%223%22%2C%22tag%22%3A%22postkartenlimacity-21%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22%22%2C%22panda%22%3Atrue%7D
Requested by: Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?t=postkartenlimacity-21&o=3&p=20&l=ur1&category=generic&banner=1VH46RJT28QKG4Q5HM02&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.218.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-eu.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 24 Dec 2021 11:28:06 GMT
x-amzn-RequestId: 39c39cc2-4ff8-4736-92e2-8f1bc67f0471
Content-Length: 43
Content-Type: image/gif

GET
H2 200 css
fonts.googleapis.com/ Frame 66AE 2 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915872678596134&output=html&h=125&slotname=4691237070&adk=1794753953&adf=214406473&pi=t.ma~as.4691237070&w=125&lmt=1640345286&psa=0&format=125x125&url=https%3A%2F%2Fpostkarten.lima-city.de%2Fnoe&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640345286694&bpp=4&bdt=149&idt=85&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=7610225616596&frm=20&pv=2&ga_vid=1614283314.1640345287&ga_sid=1640345287&ga_hid=1187539907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=586&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=4199943186215282&pem=75&tmod=651&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=a411LQJsPC&p=https%3A//postkarten.lima-city.de&dtd=105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Dec 2021 09:54:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 24 Dec 2021 11:28:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Dec 2021 11:28:07 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 66AE 1 KB
959 B 35ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 11:24:05 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 66AE 19 KB
8 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 11:18:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 66AE 2 KB
1 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 11:24:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66AE 119 KB
37 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Dec 2021 11:28:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 66AE 15 KB
6 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 11:21:53 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 66AE 27 KB
12 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 14:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 20 Mar 2022 14:37:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 66AE 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COaNrxq7FYfqXM_LxxgO3-rLoB-ezlalnku6P3ekO0JCA7JACEAEg6s_NJGCV4pCCoAegAcWn4pgDyAEJqQI34WjL_QGzPqgDAcgDywSqBNUBT9BC1G5_nh56p9wQcarS8UWPoPd4HJrMFe-fVF23ozMKjfds14uYyuZ0j39lVdEg7gbHLElEwn9Lr7QzrivhUG9cIDUZd59gew4SW5bs40CaEjFXme9pI7hylgTjZ9OqDeT-5H4uT3eYltyLm7L_pM5otqaTprNCfugnFtMvEMCkzW9p_ole3euXC-uj-Ywccb_TA2X9HDkG-0jCE5sOf-iSFcg-nZzCDJg3tL6zEgVyezBZRdmjQV844wQNGHD6FmRQIhKGSsXgI1fQo37BGbSIlLUnwAS1xO3k3wOSBQQIBBgBkgUECAUYBKAGLoAHo9idZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDOrhnSCAkIgOGAEBABGB-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNjkxNTg3MjY3ODU5NjEzNBgA&sigh=RLyCyrL4CHM&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6915872678596134&output=html&h=125&slotname=4691237070&adk=1794753953&adf=214406473&pi=t.ma~as.4691237070&w=125&lmt=1640345286&psa=0&format=125x125&url=https%3A%2F%2Fpostkarten.lima-city.de%2Fnoe&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640345286694&bpp=4&bdt=149&idt=85&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=7610225616596&frm=20&pv=2&ga_vid=1614283314.1640345287&ga_sid=1640345287&ga_hid=1187539907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=586&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=4199943186215282&pem=75&tmod=651&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=a411LQJsPC&p=https%3A//postkarten.lima-city.de&dtd=105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 24 Dec 2021 11:28:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Dec 2021 11:28:07 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 66AE 48 KB
49 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS9O-gzexx5bXOi71Qcf5xdnUDXF5CdCVGAOOL8uboxOspLXZxAEuyhHsE_wP8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57520af13f3e0203f71cfaf903233f63595db0dc8b5759953b9f9f41cb7d934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 16:18:59 GMT
x-content-type-options: nosniff
age: 155348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49288
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 13:26:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Dec 2022 16:18:59 GMT

GET
DATA 200
OK truncated
/ Frame 66AE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 250cf3e1908d354aca384c2bdb97f46288dd2a247dd520f34c231c00ed55cfe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 66AE 20 KB
21 KB 200ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 09:49:59 GMT
x-content-type-options: nosniff
age: 178688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 09:49:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 34ms
19ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5ee65e4640c74c5e977a62767c436186f9e3e23816d7fdcb86c19b11acf575a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Dec 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8635
x-xss-protection: 0

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5874 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 09:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Dec 2022 09:36:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 24 Dec 2021 11:28:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFDA 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 24 Dec 2021 11:11:28 GMT
expires: Sat, 24 Dec 2022 11:11:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B562 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8069d200603c9cabd402cbc66f02afea4d6f303be2c80da0df15edd8f4cfdcf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ylLftW/nC9zfo94BsFi1GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 24 Dec 2021 11:28:07 GMT
date: Fri, 24 Dec 2021 11:28:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ylLftW/nC9zfo94BsFi1GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame FFDA 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 09:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Dec 2022 09:36:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B562 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=4199943186215282&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=4199943186215282&bg=!enmleT3NAAZKWFskSlg7ACkAdvg8WoZh5MWRqT2P6LMIMp66Y_-Gzuu5EcZLadCEdbCc_IMTt6bZrQIAAABcUgAAAAdoAQcKAKjWPKDcV1-m6EGinKGWaRJrKmpXgJSwmT02cexNl_hy1Kvx05HtaZgCxGL-ecKsgwtne3zWSvkiPVniiXWKXeO2Sm-x3s6XKCwUAm0PPFbjc_Ycjwd8ydd7o1_h1qcboKSE6kZOBUViN8rybxZE4OobBcPy3cBlH9BPAh-wh_L9Y8zsNRMN8TTXXGnvlCHMsuU4a3BEEF8vXSxS9teBUluQoPH9QaJ4GlyZAr0tuxkwy363iT4d5L9UOISLStczOLfGQCPN-UP3Zq7KgsQ9CPe3oULGiT6T3GW93uemSd5OPelJ738XbDvdIoJRQMvCgHpaG3qEevPUgxpOk0R6vRHyHR2cFPLQzg_LuKH2w2uoF-ETdCztK53x_VPqsX-erAE10wcL1mXGeHhsp5wfQCBN-fhgaUs49-EfCSQ3yw2ontn5wh2oH8BJ5ww7xx_wByr4M7-2Cs_ULQIPIBIQhYis1IsQk94ftcQKYzS40WkKew9OmT4DhfHpHE7wSqqZZf4SoUk2ZorL8QhTghNsLb0Xql67Qosljt8jAFrkEIKm5KDADOoEClbXAObBHkTaSBCxzbqWsLZa7w-cct2IbI9H-n5Dnmn-6Yu3qh10yymeYhQLHKDc8rN9NB_LWUWId9o8nD-sR7a9rITGGbZLCXnhlBmcYsB6pyxfNF9HClnLj20OJxiwQpkIgzLiKSWt0KHYwolyKrFc6HL13sc6lmxfZhi-pPU74kYR9LH3YoDKamgMCwLy_c-zbDf4gwfTt0P52MdUh9RzJwGNqWm3EcS_Y6P6x86q9qumOP9NHDnK9BMGLilm_Xd6OhTD8tA5zMaMc8jIZVu4Jm0IEQ7yZp19UikEewTkdBIVDVtNTw4xxYHPB0XTqABK4sjrY9WQ5dlhZKVZYrPyNP_Wpk6-smr_YW6ROUi2lSIbYBPIwOvkw1qbIDTf6m7kIKVSfAinbEnIqvbrMlYXJATw5hKpAOp6Mu1Nhvn74A5Ro477i2LdkiNSivVZJ3bGgOaz2qyy2FIIOvnWKtK8kEUQRto9VYzJeNNYi3nc3d8GhqFnPbxQatBztcylJvcPL1KYGt8_slk7WWNLogp0h05fCAcUVulOw_pgJ-Yn8TLdNrEqLqWM8ZHDh1XFvUppTM7XKNL4kBixDWp5X1jfbQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://postkarten.lima-city.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Dec 2021 11:28:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 66AE 42 B
64 B 84ms
84ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhGGpxUTtfr4G_VWQGEbCIQwQ7sk0pIpkHFW60RnmTNWAAWzdse-VhxrJb2SXHrKRjUqiGDJbHiocoMH2b0w_N6TjTfV1i0NulaWgIYjmT5GHw0yWjGQ&sai=AMfl-YQhH5vmMrNmvv2mEDJEp6mc03AKIKjljsDhrDUB1nC03yudEOag_5PVF3qWv5ZQwRpbzfbCFvoNhauN&sig=Cg0ArKJSzCqifB3L_ABJEAE&id=lidar2&mcvt=1000&p=0,0,125,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1794753953&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640345286801&rpt=816&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Dec 2021 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.postkarten.lima-city.at/	1970-01-24 10:54:32	Name: _lcp Value: a
postkarten.lima-city.de/	1970-01-24 10:54:32	Name: _lcp Value: a
postkarten.lima-city.de/	1970-01-24 10:54:32	Name: _lcp2 Value: a
.postkarten.lima-city.de/	1970-01-20 17:10:17	Name: _ga Value: GA1.3.1614283314.1640345287
.postkarten.lima-city.de/	1970-01-19 23:40:31	Name: _gid Value: GA1.3.1156843434.1640345287
.postkarten.lima-city.de/	1970-01-19 23:39:05	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 09:00:41	Name: IDE Value: AHWqTUkDCmNcbSMu2YjZcThJyQYEsF3FvSRRXL8adUtyS6NE4i_h06IUBGDweSStSsw
postkarten.lima-city.de/	1970-01-24 10:54:32	Name: _lcp3 Value: a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
encrypted-tbn3.gstatic.com
fls-eu.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images-eu.ssl-images-amazon.com
ir-de.amazon-adsystem.com
pagead2.googlesyndication.com
partner.googleadservices.com
postkarten.lima-city.de
rcm-eu.amazon-adsystem.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ws-eu.assoc-amazon.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.postkarten.lima-city.at
142.250.181.226
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c06::9c
2a00:f48:2000:affe::50
2a04:4e42:600::272
52.94.216.147
52.94.218.163
52.95.114.233
52.95.124.70
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
250cf3e1908d354aca384c2bdb97f46288dd2a247dd520f34c231c00ed55cfe9
27b0d79083e8dbefadb77b44316a279edace8fb80e2c237efbc563138a82ce24
30f1e456aee1d3a055b5ee7b84de01f8db488015997e4a683e73c59d5f132968
35c3069de6ceadb1df1f32d7183ab5cd6a1a4388485e4ca99edee8e223c304f2
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6d77c0aa417919e0c73f355408174c6818ee87fb4d53867cc972c8952feb60
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
8069d200603c9cabd402cbc66f02afea4d6f303be2c80da0df15edd8f4cfdcf8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
932a9e5a57f819bfbcfd685ef28eb5b964f1d9bfd7dba2837649dd43483140b5
99b5c85a3bef4ea9af935605a11ad2bfe8f45944c771c48e903b596499879ee1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57520af13f3e0203f71cfaf903233f63595db0dc8b5759953b9f9f41cb7d934
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
d5ee65e4640c74c5e977a62767c436186f9e3e23816d7fdcb86c19b11acf575a
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e15f9553c98f70b6fd8725b2a78fbc8ea887124410db4bd2ed48e9db3e6bfe
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b0a17df33e7319a24dfb7c1532867de136ebc7e61a43e6c36434142b487a6e
f6a8415cabf9e5d6588f0981d3fe3b9db0384ba87ba4c45aff3c3aad575a2cab
fd4aee45669a6359bc41bd25d574f3a62674ee52dbaa911da48b7ee36c9fa334
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

postkarten.lima-city.de Open in urlscan Pro 2a00:f48:2000:affe::50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

74 %IPv6

14 Domains

21 Subdomains

19 IPs

4 Countries

479 kBTransfer

1019 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

postkarten.lima-city.de Open in urlscan Pro
2a00:f48:2000:affe::50 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

74 %
IPv6

14
Domains

21
Subdomains

19
IPs

4
Countries

479 kB
Transfer

1019 kB
Size

8
Cookies

40 HTTP transactions
1 data transactions