coronaschutz.kaufen Open in urlscan Pro
37.120.186.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coronaschutz.kaufen/
Effective URL:
https://coronaschutz.kaufen/
Submission Tags: falconsandbox
Submission: On May 26 via api (May 26th 2021, 7:49:29 pm UTC) from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 53 HTTP transactions. The main IP is 37.120.186.16, located in Villmar, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is coronaschutz.kaufen.
TLS certificate: Issued by R3 on April 26th 2021. Valid for: 3 months.

This is the only time coronaschutz.kaufen was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	37.120.186.16 37.120.186.16	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
8	2600:9000:211... 2600:9000:211e:6000:f:c1aa:3200:21	16509 (AMAZON-02) (AMAZON-02)
1	52.219.171.21 52.219.171.21	16509 (AMAZON-02) (AMAZON-02)
5	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.159.51 13.226.159.51	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
7	138.201.222.21 138.201.222.21	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	144.76.66.83 144.76.66.83	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3035::6815:e39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
53	20

12 37.120.186.16 (Villmar, Germany) 1 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v22018046173565274.happysrv.de

coronaschutz.kaufen	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:211e:6000:f:c1aa:3200:21 (United States)

ASN16509 (AMAZON-02, US)

d2twg4x5n2cseg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.171.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-51.dus51.r.cloudfront.net

static-eu.payments-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.201.222.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn.trustami.com

cdn.trustami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.66.83 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: app.trustami.com

app.trustami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:e39 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.intedia.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.doofinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	coronaschutz.kaufen 1 redirects coronaschutz.kaufen	506 KB
8	trustami.com cdn.trustami.com app.trustami.com	30 KB
8	cloudfront.net d2twg4x5n2cseg.cloudfront.net	952 KB
5	paypal.com www.paypal.com t.paypal.com	94 KB
4	google-analytics.com www.google-analytics.com	21 KB
3	google.de www.google.de	234 B
3	google.com www.google.com	246 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
1	doofinder.com cdn.doofinder.com eu1-search.doofinder.com Failed	92 KB
1	intedia.de cdn.intedia.de	1012 B
1	paypalobjects.com www.paypalobjects.com	417 B
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	payments-amazon.com static-eu.payments-amazon.com	18 KB
1	amazonaws.com s3.eu-central-1.amazonaws.com	37 KB
53	15

	Domain	Requested by
12	coronaschutz.kaufen	1 redirects coronaschutz.kaufen
8	d2twg4x5n2cseg.cloudfront.net	coronaschutz.kaufen
7	cdn.trustami.com	coronaschutz.kaufen cdn.trustami.com
4	www.google-analytics.com	www.googletagmanager.com coronaschutz.kaufen www.google-analytics.com
4	www.paypal.com	coronaschutz.kaufen www.paypal.com
3	www.google.de	coronaschutz.kaufen
3	www.google.com	coronaschutz.kaufen
2	stats.g.doubleclick.net	www.google-analytics.com
1	t.paypal.com	coronaschutz.kaufen
1	cdn.doofinder.com	cdn.intedia.de
1	cdn.intedia.de	coronaschutz.kaufen
1	www.paypalobjects.com	www.paypal.com
1	app.trustami.com	cdn.trustami.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	coronaschutz.kaufen
1	static-eu.payments-amazon.com	coronaschutz.kaufen
1	s3.eu-central-1.amazonaws.com	coronaschutz.kaufen
0	eu1-search.doofinder.com Failed	cdn.doofinder.com
53	19

This site contains no links.

Subject Issuer	Validity	Valid
coronaschutz.kaufen R3	`2021-04-26` - `2021-07-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.s3.eu-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-27` - `2021-09-01`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-04-28` - `2022-01-11`	9 months	crt.sh
static-eu.payments-amazon.com Amazon	`2020-08-20` - `2021-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.trustami.com Thawte RSA CA 2018	`2020-05-19` - `2021-06-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
1648062886.rsc.cdn77.org R3	`2021-05-25` - `2021-08-23`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://coronaschutz.kaufen/
Frame ID: 714C1CE6FD27F3960CAD1D85ED6D970A
Requests: 49 HTTP requests in this frame

Frame: https://cdn.trustami.com/widgetapi/widget2/stylesheets/style-overlay.47_0.css
Frame ID: 96A948FAAB8E7C08CE0F3C6E4CBEA75D
Requests: 6 HTTP requests in this frame

Frame: https://coronaschutz.kaufen/widgets/index/refreshStatistic?requestPage=/&requestController=index
Frame ID: 05765EF7764DA1803BB62B7A4C7F5D0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://coronaschutz.kaufen/ HTTP 301
https://coronaschutz.kaufen/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

53
Requests

98 %
HTTPS

58 %
IPv6

15
Domains

19
Subdomains

20
IPs

3
Countries

1801 kB
Transfer

3495 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coronaschutz.kaufen/ HTTP 301
https://coronaschutz.kaufen/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
coronaschutz.kaufen/
Redirect Chain

http://coronaschutz.kaufen/
https://coronaschutz.kaufen/

57 KB
13 KB

274ms
44ms

Document
text/html

37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: https://coronaschutz.kaufen/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22018046173565274.happysrv.de
Software: Apache /
Resource Hash: d8ac81e5248182d390772831e3ac89a6f7e8592104cb44a9de57c33f237f9070

Request headers

Host: coronaschutz.kaufen
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Server: Apache
x-content-digest: enfd504a111f2e4e9dd542e03a0abd65bf61977014c036bf103111106426a08e53
Age: 2
Cache-Control: no-cache, private
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 26 May 2021 19:49:05 GMT
Server: Apache
Location: https://coronaschutz.kaufen/
Content-Length: 236
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 1621510612_77c02934472b03f0543f751d083ace42.css
coronaschutz.kaufen/web/cache/ 525 KB
73 KB 49ms
41ms Stylesheet
text/css 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

d60e19badbd60ec3241ec95cfa4ee5aa0d0eb4373ac4d06a063db697b56db49e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://coronaschutz.kaufen/
Connection: keep-alive
Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 20 May 2021 11:36:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Thu, 26 May 2022 19:49:06 GMT

GET
H/1.1 200
OK paymentfooter.css
coronaschutz.kaufen/engine/Shopware/Plugins/Community/Frontend/StcomPaymentFooter/Views/frontend/_resources/css/ 2 KB
884 B 86ms
28ms Stylesheet
text/css 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://coronaschutz.kaufen/engine/Shopware/Plugins/Community/Frontend/StcomPaymentFooter/Views/frontend/_resources/css/paymentfooter.css

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

2ffd0a7b4e219a59cf7e3feb4490fd47d886042d7cd9ecf915ccb33001eea85a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://coronaschutz.kaufen/
Connection: keep-alive
Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sat, 08 May 2021 15:18:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 487
Expires: Fri, 25 Jun 2021 19:49:06 GMT

GET
H2 200 coronaschutz-logo50Hn6WJQqA6ey.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/bc/e3/65/ 32 KB
33 KB 116ms
59ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/bc/e3/65/coronaschutz-logo50Hn6WJQqA6ey.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53229ca67d8d019ef228d1705651c89a085824ac732cea34c40c890f13d7eee2

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:07 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Mon, 27 Apr 2020 12:30:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "906dc6132e7c3acee02a1a4e22e95628"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 32940
x-amz-cf-id: wN8lP4isD8mJjWNVOUm0-HTvr7iUdn5BtH1j310rjO2bQKx4H4QobQ==

GET
H/1.1 200
OK logo_quadratisch_144x144.png
s3.eu-central-1.amazonaws.com/studioexpress/media/image/e1/de/5e/ 37 KB
37 KB 120ms
42ms Image
image/png 52.219.171.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/studioexpress/media/image/e1/de/5e/logo_quadratisch_144x144.png
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.171.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d67343c4d88bd319a34d99b3b8645feeda2d3aae3210264d1f2444b517411aec

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:07 GMT
Last-Modified: Thu, 05 Jul 2018 14:30:21 GMT
Server: AmazonS3
x-amz-request-id: WN061QYCMNM02Z3V
ETag: "103fa84d93d2d0e143008dd742d47c60"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 37935
x-amz-id-2: Gbh5vMASzibJ035UepDH28qUpfm1wpTDluSa1ud4yLyHIkGzHFdQOWe9qdY7LV1xCKW+QVwPIvg=

GET
H2 200 js Show response
www.paypal.com/sdk/ 316 KB
85 KB 613ms
499ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AdWqQwn-fxPq5_5y06D6dYChaH6ZDe7OPGXxnjYD0VTw1RO8gYb1YyrekwcKiKn4wh5SpmopzAkTSjHb&components=messages

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

2b91c107d12d4659c7cd979a57ac1520590b19f84309b8791f08e03d5d1664dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-QO15eDkq3+Z63b5+JqtFzkqgIrZi8rh/Ds+mV1ysIei0Xi/r' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QO15eDkq3+Z63b5+JqtFzkqgIrZi8rh/Ds+mV1ysIei0Xi/r' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 298
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-QO15eDkq3+Z63b5+JqtFzkqgIrZi8rh/Ds+mV1ysIei0Xi/r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-QO15eDkq3+Z63b5+JqtFzkqgIrZi8rh/Ds+mV1ysIei0Xi/r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
p3p: true
paypal-debug-id: 74163422aa3f
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 85092
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Wed, 26 May 2021 19:49:06 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"14c64-wsIYWx72X/fO16abMhe7iQGi5Ys"
expires: Wed, 26 May 2021 20:49:06 GMT

GET
H2 200 checkout.js Show response
static-eu.payments-amazon.com/ 66 KB
18 KB 111ms
40ms Script
application/javascript 13.226.159.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-eu.payments-amazon.com/checkout.js
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-51.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25e8d15bc86a7f89da7ba82fa178ed349755fc9840f64cc5a76d6c6b232bdadf

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3NCAk84upvwbBujbx2sYqVEmHbKzTUiu
content-encoding: br
last-modified: Fri, 21 May 2021 00:08:32 GMT
server: AmazonS3
age: 557
etag: W/"92b56ee4a16e285510029ef388e94ecc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=1200,public
date: Wed, 26 May 2021 19:39:50 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: B0cmKbOCSKeMG81NUeevi8BivVwgA1H-UqCa2jAmmq9zoQwHXeakcg==

GET
H/1.1 200
OK amazon-pay.js Show response
coronaschutz.kaufen/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/ 9 KB
2 KB 83ms
29ms Script
application/javascript 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://coronaschutz.kaufen/custom/plugins/OncoAmazonPay/Resources/views/frontend/_public/src/js/amazon-pay.js

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

8356f37f2ddcf89a513b25c51856873d7f3dbdbb02b9f255e043470b963f8992

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://coronaschutz.kaufen/
Connection: keep-alive
Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 21 May 2021 11:12:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1705
Expires: Fri, 25 Jun 2021 19:49:06 GMT

GET
H/1.1 200
OK 1621510612_77c02934472b03f0543f751d083ace42.js Show response
coronaschutz.kaufen/web/cache/ 566 KB
145 KB 94ms
38ms Script
application/javascript 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.js

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

a3bb07a9cbcf70710794a84bc4f235629a034fd30536990c426f7cac59901359

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://coronaschutz.kaufen/
Connection: keep-alive
Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 20 May 2021 11:36:49 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 26 May 2022 19:49:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
36 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWSCL96

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e7a21b5c9ecd41378bbc867f8a75abca30822bd6846b4b2206d05c6153fd246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36571
x-xss-protection: 0
last-modified: Wed, 26 May 2021 18:50:40 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 May 2021 19:49:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWSCL96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1150
date: Wed, 26 May 2021 19:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 26 May 2021 21:29:56 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 49ms
48ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWSCL96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 7512236244504453440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 May 2021 19:49:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-15160429-2&cid=1200071008.1622058546&jid=917374708&gjid=778506273&_gid=1322193006.1622058546&_u=YGBAgEABAAAAAE~&z=966243906

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 19:49:06 GMT
content-type: text/plain
access-control-allow-origin: https://coronaschutz.kaufen
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=134856450&t=pageview&_s=1&dl=https%3A%2F%2Fcoronaschutz.kaufen%2F&ul=en-us&de=UTF-8&dt=Coronaschutz%20Kaufen%20%7C%20coronaschutz.kaufen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=917374708&gjid=778506273&cid=1200071008.1622058546&tid=UA-15160429-2&_gid=1322193006.1622058546&gtm=2wg5j0TWSCL96&z=81656453

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 10:35:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33243
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK OpenSans-Regular.woff
coronaschutz.kaufen/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/ 62 KB
62 KB 32ms
32ms Font
application/font-woff 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://coronaschutz.kaufen/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff?201805041539

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://coronaschutz.kaufen
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css
Cookie: _gcl_au=1.1.820224401.1622058546; _ga=GA1.2.1200071008.1622058546; _gid=GA1.2.1322193006.1622058546; _dc_gtm_UA-15160429-2=1
Connection: keep-alive
Origin: https://coronaschutz.kaufen
Referer: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 22 Apr 2019 16:27:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 63470
Expires: Thu, 26 May 2022 19:49:06 GMT

GET
H/1.1 200
OK shopware.woff
coronaschutz.kaufen/themes/Frontend/Responsive/frontend/_public/src/fonts// 69 KB
33 KB 34ms
33ms Font
application/font-woff 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://coronaschutz.kaufen/themes/Frontend/Responsive/frontend/_public/src/fonts//shopware.woff?201805041539

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

499e8db4de7463aade473f0c529c839547c9679e9b483e76944a39b4d922dcfe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://coronaschutz.kaufen
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css
Cookie: _gcl_au=1.1.820224401.1622058546; _ga=GA1.2.1200071008.1622058546; _gid=GA1.2.1322193006.1622058546; _dc_gtm_UA-15160429-2=1
Connection: keep-alive
Origin: https://coronaschutz.kaufen
Referer: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 22 Apr 2019 16:27:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33878
Expires: Thu, 26 May 2022 19:49:06 GMT

GET
H/1.1 200
OK OpenSans-Bold.woff
coronaschutz.kaufen/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/ 62 KB
62 KB 31ms
31ms Font
application/font-woff 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL

https://coronaschutz.kaufen/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff?201805041539

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://coronaschutz.kaufen
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css
Cookie: _gcl_au=1.1.820224401.1622058546; _ga=GA1.2.1200071008.1622058546; _gid=GA1.2.1322193006.1622058546; _dc_gtm_UA-15160429-2=1
Connection: keep-alive
Origin: https://coronaschutz.kaufen
Referer: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 22 Apr 2019 16:27:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 63325
Expires: Thu, 26 May 2022 19:49:06 GMT

GET
H2 200 trustami-widget.js Show response
cdn.trustami.com/widgetapi/widget2/ 53 KB
11 KB 97ms
28ms Script
application/javascript 138.201.222.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.222.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.trustami.com
Software: Trustami trust server G4 - stable release /
Resource Hash: 20150155f509ff32e890d29731926cb3f4521e85be4e37bd6016ddf314d23930

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 26 May 2021 19:49:07 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 14:39:05 GMT
server: Trustami trust server G4 - stable release
etag: W/"60ad0c09-d4ef"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public, no-cache
expires: Wed, 02 Jun 2021 19:49:07 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
119 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15160429-2&cid=1200071008.1622058546&jid=917374708&_u=YGBAgEABAAAAAE~&z=538379376

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15160429-2&cid=1200071008.1622058546&jid=917374708&_u=YGBAgEABAAAAAE~&z=538379376

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1044832058/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1044832058/?random=1622058546409&cv=9&fst=1622058546409&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcoronaschutz.kaufen%2F&tiba=Coronaschutz%20Kaufen%20%7C%20coronaschutz.kaufen&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81813fa8811f9c2627c044b12891ecd6d96e1e20dba93b337cd78c300ac6dfe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundmedium.png
coronaschutz.kaufen/engine/Shopware/Plugins/Community/Frontend/StcomPaymentFooter/Views/frontend/_resources/images/ 111 KB
111 KB 29ms
29ms Image
image/png 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coronaschutz.kaufen/engine/Shopware/Plugins/Community/Frontend/StcomPaymentFooter/Views/frontend/_resources/images/roundmedium.png

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/engine/Shopware/Plugins/Community/Frontend/StcomPaymentFooter/Views/frontend/_resources/css/paymentfooter.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

v22018046173565274.happysrv.de

Software

Apache /

Resource Hash

680b73b8501297f8d3e2d94d5b4fd1c83d539d3a479f22436452a4d71869e89b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://coronaschutz.kaufen/engine/Shopware/Plugins/Community/Frontend/StcomPaymentFooter/Views/frontend/_resources/css/paymentfooter.css
Cookie: _gcl_au=1.1.820224401.1622058546; _ga=GA1.2.1200071008.1622058546; _gid=GA1.2.1322193006.1622058546; _dc_gtm_UA-15160429-2=1
Connection: keep-alive
Referer: https://coronaschutz.kaufen/engine/Shopware/Plugins/Community/Frontend/StcomPaymentFooter/Views/frontend/_resources/css/paymentfooter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Last-Modified: Sat, 08 May 2021 15:18:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 113399
Expires: Fri, 25 Jun 2021 19:49:06 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1044832058/ 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1044832058/?random=1622058546409&cv=9&fst=1622055600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fcoronaschutz.kaufen%2F&tiba=Coronaschutz%20Kaufen%20%7C%20coronaschutz.kaufen&async=1&fmt=3&is_vtc=1&random=3933037507&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1044832058/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1044832058/?random=1622058546409&cv=9&fst=1622055600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fcoronaschutz.kaufen%2F&tiba=Coronaschutz%20Kaufen%20%7C%20coronaschutz.kaufen&async=1&fmt=3&is_vtc=1&random=3933037507&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgetapi-multi.php Show response
app.trustami.com/widgetapi/ 5 KB
2 KB 136ms
35ms Script
application/javascript 144.76.66.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustami.com/widgetapi/widgetapi-multi.php?callback=trustamiWidget.processRequest&profile=5a3f9d57cc96c51d478b45e4&user=31ae1621831be5333185d875512bf5e52c480452&platform=0&mode=null&v=0&type=2&pluginType=sw&trCache=1622058546496
Requested by: Host: cdn.trustami.com
URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.66.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: app.trustami.com
Software: nginx /
Resource Hash: 8ff37a0fc42044c5f603964084958912d55c5879266a7cddea84cbe924895c9f

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/JavaScript

GET
H2 200 style-overlay.47_0.css
cdn.trustami.com/widgetapi/widget2/stylesheets/ Frame 96A9 4 KB
1 KB 29ms
29ms Stylesheet
text/css 138.201.222.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustami.com/widgetapi/widget2/stylesheets/style-overlay.47_0.css
Requested by: Host: cdn.trustami.com
URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.222.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.trustami.com
Software: Trustami trust server G4 - stable release /
Resource Hash: e3e8a31bca45d618e30de3d772597c57109d5956c548319949cbddf7c65c34b1

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 26 May 2021 19:49:07 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 14:39:03 GMT
server: Trustami trust server G4 - stable release
etag: W/"60ad0c07-1069"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
expires: Wed, 02 Jun 2021 19:49:07 GMT

GET
H2 200 trustamiWidgetFonts.47_0.css
cdn.trustami.com/widgetapi/widget2/stylesheets/ Frame 96A9 2 KB
727 B 29ms
29ms Stylesheet
text/css 138.201.222.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustami.com/widgetapi/widget2/stylesheets/trustamiWidgetFonts.47_0.css
Requested by: Host: cdn.trustami.com
URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.222.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.trustami.com
Software: Trustami trust server G4 - stable release /
Resource Hash: d30a027b1015d5d261ca3cac659a28fac9c0689fb811cc495bf3bd2ae907ac47

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 26 May 2021 19:49:07 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 14:39:04 GMT
server: Trustami trust server G4 - stable release
etag: W/"60ad0c08-636"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
expires: Wed, 02 Jun 2021 19:49:07 GMT

GET
H2 200 no-demo.png
cdn.trustami.com/widgetapi/img/ Frame 96A9 101 B
359 B 28ms
28ms Image
image/png 138.201.222.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.trustami.com/widgetapi/img/no-demo.png
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.222.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.trustami.com
Software: Trustami trust server G4 - stable release /
Resource Hash: 6cf048141d430a40de54ee2d4a658b3d8a8554e9fd8fb290e605eb65b5dc472a

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 26 May 2021 19:49:07 GMT
last-modified: Tue, 25 May 2021 14:37:53 GMT
server: Trustami trust server G4 - stable release
etag: "60ad0bc1-65"
content-type: image/png
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 101
expires: Wed, 02 Jun 2021 19:49:07 GMT

GET
H2 200 trustami_verified.png
cdn.trustami.com/widgetapi/widget2/img/ Frame 96A9 4 KB
5 KB 30ms
29ms Image
image/png 138.201.222.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.trustami.com/widgetapi/widget2/img/trustami_verified.png
Requested by: Host: cdn.trustami.com
URL: https://cdn.trustami.com/widgetapi/widget2/stylesheets/style-overlay.47_0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.222.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.trustami.com
Software: Trustami trust server G4 - stable release /
Resource Hash: 7f94fda6a9f471c8c2bdac1e32044fd036ee784674895a12e61a4226e22add5c

Request headers

Referer: https://cdn.trustami.com/widgetapi/widget2/stylesheets/style-overlay.47_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 26 May 2021 19:49:07 GMT
last-modified: Tue, 25 May 2021 14:37:53 GMT
server: Trustami trust server G4 - stable release
etag: "60ad0bc1-11dd"
content-type: image/png
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 4573
expires: Wed, 02 Jun 2021 19:49:07 GMT

GET
H2 200 trustami-badge-logo.png
cdn.trustami.com/widgetapi/widget2/img/ Frame 96A9 672 B
930 B 30ms
29ms Image
image/png 138.201.222.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.trustami.com/widgetapi/widget2/img/trustami-badge-logo.png
Requested by: Host: cdn.trustami.com
URL: https://cdn.trustami.com/widgetapi/widget2/stylesheets/style-overlay.47_0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.222.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.trustami.com
Software: Trustami trust server G4 - stable release /
Resource Hash: 4bc2fafd07aac2646717c4c311cd688f6510b17fef517465828bc12cf9cc3325

Request headers

Referer: https://cdn.trustami.com/widgetapi/widget2/stylesheets/style-overlay.47_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 26 May 2021 19:49:07 GMT
last-modified: Tue, 25 May 2021 14:37:53 GMT
server: Trustami trust server G4 - stable release
etag: "60ad0bc1-2a0"
content-type: image/png
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 672
expires: Wed, 02 Jun 2021 19:49:07 GMT

GET
H2 200 trustamiWidgetFont.ttf
cdn.trustami.com/widgetapi/widget2/fonts/ Frame 96A9 9 KB
9 KB 91ms
30ms Font
application/octet-stream 138.201.222.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustami.com/widgetapi/widget2/fonts/trustamiWidgetFont.ttf
Requested by: Host: cdn.trustami.com
URL: https://cdn.trustami.com/widgetapi/widget2/stylesheets/trustamiWidgetFonts.47_0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.222.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn.trustami.com
Software: Trustami trust server G4 - stable release /
Resource Hash: 19eaa320017c84306da27911b08420e904b3da8d3ac866fab5cb3f7260c46fb4

Request headers

Origin: https://coronaschutz.kaufen
Referer: https://cdn.trustami.com/widgetapi/widget2/stylesheets/trustamiWidgetFonts.47_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 26 May 2021 19:49:07 GMT
last-modified: Tue, 25 May 2021 14:37:53 GMT
server: Trustami trust server G4 - stable release
etag: "60ad0bc1-238c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 9100
expires: Sat, 26 Jun 2021 19:49:07 GMT

GET
H2 200 ramp-experiment-ssr.json Show response
www.paypalobjects.com/upstream/assets/messaging/modal/ 43 B
417 B 155ms
91ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/assets/messaging/modal/ramp-experiment-ssr.json

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdWqQwn-fxPq5_5y06D6dYChaH6ZDe7OPGXxnjYD0VTw1RO8gYb1YyrekwcKiKn4wh5SpmopzAkTSjHb&components=messages

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

5e00db227d4199f279bb00fdef02597ea4c9fe1e0f00069c42226ddacb7f271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 5c710a1191c09
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 56
last-modified: Thu, 13 May 2021 13:09:56 GMT
etag: "609d2524-2b"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Wed, 26 May 2021 20:49:06 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 733ms
732ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=coronaschutz.kaufen&t=xo&v=5.0.230&source=payments_sdk&client_id=AdWqQwn-fxPq5_5y06D6dYChaH6ZDe7OPGXxnjYD0VTw1RO8gYb1YyrekwcKiKn4wh5SpmopzAkTSjHb&comp=messages&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdWqQwn-fxPq5_5y06D6dYChaH6ZDe7OPGXxnjYD0VTw1RO8gYb1YyrekwcKiKn4wh5SpmopzAkTSjHb&components=messages

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

32fa63f8008fbd2c88a3b98b877bf68fa5c97fbb6c3c61ff8f80ea7adc198f6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pHeB9M/zPAGRi9xKnlmIVGHWIfFXVz6T3w3XbExrBSCBzvCE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 681
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pHeB9M/zPAGRi9xKnlmIVGHWIfFXVz6T3w3XbExrBSCBzvCE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
paypal-debug-id: ae6a0decfc81a
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 4415
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Wed, 26 May 2021 19:49:07 GMT
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"3037-5hlwvQcglV93T/NU2YnRlpmKO7E"

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set refreshStatistic Show response
coronaschutz.kaufen/widgets/index/ Frame 0576 0
736 B 366ms
365ms Document
text/html 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: https://coronaschutz.kaufen/widgets/index/refreshStatistic?requestPage=/&requestController=index
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22018046173565274.happysrv.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: coronaschutz.kaufen
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://coronaschutz.kaufen/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _gcl_au=1.1.820224401.1622058546; _ga=GA1.2.1200071008.1622058546; _gid=GA1.2.1322193006.1622058546; _dc_gtm_UA-15160429-2=1; x-ua-device=desktop
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://coronaschutz.kaufen/

Response headers

Date: Wed, 26 May 2021 19:49:06 GMT
Server: Apache
Set-Cookie: session-34=f1ff4371051d6441f1e90f7d3fee496d8e81b48849b66979cfe84a7866b96a5f; path=/; secure; HttpOnly x-cache-context-hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ nocache=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate private
Pragma: no-cache
X-Body-Eval: ESI
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 31a1255ca9a5c72df709a70901b902b8-1.js Show response
cdn.intedia.de/doofinder/layer/shopware/v160/ 723 B
1012 B 379ms
323ms Script
application/javascript 2606:4700:3035::6815:e39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intedia.de/doofinder/layer/shopware/v160/31a1255ca9a5c72df709a70901b902b8-1.js
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea3b9a2818a52d28afd986425c40b423ccbe2898ccd84f779297166cd38390d2

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 55292
cf-polished: origSize=1008
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4bd24fc8000031405296c000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t%2BWfoh5R9m8UMgdS7UbuqNGrRgPBbEuWnKLFZJin7ipmxUlvkwxRZYdwHj12WIwaDYTt05nF%2B1s%2FHUkLjhf9qXFCE34ikPevpJXhQDQTPs0qBK6mseefBxyVPjcwJ%2BenyyYk8G8xAjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=90000
cf-ray: 6559865eb83a3140-FRA

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2112
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 26 May 2021 20:13:54 GMT

GET
H/1.1 200
OK Cookie set csrftoken Show response
coronaschutz.kaufen/ 0
774 B 551ms
550ms XHR
text/html 37.120.186.16
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: https://coronaschutz.kaufen/csrftoken
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/web/cache/1621510612_77c02934472b03f0543f751d083ace42.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.120.186.16 Villmar, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22018046173565274.happysrv.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: coronaschutz.kaufen
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _gcl_au=1.1.820224401.1622058546; _ga=GA1.2.1200071008.1622058546; _gid=GA1.2.1322193006.1622058546; _dc_gtm_UA-15160429-2=1; x-ua-device=desktop
Connection: keep-alive
Referer: https://coronaschutz.kaufen/
Accept: */*
Referer: https://coronaschutz.kaufen/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 19:49:06 GMT
Content-Encoding: gzip
X-Csrf-Token: IYYNZJZmFNTb7vYn25LBL6vdzclnwb
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: session-34=4c6445435226df97359d18a74d053f3d6945bbfb8b231f0ee302ebf394fa9a20; path=/; secure; HttpOnly x-cache-context-hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ nocache=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-store, no-cache, must-revalidate no-cache, private
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Startseite_01_1280x1280.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/47/a5/50/ 204 KB
205 KB 107ms
105ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/47/a5/50/Startseite_01_1280x1280.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15040d3ac9a30d9ec2a0b9ff631676c8378b11afec276d5efe8ec35cb163e494

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:07 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 18:34:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "124dbde025c1c5ecaf4207f2bcca8eb2"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 209098
x-amz-cf-id: tLcO8ET8k-bt_W0T22WfQKs3flx0CAivA7s5r1rz4mmZgzMKsyPeFA==

GET
H2 200 Startseite_02_1280x1280.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/f0/89/d4/ 179 KB
179 KB 89ms
87ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/f0/89/d4/Startseite_02_1280x1280.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: addd8e32ad610ba93b4a454f15b0a749a86cf753af57da762d6796494e59b04e

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:07 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 18:34:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "0f71b53642e4a668dbc01128484e3397"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 183155
x-amz-cf-id: BA-k2XwCNTSmsvEuxDcCKO2WlJQccZJabp89nLwXld64usa0UpBT3g==

GET
H2 200 Startseite_03_1280x1280.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/8b/d0/20/ 144 KB
144 KB 109ms
108ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/8b/d0/20/Startseite_03_1280x1280.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8f1bb899df94679746329e769a36712c2c67955ba40b87faabf1dfbc0320cad

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:07 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 18:34:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "7ba0cd7738e68cc847294b616a4c4ba4"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 147277
x-amz-cf-id: xie8YinE5rh66p2OosbDGnPjCdp-VwpQuaFcV7LhpUvummd12_u5ug==

GET
H2 200 Startseite_04_1280x1280.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/f1/89/ee/ 115 KB
116 KB 112ms
111ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/f1/89/ee/Startseite_04_1280x1280.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d77ad958290e43499b218de06184979f20e45728f0510521e55487e5014dde50

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:07 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 18:34:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "0e92152f358a8f650771fcf1e29c8ba4"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 118110
x-amz-cf-id: cImAgEvSQp0bYnV7dp8uJWHdsG6SbBH2H7ImwOZMIe7M9aZttAWavg==

GET
H2 200 Startseite_05_1280x1280.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/72/e7/56/ 52 KB
52 KB 104ms
103ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/72/e7/56/Startseite_05_1280x1280.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5c87de68d8d40b4c7062477c17ab81e1a7a44f55f748a9800c3183701a299a6

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:08 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 18:34:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "2b5ffde912a1ecc95b128e7f4d316bd8"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 53174
x-amz-cf-id: o3kjsqjgCKa3isoUtP5wvOo_92eaP_XhL5Sg7iKasd6Aq-Rp0N5FRA==

GET
H2 200 Startseite_06_1280x1280.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/6b/01/a9/ 114 KB
114 KB 113ms
112ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/6b/01/a9/Startseite_06_1280x1280.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fb9791c3248fd3b4212fa970dc37bf6215ae4c533459028cb99e67513d22958

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:08 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 18:34:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "48bf332f13a863fd3784031b8bb8e9ac"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 116551
x-amz-cf-id: PacveOZLOLce7ZT8nlfZvQG-C7KgQTv2X61LDuoRi0CiYUswh8U7LQ==

GET
H2 200 Startseite_07_1280x1280.jpg
d2twg4x5n2cseg.cloudfront.net/media/image/c8/dc/f1/ 108 KB
109 KB 101ms
100ms Image
image/jpeg 2600:9000:211e:6000:f:c1aa:3200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2twg4x5n2cseg.cloudfront.net/media/image/c8/dc/f1/Startseite_07_1280x1280.jpg
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:f:c1aa:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b9449e94f4f1705e8f01c6a2e8f01842da38ab87566b2fef39a57024ccd0fb1

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 19:49:07 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 18:34:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "92b59e05da538e62be349722bc3d746e"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 110786
x-amz-cf-id: fA-uSFKZuiUH5VrypEkDA3UC9hxJQ8pmeifAexn6lIFAHA0cMREaWg==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=134856450&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcoronaschutz.kaufen%2F&ul=en-us&de=UTF-8&dt=Coronaschutz%20Kaufen%20%7C%20coronaschutz.kaufen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Impression&el=https%3A%2F%2Fcoronaschutz.kaufen%2F&_u=aGDAAEALAAAAAG~&jid=1539789075&gjid=1291953788&cid=1200071008.1622058546&tid=UA-15160429-2&_gid=1322193006.1622058546&_r=1&gtm=2wg5j0TWSCL96&z=1775934042

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coronaschutz.kaufen
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-15160429-2&cid=1200071008.1622058546&jid=1539789075&gjid=1291953788&_gid=1322193006.1622058546&_u=aGDAAEALAAAAAG~&z=2079434201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 19:49:07 GMT
content-type: text/plain
access-control-allow-origin: https://coronaschutz.kaufen
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
29ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15160429-2&cid=1200071008.1622058546&jid=1539789075&_u=aGDAAEALAAAAAG~&z=487204952

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15160429-2&cid=1200071008.1622058546&jid=1539789075&_u=aGDAAEALAAAAAG~&z=487204952

Requested by

Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 doofinder-classic.7.latest.min.js Show response
cdn.doofinder.com/media/js/ 374 KB
92 KB 26ms
6ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doofinder.com/media/js/doofinder-classic.7.latest.min.js
Requested by: Host: cdn.intedia.de
URL: https://cdn.intedia.de/doofinder/layer/shopware/v160/31a1255ca9a5c72df709a70901b902b8-1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6f2798b0a0125eaf0d1665b1896411ded0a4559d3a0032428c576c879da309dd

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzL8uzLvWQgLAA==
x-accel-expires: @1622372314
date: Wed, 26 May 2021 19:49:07 GMT
content-encoding: br
etag: W/"60a39bad-5d80c"
last-modified: Tue, 18 May 2021 10:49:17 GMT
server: CDN77-Turbo
x-77-nzt-ray: yr47IOMBac4=
x-77-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache: HIT
x-age: 723033
x-77-pop: frankfurtDE

GET 31a1255ca9a5c72df709a70901b902b8
eu1-search.doofinder.com/5/options/ 0
0

GET
H2 200 ts
t.paypal.com/ 42 B
716 B 208ms
173ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Coronaschutz%20Kaufen%20%7C%20coronaschutz.kaufen&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1622058547630&g=-120&completeurl=https%3A%2F%2Fcoronaschutz.kaufen%2F&ru=https%3A%2F%2Fcoronaschutz.kaufen%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: coronaschutz.kaufen
URL: https://coronaschutz.kaufen/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 19:49:07 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1622058548.670476,VS0,VE158
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Wed, 26 May 2021 19:49:07 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7326-LHR, cache-cdg20745-CDG

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 858 B
2 KB 243ms
243ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdWqQwn-fxPq5_5y06D6dYChaH6ZDe7OPGXxnjYD0VTw1RO8gYb1YyrekwcKiKn4wh5SpmopzAkTSjHb&components=messages

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

07023a8d50e933259b38375cce0e77ff760049c5dd016fc9779b0fe92c60e55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://coronaschutz.kaufen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 54
date: Wed, 26 May 2021 19:49:08 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 146
etag: W/"35a-2Vr/ec2f3QdQXtIGr4A7DJXrI6k"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://coronaschutz.kaufen
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: 8e6283da8839b
dc: phx-origin-www-2.paypal.com
content-length: 858

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 247ms
246ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://coronaschutz.kaufen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://coronaschutz.kaufen
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 826c04c898ef8
x-content-type-options: nosniff
content-length: 0
dc: phx-origin-www-2.paypal.com
x-edgeconnect-midmile-rtt: 146
x-edgeconnect-origin-mex-latency: 63
date: Wed, 26 May 2021 19:49:08 GMT
strict-transport-security: max-age=63072000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eu1-search.doofinder.com
URL: https://eu1-search.doofinder.com/5/options/31a1255ca9a5c72df709a70901b902b8?coronaschutz.kaufen

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
coronaschutz.kaufen/	1969-12-31 23:59:59	Name: __csrf_token-34 Value: IYYNZJZmFNTb7vYn25LBL6vdzclnwb
.coronaschutz.kaufen/	1970-01-19 18:34:18	Name: _gat_UA-15160429-2 Value: 1
.coronaschutz.kaufen/	1970-01-19 18:34:18	Name: _dc_gtm_UA-15160429-2 Value: 1
coronaschutz.kaufen/	1969-12-31 23:59:59	Name: x-ua-device Value: desktop
.coronaschutz.kaufen/	1970-01-19 18:35:44	Name: _gid Value: GA1.2.1322193006.1622058546
coronaschutz.kaufen/	1969-12-31 23:59:59	Name: session-34 Value: 4c6445435226df97359d18a74d053f3d6945bbfb8b231f0ee302ebf394fa9a20
.coronaschutz.kaufen/	1970-01-20 12:05:30	Name: _ga Value: GA1.2.1200071008.1622058546
.coronaschutz.kaufen/	1970-01-19 20:43:54	Name: _gcl_au Value: 1.1.820224401.1622058546

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off(Line 1) Message: Trustami Warning => Badge not activated in the account's settings: widget_container_frame
console-api	warning	URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off(Line 1) Message: Trustami Warning => Badge not activated in the account's settings: widget_container_overlay_list
console-api	warning	URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off(Line 1) Message: Trustami Warning => Badge not activated in the account's settings: widget_container_overlay_sticker
console-api	warning	URL: https://cdn.trustami.com/widgetapi/widget2/trustami-widget.js?cache=off(Line 1) Message: Trustami Warning => Badge not activated in the account's settings: widget_container_text_only
console-api	warning	URL: https://cdn.doofinder.com/media/js/doofinder-classic.7.latest.min.js(Line 1) Message: [doofinder]: Failed to fetch

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.trustami.com
cdn.doofinder.com
cdn.intedia.de
cdn.trustami.com
coronaschutz.kaufen
d2twg4x5n2cseg.cloudfront.net
eu1-search.doofinder.com
googleads.g.doubleclick.net
s3.eu-central-1.amazonaws.com
static-eu.payments-amazon.com
stats.g.doubleclick.net
t.paypal.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
eu1-search.doofinder.com
104.111.228.123
13.226.159.51
138.201.222.21
144.76.66.83
151.101.1.35
216.58.212.130
2600:9000:211e:6000:f:c1aa:3200:21
2606:4700:3035::6815:e39
2a00:1450:4001:802::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c04::9a
2a00:1450:400c:c04::9c
2a02:6ea0:c700::3
37.120.186.16
52.219.171.21
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07023a8d50e933259b38375cce0e77ff760049c5dd016fc9779b0fe92c60e55d
0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca
15040d3ac9a30d9ec2a0b9ff631676c8378b11afec276d5efe8ec35cb163e494
19eaa320017c84306da27911b08420e904b3da8d3ac866fab5cb3f7260c46fb4
20150155f509ff32e890d29731926cb3f4521e85be4e37bd6016ddf314d23930
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
25e8d15bc86a7f89da7ba82fa178ed349755fc9840f64cc5a76d6c6b232bdadf
2b91c107d12d4659c7cd979a57ac1520590b19f84309b8791f08e03d5d1664dc
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
2ffd0a7b4e219a59cf7e3feb4490fd47d886042d7cd9ecf915ccb33001eea85a
32fa63f8008fbd2c88a3b98b877bf68fa5c97fbb6c3c61ff8f80ea7adc198f6b
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
499e8db4de7463aade473f0c529c839547c9679e9b483e76944a39b4d922dcfe
4bc2fafd07aac2646717c4c311cd688f6510b17fef517465828bc12cf9cc3325
506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4
53229ca67d8d019ef228d1705651c89a085824ac732cea34c40c890f13d7eee2
5e00db227d4199f279bb00fdef02597ea4c9fe1e0f00069c42226ddacb7f271c
680b73b8501297f8d3e2d94d5b4fd1c83d539d3a479f22436452a4d71869e89b
6cf048141d430a40de54ee2d4a658b3d8a8554e9fd8fb290e605eb65b5dc472a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f2798b0a0125eaf0d1665b1896411ded0a4559d3a0032428c576c879da309dd
7b9449e94f4f1705e8f01c6a2e8f01842da38ab87566b2fef39a57024ccd0fb1
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9
7e7a21b5c9ecd41378bbc867f8a75abca30822bd6846b4b2206d05c6153fd246
7f94fda6a9f471c8c2bdac1e32044fd036ee784674895a12e61a4226e22add5c
81813fa8811f9c2627c044b12891ecd6d96e1e20dba93b337cd78c300ac6dfe2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8356f37f2ddcf89a513b25c51856873d7f3dbdbb02b9f255e043470b963f8992
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ff37a0fc42044c5f603964084958912d55c5879266a7cddea84cbe924895c9f
9fb9791c3248fd3b4212fa970dc37bf6215ae4c533459028cb99e67513d22958
a3bb07a9cbcf70710794a84bc4f235629a034fd30536990c426f7cac59901359
addd8e32ad610ba93b4a454f15b0a749a86cf753af57da762d6796494e59b04e
b5c87de68d8d40b4c7062477c17ab81e1a7a44f55f748a9800c3183701a299a6
c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16
d30a027b1015d5d261ca3cac659a28fac9c0689fb811cc495bf3bd2ae907ac47
d60e19badbd60ec3241ec95cfa4ee5aa0d0eb4373ac4d06a063db697b56db49e
d67343c4d88bd319a34d99b3b8645feeda2d3aae3210264d1f2444b517411aec
d77ad958290e43499b218de06184979f20e45728f0510521e55487e5014dde50
d8ac81e5248182d390772831e3ac89a6f7e8592104cb44a9de57c33f237f9070
d8f1bb899df94679746329e769a36712c2c67955ba40b87faabf1dfbc0320cad
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8a31bca45d618e30de3d772597c57109d5956c548319949cbddf7c65c34b1
ea3b9a2818a52d28afd986425c40b423ccbe2898ccd84f779297166cd38390d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

coronaschutz.kaufen Open in urlscan Pro 37.120.186.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

58 %IPv6

15 Domains

19 Subdomains

20 IPs

3 Countries

1801 kBTransfer

3495 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

coronaschutz.kaufen Open in urlscan Pro
37.120.186.16 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

58 %
IPv6

15
Domains

19
Subdomains

20
IPs

3
Countries

1801 kB
Transfer

3495 kB
Size

8
Cookies

53 HTTP transactions
4 data transactions