urlscan.io logo urlscan.io
SecurityTrails logo

www.patrick-bareiss.com Open in urlscan Pro
185.30.32.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Effective URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Submission: On May 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 96 HTTP transactions. The main IP is 185.30.32.165, located in Germany and belongs to DE-WEBGO www.webgo.de, DE. The main domain is www.patrick-bareiss.com.
TLS certificate: Issued by R3 on May 11th 2022. Valid for: 3 months.
This is the only time www.patrick-bareiss.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    185.30.32.165 (Germany)

ASN48324 (DE-WEBGO www.webgo.de, DE)
PTR: s165.goserver.host
patrick-bareiss.com
www.patrick-bareiss.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
s0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
39    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
17    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
2    2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)
ton.twimg.com
Apex Domain
Subdomains		 Transfer
58 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1528
abs.twimg.com — Cisco Umbrella Rank: 1844
pbs.twimg.com — Cisco Umbrella Rank: 702
ton.twimg.com — Cisco Umbrella Rank: 6022
572 KB
18 patrick-bareiss.com
patrick-bareiss.com
www.patrick-bareiss.com
1 MB
8 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 664
syndication.twitter.com — Cisco Umbrella Rank: 954
214 KB
6 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1727
14 KB
3 wp.com
s0.wp.com — Cisco Umbrella Rank: 6486
stats.wp.com — Cisco Umbrella Rank: 2770
pixel.wp.com — Cisco Umbrella Rank: 2592
7 KB
2 gstatic.com
fonts.gstatic.com
75 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
96 7
Domain Requested by
38 pbs.twimg.com
17 abs.twimg.com
17 www.patrick-bareiss.com www.patrick-bareiss.com
6 platform.twitter.com www.patrick-bareiss.com
platform.twitter.com
6 secure.gravatar.com www.patrick-bareiss.com
secure.gravatar.com
2 ton.twimg.com platform.twitter.com
2 syndication.twitter.com platform.twitter.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.patrick-bareiss.com
1 cdn.syndication.twimg.com platform.twitter.com
1 pixel.wp.com www.patrick-bareiss.com
1 stats.wp.com www.patrick-bareiss.com
1 s0.wp.com www.patrick-bareiss.com
1 patrick-bareiss.com 1 redirects
96 14

This site contains links to these domains. Also see Links.

Domain
zeltser.com
twitter.com
www.linkedin.com
wordpress.org
athemes.com
Subject Issuer Validity Valid
www.patrick-bareiss.com
R3		 2022-05-11 -
2022-08-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Frame ID: 30B2C3B340DB7C506434C92C6F4EF4DA
Requests: 37 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.patrick-bareiss.com
Frame ID: 045A3F6C6196C0230E3F215246CAF000
Requests: 2 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f389.png
Frame ID: AD5B82D6EAE0D98E4901C1E4DA36B607
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Detect C2 Traffic over DNS using Sigma - Patrick Bareiss

Page URL History Show full URLs

  1. https://patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/ HTTP 301
    https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

96
Requests

100 %
HTTPS

64 %
IPv6

7
Domains

14
Subdomains

12
IPs

3
Countries

2386 kB
Transfer

3305 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/ HTTP 301
    https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Redirect Chain
  • https://patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
  • https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
78 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
0053444217ed3ef597f043b5928685aae753c714aa6c8d9f7a71588c895ebd41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 May 2022 14:27:31 GMT
link
<https://www.patrick-bareiss.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/paBNO6-3y>; rel=shortlink
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 24 May 2022 14:27:30 GMT
location
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
server
nginx
x-redirect-by
WordPress
bootstrap.min.css
www.patrick-bareiss.com/wp-content/themes/rocked/css/bootstrap/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/themes/rocked/css/bootstrap/bootstrap.min.css?ver=1
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
de5da5f5f5dcadf8820b5c65d0a1375cd261703366d9c3897e22654474c43360

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 07:47:39 GMT
server
nginx
etag
W/"8a55-587cebb4dbcc0"
vary
Accept-Encoding
content-type
text/css
style.min.css
www.patrick-bareiss.com/wp-includes/css/dist/block-library/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 14:07:49 GMT
server
nginx
etag
W/"7257-5c0036379273b"
vary
Accept-Encoding
content-type
text/css
style.css
www.patrick-bareiss.com/wp-content/themes/rocked/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/themes/rocked/style.css?ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
e536f7758486f8f74270e30c3c369cefa15fdcf377dd47e0af6a6a2e2da37b7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 07:47:39 GMT
server
nginx
etag
W/"e84a-587cebb4dbcc0"
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/ 		18 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40580c9219c451cf5a9eed6b1ebb2e1a9bd019a8abcf8a3097dbd89a4f3c8eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 May 2022 14:27:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 24 May 2022 14:27:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 May 2022 14:27:31 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6ecd2c66a6467e79fcf67738c024e4f6951510d09e52af674d118332bd8018a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 May 2022 13:39:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 24 May 2022 14:27:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 May 2022 14:27:31 GMT
font-awesome.min.css
www.patrick-bareiss.com/wp-content/themes/rocked/fonts/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/themes/rocked/fonts/font-awesome.min.css?ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 07:47:39 GMT
server
nginx
etag
W/"5cbb-587cebb4dbcc0"
vary
Accept-Encoding
content-type
text/css
jetpack.css
www.patrick-bareiss.com/wp-content/plugins/jetpack/css/ 		70 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/plugins/jetpack/css/jetpack.css?ver=7.9.2
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
068e2f18d47e3c6e38eee71beaa5d568af8a7729e5f2be2c4be47eafb4e458de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 14:05:34 GMT
server
nginx
etag
W/"117db-5c3dd119e5e27"
vary
Accept-Encoding
content-type
text/css
jquery.js
www.patrick-bareiss.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Fri, 26 Jul 2019 09:20:53 GMT
server
nginx
etag
W/"17a69-58e920f1ecb93"
vary
Accept-Encoding
content-type
application/x-javascript
jquery-migrate.min.js
www.patrick-bareiss.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Sat, 20 Jul 2019 15:43:21 GMT
server
nginx
etag
W/"2748-58e1eb3e64b0c"
vary
Accept-Encoding
content-type
application/x-javascript
feature_image_dns_tunneling_sigma-1.png
www.patrick-bareiss.com/wp-content/uploads/2019/04/ 		925 KB
926 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.patrick-bareiss.com/wp-content/uploads/2019/04/feature_image_dns_tunneling_sigma-1.png
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
813a3434b57ed7743edf0432be2e9d9623a1c5d2f1c443ad5060a8cba234b738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
last-modified
Sun, 07 Apr 2019 15:07:40 GMT
server
nginx
accept-ranges
bytes
etag
"e7278-585f214bc0700"
content-length
946808
content-type
image/png
1a060cd496c0a633777faea03f128798
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/1a060cd496c0a633777faea03f128798?s=60&d=mm&r=g
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 24 May 2022 14:27:31 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="1a060cd496c0a633777faea03f128798.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/1a060cd496c0a633777faea03f128798?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Tue, 24 May 2022 14:32:31 GMT
4110d3c53f74b5a9b507d6ce25808c17
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/4110d3c53f74b5a9b507d6ce25808c17?s=60&d=mm&r=g
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 24 May 2022 14:27:31 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="4110d3c53f74b5a9b507d6ce25808c17.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/4110d3c53f74b5a9b507d6ce25808c17?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Tue, 24 May 2022 14:32:31 GMT
a43e47574a7be39992f0f4474dc46292
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/a43e47574a7be39992f0f4474dc46292?s=60&d=mm&r=g
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Tue, 24 May 2022 14:27:31 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="a43e47574a7be39992f0f4474dc46292.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/a43e47574a7be39992f0f4474dc46292?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Tue, 24 May 2022 14:32:31 GMT
devicepx-jetpack.js
s0.wp.com/wp-content/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202221
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
br
server
nginx
etag
W/"5c066eb1-52b6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dca
timing-allow-origin
*
expires
Mon, 22 May 2023 21:25:27 GMT
gprofiles.js
secure.gravatar.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/js/gprofiles.js?ver=2022Mayaa
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b8ddfe2786718750e37a2a7d2841e4e6a110a1877e21a03675d47c591d4a7f03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
br
last-modified
Fri, 25 Feb 2022 16:03:16 GMT
server
nginx
etag
W/"6218fdc4-5df8"
content-type
application/javascript
cache-control
max-age=604800
expires
Tue, 31 May 2022 14:27:31 GMT
wpgroho.js
www.patrick-bareiss.com/wp-content/plugins/jetpack/modules/ 		1 KB
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 14:05:34 GMT
server
nginx
etag
W/"42e-5c3dd119a762d"
vary
Accept-Encoding
content-type
application/x-javascript
skip-link-focus-fix.js
www.patrick-bareiss.com/wp-content/themes/rocked/js/ 		751 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/themes/rocked/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 07:47:39 GMT
server
nginx
etag
W/"2ef-587cebb4dbcc0"
vary
Accept-Encoding
content-type
application/x-javascript
scripts.js
www.patrick-bareiss.com/wp-content/themes/rocked/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/themes/rocked/js/scripts.js?ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
72939e8c5e10d3ace3f169a21fbc94f28e27afbca3038a67932a95ce1cf443a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 07:47:39 GMT
server
nginx
etag
W/"a6f4-587cebb4dbcc0"
vary
Accept-Encoding
content-type
application/x-javascript
main.min.js
www.patrick-bareiss.com/wp-content/themes/rocked/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/themes/rocked/js/main.min.js?ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
bb2b8bf11e77f336518a35eb57ee10f7155c323554386b404500cfbe380e070c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 07:47:39 GMT
server
nginx
etag
W/"139d-587cebb4dbcc0"
vary
Accept-Encoding
content-type
application/x-javascript
twitter-timeline.min.js
www.patrick-bareiss.com/wp-content/plugins/jetpack/_inc/build/ 		331 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
291b553dee180f838e513bf2580c9af27f8312320581e3c91029a7c4d5eb2fbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 14:05:34 GMT
server
nginx
etag
W/"14b-5c3dd119d5488"
vary
Accept-Encoding
content-type
application/x-javascript
wp-embed.min.js
www.patrick-bareiss.com/wp-includes/js/ 		1 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-includes/js/wp-embed.min.js?ver=5.2.15
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 14:07:49 GMT
server
nginx
etag
W/"56f-5c0036377815e"
vary
Accept-Encoding
content-type
application/x-javascript
e-202221.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202221.js
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 14 May 2023 23:13:20 GMT
coding-1841550_1920.jpg
www.patrick-bareiss.com/wp-content/uploads/2019/01/ 		398 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.patrick-bareiss.com/wp-content/uploads/2019/01/coding-1841550_1920.jpg
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
e753d4e57b4e691719621c5387fe65a38a19eb16a49cc30de7b81a1074c68968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
last-modified
Sun, 13 Jan 2019 12:45:36 GMT
server
nginx
accept-ranges
bytes
etag
"63718-57f564dfe9c00"
content-length
407320
content-type
image/jpeg
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=5.2.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.patrick-bareiss.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 23:32:09 GMT
x-content-type-options
nosniff
age
53722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 23:32:09 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=5.2.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.patrick-bareiss.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:07:05 GMT
x-content-type-options
nosniff
age
595226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 17:07:05 GMT
fontawesome-webfont.woff2
www.patrick-bareiss.com/wp-content/themes/rocked/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.patrick-bareiss.com/wp-content/themes/rocked/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/wp-content/themes/rocked/fonts/font-awesome.min.css?ver=5.2.15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.165 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s165.goserver.host
Software
nginx /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://www.patrick-bareiss.com/wp-content/themes/rocked/fonts/font-awesome.min.css?ver=5.2.15
Origin
https://www.patrick-bareiss.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
last-modified
Wed, 01 May 2019 07:47:39 GMT
server
nginx
accept-ranges
bytes
etag
"ddcc-587cebb4dbcc0"
content-length
56780
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 14:27:31 GMT
Content-Encoding
gzip
Age
194
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:06:46 GMT
Server
ECS (frb/6727)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A7.9.2&blog=156772958&post=220&tz=0&srv=www.patrick-bareiss.com&host=www.patrick-bareiss.com&ref=&fcp=0&rand=0.7603048613574768
Requested by
Host: www.patrick-bareiss.com
URL: https://www.patrick-bareiss.com/detect-c2-traffic-over-dns-using-sigma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 24 May 2022 14:27:31 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
hovercard.min.css
secure.gravatar.com/dist/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/dist/css/hovercard.min.css?ver=2022Mayaa
Requested by
Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2022Mayaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
br
last-modified
Wed, 11 Nov 2020 15:57:10 GMT
server
nginx
etag
W/"5fac09d6-1e86"
content-type
text/css
cache-control
max-age=604800
expires
Tue, 31 May 2022 14:27:31 GMT
services.min.css
secure.gravatar.com/dist/css/ 		3 KB
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/dist/css/services.min.css?ver=2022Mayaa
Requested by
Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2022Mayaa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
br
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-a54"
content-type
text/css
cache-control
max-age=604800
expires
Tue, 31 May 2022 14:27:31 GMT
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame 045A 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.patrick-bareiss.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.patrick-bareiss.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
337870
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Tue, 24 May 2022 14:27:31 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Sun, 15 May 2022 20:03:39 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6727)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 045A 		278 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=efa711406f7cfbfce8b28537fb60c1e66a0c6bbc
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.patrick-bareiss.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time
112
date
Tue, 24 May 2022 14:27:31 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 14:27:31 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
0dd84d885644acc7ed2449a77fa2057d76f8c51b28843365930e25206a4471d4
content-length
179
moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
platform.twitter.com/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 14:27:32 GMT
Content-Encoding
gzip
Age
337871
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
8084
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:03:32 GMT
Server
ECS (frb/6794)
Etag
"8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.2002b66aa236ee3e1e6728119a7c4b98.js
platform.twitter.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 14:27:32 GMT
Content-Encoding
gzip
Age
337870
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
6371
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:03:32 GMT
Server
ECS (frb/6727)
Etag
"57d65599f609862f8724a6a6475c8c7a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
profile
cdn.syndication.twimg.com/timeline/ 		176 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_bareiss_patrick_old&dnt=false&domain=www.patrick-bareiss.com&lang=en&screen_name=bareiss_patrick&suppress_response_codes=true&t=1837113&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
2ef19e45f494d2b60af87279e16432944bdddee7c91f9a16d9fdd9ce1395b706
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
server-timing
"x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=395
content-length
15910
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
x-response-time
380
last-modified
Tue, 24 May 2022 14:27:32 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
49693dd708e44fdadc52f252aea24c04c8d5ad6c7bb7c879cbdd8681117bb5c2
timing-allow-origin
*
x-transaction
8081640b11e36d10
expires
Tue, 24 May 2022 14:32:32 GMT
1f389.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f389.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E9D) /
Resource Hash
7289a4aa98f9a81a1108f98abfcebd214dab96df64c8ea67ed6e83116a8e4ce8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
25222059
x-ton-expected-size
1376
x-cache
HIT
content-length
1376
x-response-time
15
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:30 GMT
server
ECAcc (frc/8E9D)
etag
"vbXWRIAyMlN8WVXlF7340Q=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
f7a368ad7a3f1373f54705eef6a487a5c68b7f04b0bfa02a2412c8142505fc0a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f3d7.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		978 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f3d7.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F15) /
Resource Hash
7dec929c5b2e015a405078bdd038137420b8b9605cf4525d2d8f145c4abfc8c3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
24559554
x-ton-expected-size
978
x-cache
HIT
content-length
978
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:33 GMT
server
ECAcc (frc/8F15)
etag
"lAplYrRZF04m7AY+y1iYwQ=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
74efe2c62ea8bea6624bcf5ac776588709690d68419e60533135d86df9d12b4d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f60a.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		796 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f60a.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E9A) /
Resource Hash
5dc76062acc5a80d95fdd823db908640d52dac05ad1a4899ab9e723bfa0bbbfb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
27954642
x-ton-expected-size
796
x-cache
HIT
content-length
796
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:28 GMT
server
ECAcc (frc/8E9A)
etag
"89xNXXOiLp+o290aKwUirA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
7626e7d8d2a4e1f4c573a401f2374af1f1e643ed1b77cc9788f4200e59057898
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
VmD8nFqj
pbs.twimg.com/card_img/1527383998431137792/ Frame AD5B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527383998431137792/VmD8nFqj?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
cfc74cba20ac6331a1bf44664fd7ca46d98f677dc3a433f9a4313f794afbd8da
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
410134
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5295
x-response-time
141
surrogate-key
card_img card_img/bucket/6 card_img/1527383998431137792
last-modified
Thu, 19 May 2022 20:19:37 GMT
server
ECS (frb/6725)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9b15b8aa1a1fc394edc3e0ba14ceea1a2081ccc37c068e7eae29eeb80314dcde
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
2m4lFevb
pbs.twimg.com/card_img/1526930914973995009/ Frame AD5B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526930914973995009/2m4lFevb?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
3b0be000273cc4f66704df39f70a02f3e3510f801eb22393b840f9fdb505ea82
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
514533
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
4987
x-response-time
160
surrogate-key
card_img card_img/bucket/7 card_img/1526930914973995009
last-modified
Wed, 18 May 2022 14:19:13 GMT
server
ECS (frb/67BA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
87bc1b569089ed8b8bfee48b287ea01f63b029628fc83a9fb056181d8cccbeb8
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
MQj8etX-
pbs.twimg.com/card_img/1526697386055241730/ Frame AD5B 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526697386055241730/MQj8etX-?format=jpg&name=600x314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
f54a8507bdd0165b73e80aec1004c1d2e765e2cfc58a53359d890822015829d4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
558422
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
64639
x-response-time
265
surrogate-key
card_img card_img/bucket/0 card_img/1526697386055241730
last-modified
Tue, 17 May 2022 22:51:16 GMT
server
ECS (frb/67A8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5ac9f32113a64dcc16d6da1939d70d94c05483b7f566f8ed3b5e93a872fb438b
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
1f4e2.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		772 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f4e2.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDE) /
Resource Hash
e30162d2d4a7d75d9d3792be181b9c9bf2d0e2aacee1db052f2c7fb0865062fd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
26460753
x-ton-expected-size
772
x-cache
HIT
content-length
772
x-response-time
13
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:24 GMT
server
ECAcc (frc/8FDE)
etag
"mGOYevTlwEQa1TYtebkO2A=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
f387e38fe26ce472fa4ee749a409c6181b940ca496a2036aef6da9e949d763b7
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f44f.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f44f.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F88) /
Resource Hash
876e139116fc16aa3c4d125fc455be61e9c68bf474539ca822a2d2edee6a7459
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
22756626
x-ton-expected-size
1072
x-cache
HIT
content-length
1072
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:35 GMT
server
ECAcc (frc/8F88)
etag
"HwgzY5zG+7n9Q99ZvoJHLw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
9ff58b17bdec1428f180f3f4b87ae8a8eb9cab713873ec88a9edae7974b2bc3a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f6e1.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		850 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f6e1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6D) /
Resource Hash
14507cfc799d2855cf0d49832541c4729eac707e256e73d3f83aa9d72a8bb123
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
24821148
x-ton-expected-size
850
x-cache
HIT
content-length
850
x-response-time
13
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:33 GMT
server
ECAcc (frc/8F6D)
etag
"eUXxZ90TIBlnc88x8uio9A=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
4b2e6965821ec9fa901a772df5eba3b168d59bedf1e08853382c4cebbcda8b0c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f4d3.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		556 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f4d3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F76) /
Resource Hash
9d1a45817267e08e4f53c01c5030cbcfc286aaade3ab5103af8dd5f90ae2b55c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
29832930
x-ton-expected-size
556
x-cache
HIT
content-length
556
x-response-time
8
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:24 GMT
server
ECAcc (frc/8F76)
etag
"y8Y1aIfJyofVT085VS0YjA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
d2e26da71d1d1e3baa65ae221aa9f63cbee7467df56c46b0f3e3f0d3bcdbf567
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f647-200d-2642-fe0f.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f647-200d-2642-fe0f.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6C) /
Resource Hash
bbbecd6d5c7064542713c0fe31732401f003331867dbe918ee2ea730a6f3da65
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
7474527
x-ton-expected-size
1033
x-cache
HIT
content-length
1033
x-response-time
7
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:30 GMT
server
ECAcc (frc/8F6C)
etag
"Fl4DrWSgFK376NRMvEcojw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
758cfcc77acdc3e2bfeaaa1b755082054e9135484f04817ef2d80ce92aa2dd15
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
2665.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		468 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/2665.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F68) /
Resource Hash
c74295fa0227f14af267010e808d6051dda6f8237142c181c9470ffe31e3d2b2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
24609726
x-ton-expected-size
468
x-cache
HIT
content-length
468
x-response-time
12
surrogate-key
twitter-assets
last-modified
Fri, 10 Aug 2018 17:43:25 GMT
server
ECAcc (frc/8F68)
etag
"mI9QOkhQi3fp0IxsX+RS6Q=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
5f9ea7371f26a03672f27eb2cf041f489384a871edfd236e0a183c0163a41aab
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
oeARq6te
pbs.twimg.com/card_img/1527791878850109440/ Frame AD5B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527791878850109440/oeARq6te?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
2a9f9816bbabf38cd2be173fe5e871df3237fe73465b83711a493e63862d8222
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
267879
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
4635
x-response-time
136
surrogate-key
card_img card_img/bucket/2 card_img/1527791878850109440
last-modified
Fri, 20 May 2022 23:20:23 GMT
server
ECS (frb/6711)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b634d948601f27afd0102cf12a7a2a1db5770f6848083e047436a5a6240c1ad0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
rqjznrtJ
pbs.twimg.com/card_img/1526610115205505024/ Frame AD5B 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526610115205505024/rqjznrtJ?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
0853340dbeed2f1e04b563219bd053a46fccf86564565a13ad18d57a653c9602
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
575061
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5562
x-response-time
146
surrogate-key
card_img card_img/bucket/5 card_img/1526610115205505024
last-modified
Tue, 17 May 2022 17:04:29 GMT
server
ECS (frb/668B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
30370e142412bc1f173992be8b4e3fede4f28a0a1154e076db8bc72721048703
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
1f575.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f575.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2E) /
Resource Hash
abb7acdaab004a7926461fad56287972d556ff7bcd065c253fed0c31ee8360d7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
27321233
x-ton-expected-size
1018
x-cache
HIT
content-length
1018
x-response-time
15
surrogate-key
twitter-assets
last-modified
Thu, 31 Oct 2019 20:04:10 GMT
server
ECAcc (frc/8F2E)
etag
"9MBnvAZl5zT3kJjjyGttVA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
32ce5c6360c05bb8766b50e8cda6ec93
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
fvVALP-9
pbs.twimg.com/card_img/1527413181429211138/ Frame AD5B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527413181429211138/fvVALP-9?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
f5f2cb090a312c37ad24e8e2fa1cbabc46aa8776dcd69e4d80e9e49fbbe269e3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
370741
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5875
x-response-time
131
surrogate-key
card_img card_img/bucket/8 card_img/1527413181429211138
last-modified
Thu, 19 May 2022 22:15:35 GMT
server
ECS (frb/6739)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
28fa0c619d94b57a76321e8a5740c22ac5533e0beda606fff76adcf4fbd784c9
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
1f6a8.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		940 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f6a8.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F9F) /
Resource Hash
6e07380db23f60b5c28611eb12f99476fb037300142ebbbdf38e2254a4dedbea
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
27013749
x-ton-expected-size
940
x-cache
HIT
content-length
940
x-response-time
11
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:32 GMT
server
ECAcc (frc/8F9F)
etag
"7rXnv2lwg1nByeRgGaDdLA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
a15f13e39a9bde1e60240eff2c58b87c8d60869cefcad2f9cc048a918f2f533f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f525.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f525.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7D) /
Resource Hash
b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
30844262
x-ton-expected-size
928
x-cache
HIT
content-length
928
x-response-time
8
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:26 GMT
server
ECAcc (frc/8F7D)
etag
"SGKFnTk7KmjONB+h88D/mw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
2fed23f2cbeea071995af40838e36008
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
hGjmaZA_
pbs.twimg.com/card_img/1527968684345593856/ Frame AD5B 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527968684345593856/hGjmaZA_?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
dd9294c32e0fb096b25fa16dbd5b4847e4ea87807c208d6355bc365cc28f6791
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
267879
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
9650
x-response-time
186
surrogate-key
card_img card_img/bucket/0 card_img/1527968684345593856
last-modified
Sat, 21 May 2022 11:02:57 GMT
server
ECS (frb/668B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
da90ac3ba273c94ed1479f4a459d4863f88dcb4c3c8e335167da73bf98eff242
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
1f3a2.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f3a2.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F58) /
Resource Hash
e34d49c84f4eb727b7a8d619d6d895f18e3ec464230b047a64a22c479189b88b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
29050625
x-ton-expected-size
1024
x-cache
HIT
content-length
1024
x-response-time
13
surrogate-key
twitter-assets
last-modified
Mon, 13 Jul 2020 16:47:48 GMT
server
ECAcc (frc/8F58)
etag
"jx7uGHv72PsNMaKrGE6PYg=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
59b9633ea840eca684f5952cc78af198
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f69a.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		590 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f69a.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F50) /
Resource Hash
7ed02e3a7467b69c58c9b7bde8e6758c01b9350d70ccc6b0f78a593d59266142
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
27926357
x-ton-expected-size
590
x-cache
HIT
content-length
590
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:31 GMT
server
ECAcc (frc/8F50)
etag
"S1HX+bOccPD8V8vT2UT5bw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
01b1bbde2f577ec434da1c200c25ed2237b6c0b8d77e35bc8616877ba9b1f60a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
fm3johmZ
pbs.twimg.com/card_img/1526615344646856704/ Frame AD5B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526615344646856704/fm3johmZ?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
0bc4f8d79835c32344c8e1209270c59afcc487b90da44576df0cc0d4dfdaa77f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
575061
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
8681
x-response-time
162
surrogate-key
card_img card_img/bucket/1 card_img/1526615344646856704
last-modified
Tue, 17 May 2022 17:25:15 GMT
server
ECS (frb/67BD)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
65edcb450768df43b0b1854ca80317eb93d6a0411674fc7916cfca7bfa5d1d5e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
fkpdhn37
pbs.twimg.com/card_img/1528309980981510145/ Frame AD5B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1528309980981510145/fkpdhn37?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
712fa786a6afa5d5a58c1798ba962078bc1b0f1fac42cefe69e6697c099212f8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
157248
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
5407
x-response-time
164
surrogate-key
card_img card_img/bucket/5 card_img/1528309980981510145
last-modified
Sun, 22 May 2022 09:39:08 GMT
server
ECS (frb/6752)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
da6dbb1a13f1149a32b5f66df91e7506b06f0950ad861a7d72a18fc71f9a8b53
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
8oNmdTpI
pbs.twimg.com/card_img/1527678980064694273/ Frame AD5B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527678980064694273/8oNmdTpI?format=jpg&name=600x314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
1633f0b0367953a225b0f61448e55c9237f1f0c6d815dfc62c947edc49692e9d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
325353
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
17928
x-response-time
247
surrogate-key
card_img card_img/bucket/8 card_img/1527678980064694273
last-modified
Fri, 20 May 2022 15:51:46 GMT
server
ECS (frb/668A)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
adaed408b880bfd67f54400deefdcf8c8f70921554bba9ccc764c322480543bd
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
2694.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/2694.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1D) /
Resource Hash
df56cd37825d12326acbd41be75e01f026bacf227b5831dc90f06ce36bbc662d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
6664436
x-ton-expected-size
1027
x-cache
HIT
content-length
1027
x-response-time
7
surrogate-key
twitter-assets
last-modified
Wed, 15 Apr 2020 20:56:51 GMT
server
ECAcc (frc/8F1D)
etag
"kVQfTAjpIH+l4KruZQUDvQ=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
9205935d21f0763b3f641f8825fc225345cb391d0178027d075202edcf0dd491
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f334.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f334.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F70) /
Resource Hash
add3d019f038434f5d94d36e0f2c2600fe5fe9f1d3d8a6b7c9ce95d9000c8c8b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
30949811
x-ton-expected-size
1059
x-cache
HIT
content-length
1059
x-response-time
21
surrogate-key
twitter-assets
last-modified
Thu, 17 May 2018 19:30:20 GMT
server
ECAcc (frc/8F70)
etag
"+tGWwAlT2MpslA/Fmxtlmg=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
238b57a68c7ceea1d2e6e70c7616ba6c47b406cea6eb3725d786b6a6c16d84a1
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
1f682.png
abs.twimg.com/emoji/v2/72x72/ Frame AD5B 		841 B
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f682.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F88) /
Resource Hash
d96c7112fb325db04d665715bfd920e9248b5bf63558897a0c473a90eeeb8758
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
28705521
x-ton-expected-size
841
x-cache
HIT
content-length
841
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:31 GMT
server
ECAcc (frc/8F88)
etag
"5QNxLbbbb9zstozq5iou2w=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
ef734bcd543d4d6af95a7572475ae1c9be6f1e285e3b3cf541e74762a528a4a1
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 24 May 2023 14:27:32 GMT
ZOIyVybc
pbs.twimg.com/card_img/1528630990629117953/ Frame AD5B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1528630990629117953/ZOIyVybc?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
b5311292e38a67012e295eb3d784a4559867c7a7792eec98fcb660539c48066b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
107881
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
7910
x-response-time
132
surrogate-key
card_img card_img/bucket/2 card_img/1528630990629117953
last-modified
Mon, 23 May 2022 06:54:43 GMT
server
ECS (frb/67C2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
28fb452db233463cf184c64572eecd37d4e30bc6273c91cf74a6225830102c5f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame AD5B 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 14:27:32 GMT
Content-Encoding
gzip
Age
337871
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:03:29 GMT
Server
ECS (frb/6796)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 14:27:32 GMT
Content-Encoding
gzip
Age
337871
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:03:29 GMT
Server
ECS (frb/6796)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
IgeTKAAf_normal.jpg
pbs.twimg.com/profile_images/1417273468358430721/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1417273468358430721/IgeTKAAf_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
ccd2f6167fe229261b8db8e8c6e1768f36f434911ede0b76a4e7d652f385e477
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
455900
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
1883
x-response-time
109
surrogate-key
profile_images profile_images/bucket/8 profile_images/1417273468358430721
last-modified
Mon, 19 Jul 2021 23:59:41 GMT
server
ECS (frb/6739)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
3243bb3d8dfd2edffb8a431034e6fa8e27d1211d4ecc2c08e084ce24e3215323
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
_kpMu3hL_normal.jpg
pbs.twimg.com/profile_images/1051567420970860544/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1051567420970860544/_kpMu3hL_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
fbe72903d78df284d3fbbac5142eed982891685fb7b0fee42945266cc759bb7b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
63794
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=5
content-length
2035
x-response-time
116
surrogate-key
profile_images profile_images/bucket/4 profile_images/1051567420970860544
last-modified
Sun, 14 Oct 2018 20:14:24 GMT
server
ECS (frb/6763)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
229207828083bb46fec8507948fcbf4cae0ef137de1855d952a9f9b208e189cf
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
MbzcYTNL_normal.jpg
pbs.twimg.com/profile_images/1257686188850327553/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1257686188850327553/MbzcYTNL_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
c8c760d8c281c15692b744364a9d2d9a4ae3fdc61669ce65198fb97327b486ac
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
25596
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
2035
x-response-time
116
surrogate-key
profile_images profile_images/bucket/4 profile_images/1257686188850327553
last-modified
Tue, 05 May 2020 14:56:48 GMT
server
ECS (frb/67C2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bd9ae97ce7953536f0cd7ad07b1f6695ba65b252cde5b350e8ffbfb288c2a397
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
79qiYwRC_normal.jpg
pbs.twimg.com/profile_images/1027612508817948673/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1027612508817948673/79qiYwRC_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
65a9c45fc4d777c47049f44e5da13058b00aa998808a7aef462a31fb16bb7155
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
95030
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
2035
x-response-time
118
surrogate-key
profile_images profile_images/bucket/5 profile_images/1027612508817948673
last-modified
Thu, 09 Aug 2018 17:46:08 GMT
server
ECS (frb/6760)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
287bc94f39ba7aca39dfd4207f9869565918bdfbbeda8a53b4998affe2f3d355
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
2AaKCNiy_normal.jpg
pbs.twimg.com/profile_images/1247257789660934144/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1247257789660934144/2AaKCNiy_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
b75c1287766e97e4a466909eba400e839a51c6582180ed3b72cdd6f06dce6939
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
186647
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
2263
x-response-time
116
surrogate-key
profile_images profile_images/bucket/9 profile_images/1247257789660934144
last-modified
Mon, 06 Apr 2020 20:18:04 GMT
server
ECS (frb/6794)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
606f68939439ffa98d228e9a27b25a92b64897bb4588e4a1e78380db945fbc12
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
cna8fSA7_normal.jpg
pbs.twimg.com/profile_images/1280930967025119232/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1280930967025119232/cna8fSA7_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
abfd96a016780dd70d325b76f94b34a7fd38c21dd5feccfafb6797ae6237b63c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
195918
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
1959
x-response-time
109
surrogate-key
profile_images profile_images/bucket/2 profile_images/1280930967025119232
last-modified
Wed, 08 Jul 2020 18:23:15 GMT
server
ECS (frb/6724)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
31624dde7711eebfa80fc83994e4c595bb59c9484a5f3d3dfda56e55174fcf4c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
HBGs4E21_normal.jpg
pbs.twimg.com/profile_images/913170142565142528/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/913170142565142528/HBGs4E21_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
aa0bfe3c481247aab332d1e11673f5ed1c0af44f24d18f83c93827c2bbc8e118
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
77911
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
2035
x-response-time
117
surrogate-key
profile_images profile_images/bucket/0 profile_images/913170142565142528
last-modified
Wed, 27 Sep 2017 22:33:02 GMT
server
ECS (frb/67F3)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8443f100ef39645c3d71f0fa1c35355e266560a962ceb7f1f8e39ce887be4352
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
m3SXu_cE_normal.jpg
pbs.twimg.com/profile_images/1083805663023767554/ Frame AD5B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1083805663023767554/m3SXu_cE_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
7448a91f568637a1a3e3c04238bdf12c8e4d1c85bfc89a3cb0d6d8642454656b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
157248
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
2187
x-response-time
116
surrogate-key
profile_images profile_images/bucket/5 profile_images/1083805663023767554
last-modified
Fri, 11 Jan 2019 19:17:40 GMT
server
ECS (frb/6724)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
425357509079767ceaf7d09d1ab4e6d74c4bae47509b748cac4a12a6465701fe
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
bc6f1e94c6d2fb92de60876c3d7b911c_normal.jpeg
pbs.twimg.com/profile_images/378800000054415512/ Frame AD5B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/378800000054415512/bc6f1e94c6d2fb92de60876c3d7b911c_normal.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
6d40568e9e8d686afb1ae2e36fc437ed34da5df2176a34dc2e61fe70f0f74bc2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
338611
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
7190
x-response-time
110
surrogate-key
profile_images profile_images/bucket/1 profile_images/378800000054415512
last-modified
Sat, 14 Sep 2013 08:36:52 GMT
server
ECS (frb/67E2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
d456968cd64b00f43e3b24d3567f85e710ba797419fb282e95a40891d61703bd
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FQIqWhrWYAA8ZxU
pbs.twimg.com/media/ Frame AD5B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FQIqWhrWYAA8ZxU?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
89f4d04ada8313767bd1adf771bd50668d919ed9935319f71f54abb274ebc24b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
267879
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
26350
x-response-time
107
surrogate-key
media media/bucket/8 media/1513818991235588096
last-modified
Tue, 12 Apr 2022 09:57:07 GMT
server
ECS (frb/6760)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8ae41528a32c1b92b5b74d1731eb39fce8094641618faef4392c8c88025c7a1d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FPgwyWCVsAEOr0M
pbs.twimg.com/media/ Frame AD5B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FPgwyWCVsAEOr0M?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
78dc2734eb0652d4727c3e5114eb9bf19a0bc497e1e43288d68ae37cefcffcd4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
320651
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
6502
x-response-time
110
surrogate-key
media media/bucket/8 media/1511011316449783809
last-modified
Mon, 04 Apr 2022 16:00:25 GMT
server
ECS (frb/67A8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
dab7f60a2290f0aaa6196c065d25c6b35bf69bf311b66bf3a91a1835fa3ed3e1
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FIX63pbXIAIn16h
pbs.twimg.com/media/ Frame AD5B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FIX63pbXIAIn16h?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
e61cd70c315625e753e435b7a4e9be3260ebd506490db391eb12b6130ce3f4b3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
320651
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
11400
x-response-time
107
surrogate-key
media media/bucket/1 media/1478863886581440514
last-modified
Wed, 05 Jan 2022 22:58:01 GMT
server
ECS (frb/67F3)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
05409002eda135f04b1a4737ac6680ae73ddde16723c88d3b84b9d4ba8b04115
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FDwNx3xX0Acs1IW
pbs.twimg.com/media/ Frame AD5B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FDwNx3xX0Acs1IW?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
be0f21a86c629201c37948e0393b0d531a570af6e4fa542bbd7bf2d1d4d835cd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
320651
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
18944
x-response-time
121
surrogate-key
media media/bucket/5 media/1458055529796980743
last-modified
Tue, 09 Nov 2021 12:53:02 GMT
server
ECS (frb/674B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
e85b5d52742f6141585e550330bfa821046624440567cf654d4f9fed13187127
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
E7ZqNx6XEAICFZY
pbs.twimg.com/media/ Frame AD5B 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/E7ZqNx6XEAICFZY?format=png&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
e817365a54100cbdccb53b46048b7525b295589f01682dc6078bc05e2da2b746
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
320651
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
15870
x-response-time
113
surrogate-key
media media/bucket/3 media/1420439517450932226
last-modified
Wed, 28 Jul 2021 17:40:26 GMT
server
ECS (frb/67AA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
50415502048da28b63382b936951af20a203593912ebdb49310a04717cce5ea1
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
E379jtyWUAsRuGo
pbs.twimg.com/media/ Frame AD5B 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/E379jtyWUAsRuGo?format=png&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
7f95b2b6f335e2d86d4f98df67d5f9bdb7e78e9ca2326d455731010e808fde6e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
320651
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
23234
x-response-time
106
surrogate-key
media media/bucket/0 media/1404838923814195211
last-modified
Tue, 15 Jun 2021 16:29:14 GMT
server
ECS (frb/67BA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
984972ced6441aebe70978fe150111b52945dc64bb8da077defdedc35ba40c77
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ExLoUxeVcBInqsg
pbs.twimg.com/media/ Frame AD5B 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/ExLoUxeVcBInqsg?format=png&name=360x360
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
a1e4a023d96dd8c0ce365c0237babfdb6531006c7ad47b8d550a693d0d02f7eb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
320651
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
82635
x-response-time
114
surrogate-key
media media/bucket/1 media/1374416279877021714
last-modified
Tue, 23 Mar 2021 17:40:31 GMT
server
ECS (frb/67C2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
c018d403b5daaa2c672b5d5192239e0b8810d0fb555e025137c2acf6ff5ecca9
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame AD5B 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442751
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
c7239bedce82cc36994fbd24d265ff381a6fecb3ea51c183902271f7f0cde0fc
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 31 May 2022 14:27:32 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442751
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
c7239bedce82cc36994fbd24d265ff381a6fecb3ea51c183902271f7f0cde0fc
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 31 May 2022 14:27:32 GMT
truncated
/ Frame AD5B 		512 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AD5B 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AD5B 		739 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AD5B 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AD5B 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame AD5B 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
VmD8nFqj
pbs.twimg.com/card_img/1527383998431137792/ Frame AD5B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527383998431137792/VmD8nFqj?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
cfc74cba20ac6331a1bf44664fd7ca46d98f677dc3a433f9a4313f794afbd8da
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
410134
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5295
x-response-time
141
surrogate-key
card_img card_img/bucket/6 card_img/1527383998431137792
last-modified
Thu, 19 May 2022 20:19:37 GMT
server
ECS (frb/6725)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9b15b8aa1a1fc394edc3e0ba14ceea1a2081ccc37c068e7eae29eeb80314dcde
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
2m4lFevb
pbs.twimg.com/card_img/1526930914973995009/ Frame AD5B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526930914973995009/2m4lFevb?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
3b0be000273cc4f66704df39f70a02f3e3510f801eb22393b840f9fdb505ea82
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
514533
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
4987
x-response-time
160
surrogate-key
card_img card_img/bucket/7 card_img/1526930914973995009
last-modified
Wed, 18 May 2022 14:19:13 GMT
server
ECS (frb/67BA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
87bc1b569089ed8b8bfee48b287ea01f63b029628fc83a9fb056181d8cccbeb8
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
MQj8etX-
pbs.twimg.com/card_img/1526697386055241730/ Frame AD5B 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526697386055241730/MQj8etX-?format=jpg&name=600x314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
f54a8507bdd0165b73e80aec1004c1d2e765e2cfc58a53359d890822015829d4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
558422
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
64639
x-response-time
265
surrogate-key
card_img card_img/bucket/0 card_img/1526697386055241730
last-modified
Tue, 17 May 2022 22:51:16 GMT
server
ECS (frb/67A8)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5ac9f32113a64dcc16d6da1939d70d94c05483b7f566f8ed3b5e93a872fb438b
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
oeARq6te
pbs.twimg.com/card_img/1527791878850109440/ Frame AD5B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527791878850109440/oeARq6te?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
2a9f9816bbabf38cd2be173fe5e871df3237fe73465b83711a493e63862d8222
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
267879
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
4635
x-response-time
136
surrogate-key
card_img card_img/bucket/2 card_img/1527791878850109440
last-modified
Fri, 20 May 2022 23:20:23 GMT
server
ECS (frb/6711)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b634d948601f27afd0102cf12a7a2a1db5770f6848083e047436a5a6240c1ad0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
rqjznrtJ
pbs.twimg.com/card_img/1526610115205505024/ Frame AD5B 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526610115205505024/rqjznrtJ?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
0853340dbeed2f1e04b563219bd053a46fccf86564565a13ad18d57a653c9602
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
575061
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5562
x-response-time
146
surrogate-key
card_img card_img/bucket/5 card_img/1526610115205505024
last-modified
Tue, 17 May 2022 17:04:29 GMT
server
ECS (frb/668B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
30370e142412bc1f173992be8b4e3fede4f28a0a1154e076db8bc72721048703
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
fvVALP-9
pbs.twimg.com/card_img/1527413181429211138/ Frame AD5B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527413181429211138/fvVALP-9?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
f5f2cb090a312c37ad24e8e2fa1cbabc46aa8776dcd69e4d80e9e49fbbe269e3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
370741
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5875
x-response-time
131
surrogate-key
card_img card_img/bucket/8 card_img/1527413181429211138
last-modified
Thu, 19 May 2022 22:15:35 GMT
server
ECS (frb/6739)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
28fa0c619d94b57a76321e8a5740c22ac5533e0beda606fff76adcf4fbd784c9
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
hGjmaZA_
pbs.twimg.com/card_img/1527968684345593856/ Frame AD5B 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527968684345593856/hGjmaZA_?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
dd9294c32e0fb096b25fa16dbd5b4847e4ea87807c208d6355bc365cc28f6791
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
267879
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
9650
x-response-time
186
surrogate-key
card_img card_img/bucket/0 card_img/1527968684345593856
last-modified
Sat, 21 May 2022 11:02:57 GMT
server
ECS (frb/668B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
da90ac3ba273c94ed1479f4a459d4863f88dcb4c3c8e335167da73bf98eff242
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
fm3johmZ
pbs.twimg.com/card_img/1526615344646856704/ Frame AD5B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1526615344646856704/fm3johmZ?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
0bc4f8d79835c32344c8e1209270c59afcc487b90da44576df0cc0d4dfdaa77f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
575061
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
8681
x-response-time
162
surrogate-key
card_img card_img/bucket/1 card_img/1526615344646856704
last-modified
Tue, 17 May 2022 17:25:15 GMT
server
ECS (frb/67BD)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
65edcb450768df43b0b1854ca80317eb93d6a0411674fc7916cfca7bfa5d1d5e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
fkpdhn37
pbs.twimg.com/card_img/1528309980981510145/ Frame AD5B 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1528309980981510145/fkpdhn37?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
712fa786a6afa5d5a58c1798ba962078bc1b0f1fac42cefe69e6697c099212f8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
157248
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
5407
x-response-time
164
surrogate-key
card_img card_img/bucket/5 card_img/1528309980981510145
last-modified
Sun, 22 May 2022 09:39:08 GMT
server
ECS (frb/6752)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
da6dbb1a13f1149a32b5f66df91e7506b06f0950ad861a7d72a18fc71f9a8b53
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
8oNmdTpI
pbs.twimg.com/card_img/1527678980064694273/ Frame AD5B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1527678980064694273/8oNmdTpI?format=jpg&name=600x314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
1633f0b0367953a225b0f61448e55c9237f1f0c6d815dfc62c947edc49692e9d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
325353
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
17928
x-response-time
247
surrogate-key
card_img card_img/bucket/8 card_img/1527678980064694273
last-modified
Fri, 20 May 2022 15:51:46 GMT
server
ECS (frb/668A)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
adaed408b880bfd67f54400deefdcf8c8f70921554bba9ccc764c322480543bd
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ZOIyVybc
pbs.twimg.com/card_img/1528630990629117953/ Frame AD5B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1528630990629117953/ZOIyVybc?format=jpg&name=144x144_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
b5311292e38a67012e295eb3d784a4559867c7a7792eec98fcb660539c48066b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
x-content-type-options
nosniff
age
107881
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
7910
x-response-time
132
surrogate-key
card_img card_img/bucket/2 card_img/1528630990629117953
last-modified
Mon, 23 May 2022 06:54:43 GMT
server
ECS (frb/67C2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
28fb452db233463cf184c64572eecd37d4e30bc6273c91cf74a6225830102c5f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.patrick-bareiss.com%2Fdetect-c2-traffic-over-dns-using-sigma%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_partner%22%3A%22jetpack%22%2C%22widget_site_screen_name%22%3A%22bareiss_patrick%22%2C%22widget_creator_screen_name%22%3A%22bareiss_patrick%22%2C%22widget_data_source%22%3A%22profile%3Abareiss_patrick%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1653402452920%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=efa711406f7cfbfce8b28537fb60c1e66a0c6bbc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.patrick-bareiss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 14:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
116
pragma
no-cache
last-modified
Tue, 24 May 2022 14:27:32 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0dd84d885644acc7ed2449a77fa2057d76f8c51b28843365930e25206a4471d4
x-transaction
960584fd9286ecd7
expires
Tue, 31 Mar 1981 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _wpemojiSettings undefined| $ function| jQuery object| wpcom_img_zoomer object| detectZoom object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| WPGroHo object| jQuery1124015285923661379153 function| EventEmitter object| eventie function| imagesLoaded object| wp object| _stq function| st_go function| linktracker_init object| wpcom string| hash string| new_css object| $element object| __twttrll object| twttr object| __twttr

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
patrick-bareiss.com
pbs.twimg.com
pixel.wp.com
platform.twitter.com
s0.wp.com
secure.gravatar.com
stats.wp.com
syndication.twitter.com
ton.twimg.com
www.patrick-bareiss.com
104.244.42.136
185.30.32.165
192.0.76.3
192.0.77.32
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a04:fa87:fffe::c000:4902
0053444217ed3ef597f043b5928685aae753c714aa6c8d9f7a71588c895ebd41
068e2f18d47e3c6e38eee71beaa5d568af8a7729e5f2be2c4be47eafb4e458de
0853340dbeed2f1e04b563219bd053a46fccf86564565a13ad18d57a653c9602
0bc4f8d79835c32344c8e1209270c59afcc487b90da44576df0cc0d4dfdaa77f
14507cfc799d2855cf0d49832541c4729eac707e256e73d3f83aa9d72a8bb123
1633f0b0367953a225b0f61448e55c9237f1f0c6d815dfc62c947edc49692e9d
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
291b553dee180f838e513bf2580c9af27f8312320581e3c91029a7c4d5eb2fbc
2a9f9816bbabf38cd2be173fe5e871df3237fe73465b83711a493e63862d8222
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2ef19e45f494d2b60af87279e16432944bdddee7c91f9a16d9fdd9ce1395b706
3b0be000273cc4f66704df39f70a02f3e3510f801eb22393b840f9fdb505ea82
40580c9219c451cf5a9eed6b1ebb2e1a9bd019a8abcf8a3097dbd89a4f3c8eec
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5dc76062acc5a80d95fdd823db908640d52dac05ad1a4899ab9e723bfa0bbbfb
65a9c45fc4d777c47049f44e5da13058b00aa998808a7aef462a31fb16bb7155
6d40568e9e8d686afb1ae2e36fc437ed34da5df2176a34dc2e61fe70f0f74bc2
6e07380db23f60b5c28611eb12f99476fb037300142ebbbdf38e2254a4dedbea
712fa786a6afa5d5a58c1798ba962078bc1b0f1fac42cefe69e6697c099212f8
7289a4aa98f9a81a1108f98abfcebd214dab96df64c8ea67ed6e83116a8e4ce8
72939e8c5e10d3ace3f169a21fbc94f28e27afbca3038a67932a95ce1cf443a3
7448a91f568637a1a3e3c04238bdf12c8e4d1c85bfc89a3cb0d6d8642454656b
78dc2734eb0652d4727c3e5114eb9bf19a0bc497e1e43288d68ae37cefcffcd4
7dec929c5b2e015a405078bdd038137420b8b9605cf4525d2d8f145c4abfc8c3
7ed02e3a7467b69c58c9b7bde8e6758c01b9350d70ccc6b0f78a593d59266142
7f95b2b6f335e2d86d4f98df67d5f9bdb7e78e9ca2326d455731010e808fde6e
813a3434b57ed7743edf0432be2e9d9623a1c5d2f1c443ad5060a8cba234b738
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
876e139116fc16aa3c4d125fc455be61e9c68bf474539ca822a2d2edee6a7459
89f4d04ada8313767bd1adf771bd50668d919ed9935319f71f54abb274ebc24b
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
9d1a45817267e08e4f53c01c5030cbcfc286aaade3ab5103af8dd5f90ae2b55c
a1e4a023d96dd8c0ce365c0237babfdb6531006c7ad47b8d550a693d0d02f7eb
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aa0bfe3c481247aab332d1e11673f5ed1c0af44f24d18f83c93827c2bbc8e118
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abb7acdaab004a7926461fad56287972d556ff7bcd065c253fed0c31ee8360d7
abfd96a016780dd70d325b76f94b34a7fd38c21dd5feccfafb6797ae6237b63c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
add3d019f038434f5d94d36e0f2c2600fe5fe9f1d3d8a6b7c9ce95d9000c8c8b
b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25
b5311292e38a67012e295eb3d784a4559867c7a7792eec98fcb660539c48066b
b75c1287766e97e4a466909eba400e839a51c6582180ed3b72cdd6f06dce6939
b8ddfe2786718750e37a2a7d2841e4e6a110a1877e21a03675d47c591d4a7f03
bb2b8bf11e77f336518a35eb57ee10f7155c323554386b404500cfbe380e070c
bbbecd6d5c7064542713c0fe31732401f003331867dbe918ee2ea730a6f3da65
be0f21a86c629201c37948e0393b0d531a570af6e4fa542bbd7bf2d1d4d835cd
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c74295fa0227f14af267010e808d6051dda6f8237142c181c9470ffe31e3d2b2
c8c760d8c281c15692b744364a9d2d9a4ae3fdc61669ce65198fb97327b486ac
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ccd2f6167fe229261b8db8e8c6e1768f36f434911ede0b76a4e7d652f385e477
cfc74cba20ac6331a1bf44664fd7ca46d98f677dc3a433f9a4313f794afbd8da
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d96c7112fb325db04d665715bfd920e9248b5bf63558897a0c473a90eeeb8758
dd9294c32e0fb096b25fa16dbd5b4847e4ea87807c208d6355bc365cc28f6791
de5da5f5f5dcadf8820b5c65d0a1375cd261703366d9c3897e22654474c43360
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df56cd37825d12326acbd41be75e01f026bacf227b5831dc90f06ce36bbc662d
e30162d2d4a7d75d9d3792be181b9c9bf2d0e2aacee1db052f2c7fb0865062fd
e34d49c84f4eb727b7a8d619d6d895f18e3ec464230b047a64a22c479189b88b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e536f7758486f8f74270e30c3c369cefa15fdcf377dd47e0af6a6a2e2da37b7d
e61cd70c315625e753e435b7a4e9be3260ebd506490db391eb12b6130ce3f4b3
e6ecd2c66a6467e79fcf67738c024e4f6951510d09e52af674d118332bd8018a
e753d4e57b4e691719621c5387fe65a38a19eb16a49cc30de7b81a1074c68968
e817365a54100cbdccb53b46048b7525b295589f01682dc6078bc05e2da2b746
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f54a8507bdd0165b73e80aec1004c1d2e765e2cfc58a53359d890822015829d4
f5f2cb090a312c37ad24e8e2fa1cbabc46aa8776dcd69e4d80e9e49fbbe269e3
fbe72903d78df284d3fbbac5142eed982891685fb7b0fee42945266cc759bb7b