urlscan.io logo urlscan.io
SecurityTrails logo

geosetter.de Open in urlscan Pro
185.30.32.197  Public Scan

Go To Rescan Add Verdict Report
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Submission Tags: falconsandbox
Submission: On September 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 59 HTTP transactions. The main IP is 185.30.32.197, located in Germany and belongs to DE-WEBGO www.webgo.de, DE. The main domain is geosetter.de.
TLS certificate: Issued by R3 on July 19th 2022. Valid for: 3 months.
This is the only time geosetter.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

40    185.30.32.197 (Germany)

ASN48324 (DE-WEBGO www.webgo.de, DE)
PTR: s197.goserver.host
geosetter.de
2    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
40 geosetter.de
geosetter.de
245 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
218 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
9 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2268
4 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2582
1 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9081
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
644 B
59 8
Domain Requested by
40 geosetter.de geosetter.de
7 pagead2.googlesyndication.com geosetter.de
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.paypalobjects.com geosetter.de
2 www.paypal.com 2 redirects
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
59 10

This site contains links to these domains. Also see Links.

Domain
empty
Subject Issuer Validity Valid
geosetter.de
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://geosetter.de/en/download-en/geosetter_setup.exe
Frame ID: 273D17AB0BED112D43DCF3233D869716
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: 6C0820F599CF0EC747C36CF99BA9B7E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&h=600&slotname=5553861274&adk=1427619097&adf=303424825&pi=t.ma~as.5553861274&w=288&fwrn=4&fwrnh=100&lmt=1663399749&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663399748773&bpp=4&bdt=453&idt=232&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&correlator=847101684146&frm=20&pv=2&ga_vid=1670980362.1663399749&ga_sid=1663399749&ga_hid=2131685932&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1114&ady=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069507%2C42531706%2C44773747&oid=2&pvsid=3700435860317702&tmod=806083602&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=e83ro3Ra8d&p=https%3A//geosetter.de&dtd=252
Frame ID: 87EB525D6B52E4DB22DE77FA6A749E54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&adk=1812271804&adf=3025194257&lmt=1663399749&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663399748790&bpp=1&bdt=469&idt=254&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=288x600&nras=1&correlator=847101684146&frm=20&pv=1&ga_vid=1670980362.1663399749&ga_sid=1663399749&ga_hid=2131685932&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069507%2C42531706%2C44773747&oid=2&pvsid=3700435860317702&tmod=806083602&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=262
Frame ID: DD48D53794D696D6FE6CF821727C0103
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2343A2641801D85372E9E93F05587DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E9948BAB075B2ED9B844EFC7A55D165
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Seite wurde nicht gefunden. - GeoSetter

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <!-- Analytics by WP-Statistics v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)

Page Statistics

59
Requests

97 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

493 kB
Transfer

1318 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Request Chain 27
  • https://www.paypal.com/de_DE/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/de_DE/i/scr/pixel.gif

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request geosetter_setup.exe
geosetter.de/en/download-en/ 		53 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
23c8c651fb37a75b5a732bce10f01ae66c97a8806a6152eac8bf25b3d596e752

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 17 Sep 2022 07:29:12 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://geosetter.de/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding Accept-Encoding,Cookie
custom-fonts.css
geosetter.de/wp-content/themes/tortuga/assets/css/ 		4 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
c181bbfad26d37185ce421f901df11b7a9f9d43b26182949a8525421531b854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"ff3-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
sbi-styles.min.css
geosetter.de/wp-content/plugins/instagram-feed/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:22 GMT
server
nginx
etag
W/"41cd-5bf64ec1cb5b0"
vary
Accept-Encoding
content-type
text/css
style.min.css
geosetter.de/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 01:54:42 GMT
server
nginx
etag
W/"15b64-5e3a61195776a"
vary
Accept-Encoding
content-type
text/css
better-recent-comments.min.css
geosetter.de/wp-content/plugins/better-recent-comments/assets/css/ 		1 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/better-recent-comments/assets/css/better-recent-comments.min.css?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
4aef5deb25565ec2445ec74c5cedf70b41158f0cb7f106532a9401a905ab872c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:05 GMT
server
nginx
etag
W/"438-5bf64eb1b91c6"
vary
Accept-Encoding
content-type
text/css
justifiedGallery.min.css
geosetter.de/wp-content/plugins/flickr-justified-gallery/css/ 		2 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/css/justifiedGallery.min.css?ver=v3.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
c5313f13ffe3f06ab735c56ef2bef329419f70327b67468277cdfc71e0cf09c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"9cc-593f194f222e3"
vary
Accept-Encoding
content-type
text/css
flickrJustifiedGalleryWPPlugin.css
geosetter.de/wp-content/plugins/flickr-justified-gallery/css/ 		180 B
305 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/css/flickrJustifiedGalleryWPPlugin.css?ver=v3.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
2bde3296218a2975cfe2c9e4ed31cd4d240f43ac8fbdb0522f9e9a963715cc28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"b4-593f194f222e3"
vary
Accept-Encoding
content-type
text/css
swipebox.min.css
geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/css/swipebox.min.css?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"10d4-593f194f222e3"
vary
Accept-Encoding
content-type
text/css
prettyPhoto.min.css
geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/prettyPhoto.min.css?ver=2.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
3df56cf5e9b367ce3a1f69c52fe68655893e7443d0b9df0a8a094606775657c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"4bdc-5bf64ec00c176"
vary
Accept-Encoding
content-type
text/css
style.css
geosetter.de/wp-content/themes/tortuga/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/style.css?ver=2.0.1
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
4332f0e11a87046359426bc04132575b49f8681463ce19982334cbed19743fc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"da00-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
safari-flexbox-fixes.css
geosetter.de/wp-content/themes/tortuga/assets/css/ 		460 B
393 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/css/safari-flexbox-fixes.css?ver=20200420
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
22cc88ba1b04743117a705c32d3f9680ec5dfd60f560dace2754063fbcea2d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"1cc-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
genericons.css
geosetter.de/wp-content/themes/tortuga/assets/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/genericons/genericons.css?ver=3.4.1
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"6e6a-5ad74a838a9d8"
vary
Accept-Encoding
content-type
text/css
flexslider.css
geosetter.de/wp-content/themes/tortuga/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/css/flexslider.css?ver=20170421
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
b071c8eedb09399ce51fd05c71ba92369fcab4eae7a7af4e72bc36e14c106bc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"1455-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
public.css
geosetter.de/wp-content/plugins/recent-posts-widget-with-thumbnails/ 		1 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:05:36 GMT
server
nginx
etag
W/"43a-5bf64f0872363"
vary
Accept-Encoding
content-type
text/css
front.min.css
geosetter.de/wp-content/plugins/cookie-notice/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:08 GMT
server
nginx
etag
W/"1b2b-5bf64eb4d01fc"
vary
Accept-Encoding
content-type
text/css
tortuga-pro.css
geosetter.de/wp-content/plugins/tortuga-pro/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/tortuga-pro/assets/css/tortuga-pro.css?ver=1.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
91517f1b80406f60ff973f40c216ae3c8e92c0e5772fddae886242d675351f13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"4220-593f194f21343"
vary
Accept-Encoding
content-type
text/css
jquery.min.js
geosetter.de/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Tue, 04 Jan 2022 13:52:50 GMT
server
nginx
etag
W/"15db1-5d4c1f3f9af35"
vary
Accept-Encoding
content-type
application/x-javascript
jquery-migrate.min.js
geosetter.de/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sun, 28 Mar 2021 00:23:28 GMT
server
nginx
etag
W/"2bd8-5be8dc6313f4d"
vary
Accept-Encoding
content-type
application/x-javascript
jquery.prettyPhoto.min.js
geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/jquery.prettyPhoto.min.js?ver=2.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
ba0504cfd673e9fbf0bab2b70a67ac1bbea97891e12fc8cd3f94070f0c4898f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"5955-5bf64ec00d116"
vary
Accept-Encoding
content-type
application/x-javascript
underscore.min.js
geosetter.de/wp-includes/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/underscore.min.js?ver=1.13.3
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 08:49:10 GMT
server
nginx
etag
W/"49df-5e205692e88d5"
vary
Accept-Encoding
content-type
application/x-javascript
infinite-scroll.pkgd.min.js
geosetter.de/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"64e6-5bf64ec00e0b6"
vary
Accept-Encoding
content-type
application/x-javascript
front.js
geosetter.de/wp-content/plugins/responsive-lightbox/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"68e8-5bf64ec00a236"
vary
Accept-Encoding
content-type
application/x-javascript
svgxuse.min.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/svgxuse.min.js?ver=1.2.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"b6f-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
jquery.flexslider-min.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/jquery.flexslider-min.js?ver=2.6.0
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"5746-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
slider.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		502 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/slider.js?ver=20170421
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
7213837405a71f7beb4f15cbbfb217995e5b25daed87b347770eaa6e889f9db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"1f6-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
front.min.js
geosetter.de/wp-content/plugins/cookie-notice/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.0.3
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:08 GMT
server
nginx
etag
W/"2474-5bf64eb4d01fc"
vary
Accept-Encoding
content-type
application/x-javascript
cropped-icon48-1.png
geosetter.de/wp-content/uploads/2018/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/cropped-icon48-1.png
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
d3cb43791ed64ad592868586d474c7bafcf5da9a0c79c683e37708dc24838abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"b1d-593f194ef15a4"
content-length
2845
content-type
image/png
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain
  • https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
  • https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=3099 idim=147x47 ifmt=gif ofsz=3098 odim=147x47 ofmt=gif
paypal-debug-id
7ed1454d06446
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
3098
x-served-by
cache-sjc10039-SJC, cache-hhn4050-HHN
x-timer
S1663399753.872837,VS0,VE0
etag
"W+Pu/C7SAaVROD4yxJfYhtmfI4zA8n2pGKd1zdw5nBA"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
4225, 63557

Redirect headers

date
Sat, 17 Sep 2022 07:29:12 GMT
via
1.1 varnish
traceparent
00-0000000000000000000f985525ef9674-dd9df3a30925050d-01
x-timer
S1663399753.591055,VS0,VE141
x-served-by
cache-hhn4054-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
location
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f985525ef9674
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-cache-hits
0
pixel.gif
www.paypalobjects.com/de_DE/i/scr/
Redirect Chain
  • https://www.paypal.com/de_DE/i/scr/pixel.gif
  • https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
42 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
f5ba9e61e0615
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
42
x-served-by
cache-sjc10046-SJC, cache-hhn4050-HHN
x-timer
S1663399753.872617,VS0,VE0
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
93, 11

Redirect headers

date
Sat, 17 Sep 2022 07:29:12 GMT
via
1.1 varnish
traceparent
00-0000000000000000000f985525d5fa6f-d7104d2c08bd56ec-01
x-timer
S1663399753.591128,VS0,VE139
x-served-by
cache-hhn4054-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
location
https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f985525d5fa6f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-cache-hits
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b618a108e7b4291d390b173245be14dd04d0069a8f69d210cb6eb3578999488c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58074
x-xss-protection
0
server
cafe
etag
2610163934673880283
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 07:29:12 GMT
jquery.swipebox.min.js
geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/js/jquery.swipebox.min.js?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"329f-593f194f222e3"
vary
Accept-Encoding
content-type
application/x-javascript
jquery.justifiedGallery.min.js
geosetter.de/wp-content/plugins/flickr-justified-gallery/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/js/jquery.justifiedGallery.min.js?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
6658eeefaf0ae8ac1a771fa317fc8767442a901f17bbf09bed8806b202eb62eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"42be-593f194f222e3"
vary
Accept-Encoding
content-type
application/x-javascript
flickrJustifiedGalleryWPPlugin.js
geosetter.de/wp-content/plugins/flickr-justified-gallery/js/ 		658 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/js/flickrJustifiedGalleryWPPlugin.js?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
d8bd0cf569d9e34a7ce707907f38194869300c1ae935ff3575ed148c4985b4ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"292-593f194f222e3"
vary
Accept-Encoding
content-type
application/x-javascript
navigation.min.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		2 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/navigation.min.js?ver=20200818
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
275c1a570c8ea7c5e8d5e4099fbfb33dbbd9e601a4d8d879a26088553c8af28f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"7c4-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
scroll-to-top.js
geosetter.de/wp-content/plugins/tortuga-pro/assets/js/ 		1 KB
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/tortuga-pro/assets/js/scroll-to-top.js?ver=1.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
3463f4691b2de3304210ef18234a374f79d963771385984f3cbf3c69b930dd2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"4e7-593f194f21343"
vary
Accept-Encoding
content-type
application/x-javascript
wp-emoji-release.min.js
geosetter.de/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 08:49:10 GMT
server
nginx
etag
W/"48b9-5e205692ec755"
vary
Accept-Encoding
content-type
application/x-javascript
genericons-neue.svg
geosetter.de/wp-content/themes/tortuga/assets/icons/ 		27 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/icons/genericons-neue.svg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"6d66-5ad74a838a9d8"
vary
Accept-Encoding
content-type
image/svg+xml
open-sans-v15-latin-ext_latin-regular.woff2
geosetter.de/wp-content/themes/tortuga/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/fonts/open-sans-v15-latin-ext_latin-regular.woff2
Requested by
Host: geosetter.de
URL: https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b

Request headers

Referer
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Origin
https://geosetter.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
accept-ranges
bytes
etag
"49bc-5ad74a838a9d8"
content-length
18876
titillium-web-v6-latin-ext_latin-regular.woff2
geosetter.de/wp-content/themes/tortuga/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/fonts/titillium-web-v6-latin-ext_latin-regular.woff2
Requested by
Host: geosetter.de
URL: https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82

Request headers

Referer
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Origin
https://geosetter.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
accept-ranges
bytes
etag
"4664-5ad74a838a9d8"
content-length
18020
truncated
/ 		545 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
open-sans-v15-latin-ext_latin-700.woff2
geosetter.de/wp-content/themes/tortuga/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/fonts/open-sans-v15-latin-ext_latin-700.woff2
Requested by
Host: geosetter.de
URL: https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356

Request headers

Referer
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Origin
https://geosetter.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
accept-ranges
bytes
etag
"4c30-5ad74a838a9d8"
content-length
19504
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://geosetter.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
2017-07-21-213528_en-150x150.jpg
geosetter.de/wp-content/uploads/2018/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/2017-07-21-213528_en-150x150.jpg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
991b09452bd24378368d62cc9cf07f454d0c4ae611f1f5ffdfdce9c698c4c7b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"12e5-593f194ef34e4"
content-length
4837
content-type
image/jpeg
internet_explorers_en-150x150.jpg
geosetter.de/wp-content/uploads/2018/05/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/internet_explorers_en-150x150.jpg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
cda40e018f08dd9c9c4dd19d0222f72497294fabc0182eb26de919cc0dd54a1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"35c9-593f194ef34e4"
content-length
13769
content-type
image/jpeg
run_any_command_header_de-150x150.jpg
geosetter.de/wp-content/uploads/2018/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/run_any_command_header_de-150x150.jpg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
736aa667730a783030d66102116abddc3d4d11d308ad4c0feb9d35bb369af06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"1fe2-593f194ef4484"
content-length
8162
content-type
image/jpeg
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124739
x-xss-protection
0
server
cafe
etag
3295160821262730233
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Sep 2022 07:29:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame 6C08 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geosetter.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 10:51:55 GMT
etag
9671129459699598864
expires
Fri, 30 Sep 2022 10:51:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		216 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=geosetter.de&callback=_gfp_s_&client=ca-pub-8542562999199332
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a1e3d700ceaa0f25cec567c4376aaf7406e00534a6f4338ffdfa34a31cd8702d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=geosetter.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 07:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=geosetter.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 07:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 87EB 		430 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&h=600&slotname=5553861274&adk=1427619097&adf=303424825&pi=t.ma~as.5553861274&w=288&fwrn=4&fwrnh=100&lmt=1663399749&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663399748773&bpp=4&bdt=453&idt=232&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&correlator=847101684146&frm=20&pv=2&ga_vid=1670980362.1663399749&ga_sid=1663399749&ga_hid=2131685932&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1114&ady=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069507%2C42531706%2C44773747&oid=2&pvsid=3700435860317702&tmod=806083602&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=e83ro3Ra8d&p=https%3A//geosetter.de&dtd=252
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e5f5d5bb911fe749b6e137f9b3bd178b9fb974b8a663ae9de5f7cd09a347fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geosetter.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 07:29:13 GMT
expires
Sat, 17 Sep 2022 07:29:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DD48 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&adk=1812271804&adf=3025194257&lmt=1663399749&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663399748790&bpp=1&bdt=469&idt=254&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=288x600&nras=1&correlator=847101684146&frm=20&pv=1&ga_vid=1670980362.1663399749&ga_sid=1663399749&ga_hid=2131685932&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069507%2C42531706%2C44773747&oid=2&pvsid=3700435860317702&tmod=806083602&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=262
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
290e4ce0719bb8b11d38149d57e5109321be47b869adc5b9d893d7dafee42b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geosetter.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
4187
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 07:29:13 GMT
expires
Sat, 17 Sep 2022 07:29:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1427619097&adf=303424825&fmt=288x600&str=true&ad_y=1491.984375&vph=1200&r_nh=0&r_ifr=true&qid=CIqEl_umm_oCFYlaFQgdkMAKZg&w=288&h=600&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&eid=44759876%2C44759927%2C44759842%2C31069507%2C42531706%2C44773747
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Sep 2022 07:29:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7994db5d33f635e7af6b22ac20d0558a52a8d0c7b76bdb20f1c954e5df24959e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Sep 2022 07:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11442
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 07:29:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E234 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geosetter.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 07:03:56 GMT
expires
Sun, 17 Sep 2023 07:03:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1E99 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a52450034485f2ac563841249d1d745ce2be1708321053dfe61b4a6a3c2542e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h0_TzVnOYlWPuiqlIUsMCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://geosetter.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-h0_TzVnOYlWPuiqlIUsMCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 07:29:13 GMT
expires
Sat, 17 Sep 2022 07:29:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame E234 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1E99 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=3700435860317702&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E234 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?p2X3mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 07:29:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=3700435860317702&bg=!vr2lvfnNAAZqQh0mSkI7ACkAdvg8WiQd73shdED4YuDG2jwB2f19Ybbcxfc9KJND0ka7MDnF8Fie0QIAAACPUgAAAAdoAQeZAplmlQgm_4uq7AhcLq40lL-t1TucgbgQQCqm6KFTWQgsO7qfv-RX1kQP8qMSYJqmpDClSIaZkHGGmicjvWOqGWz5-fOmLUX_rq08ZWj2R5Ts1TM4SKDU8i2zNVKASXeRVAmJ0hCmEaMkpBKZAs-HUREcCVvmxO0Wpjgvl8hxxQY0BGNnBB7l9Z7jbBtUFRMDRvcnoGbizcvXMVTrvlfbpVPLVSmX2AQ2al6RGl6uwVcXc8tl6pj8gRWd5i4U1IgNz-rzR8HHzANtEmAAZfLj-n3xW9ig0vi9u9xFtAjt4Ck-VsufhoWXRo37ttWn4pshJPb-koqWrSwScdO2dV8dgOuKFLyjerqgZcNbQ54V49MbXFhHIb-xDXhVOK7zslwuZRSHTJZpJO5ywhwbClEJYWNUcUG82iJ474yVFSa066p_IixS8Muo9Jtjdway4-77IW-Ex5gjQagR2Trz3NcoQVVB0sQMkdQQ6lfu5BWeSMOjvP1TJFtkk6emD-2do9XFz71uYP9boGd9Zj-a-evtiNlL7ojQ-o0wtD4B7S7Kl0mTmXkumzqG7vBG1o8b2wPW_ecfwCblGby648ZZuAlKsUjsMtZ2WK5fcip8FmgprUkSOipB3LcTjza5GBYiZflikC7yJtBb5HaUTsStNQb3xxKUTxMUcPeIuEycJSA6EXpkXAJCuwL8mmYZxnQM1oNcnGJImtPS8Y4taF3lT4AlQtEAGJcEtoXXGbRdyC0qe6jloRH-Q6wZe7ZtB_NFAMa1cQUa4TGewA68SG8f13MA7Ah_tYcTngUR4i_YGGqXrnNmmk6F3q4N9dI5ejLBAJx4zr3e-n-V9eVM4EIDtJ_ET4M1hLMLjnR6g15nWC-b7nhswTQCLAHWfaU9Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings undefined| $ function| jQuery boolean| pp_alreadyInitialized function| _ function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| rlArgs object| tortuga_slider_params object| cnArgs object| adsbygoogle string| sbiajaxurl function| fjgwppDisableContextMenu object| tortugaScreenReaderText object| twemoji object| wp function| rl_view_image function| rl_hide_image boolean| doresize object| scroll_pos boolean| hashtag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
geosetter.de/ Name: pll_language
Value: en
.paypal.com/ Name: ts
Value: vreXpYrS%3D1758094152%26vteXpYrS%3D1663401552%26vr%3D4a59f3da1830ad04b46db2bdffa466a1%26vt%3D4a59f3da1830ad04b46db2bdffa466a0%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D4a59f3da1830ad04b46db2bdffa466a1%26vt%3D4a59f3da1830ad04b46db2bdffa466a0
.geosetter.de/ Name: __gads
Value: ID=ccf1ff72424a70a1-227feddf23ce00b7:T=1663399752:RT=1663399752:S=ALNI_MYN0sp0xcQMOnVkkdhLUKCQV6knbg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
geosetter.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.paypal.com
www.paypalobjects.com
151.101.1.21
151.101.66.133
172.217.16.194
185.30.32.197
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
22cc88ba1b04743117a705c32d3f9680ec5dfd60f560dace2754063fbcea2d55
23c8c651fb37a75b5a732bce10f01ae66c97a8806a6152eac8bf25b3d596e752
275c1a570c8ea7c5e8d5e4099fbfb33dbbd9e601a4d8d879a26088553c8af28f
290e4ce0719bb8b11d38149d57e5109321be47b869adc5b9d893d7dafee42b1e
2bde3296218a2975cfe2c9e4ed31cd4d240f43ac8fbdb0522f9e9a963715cc28
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
3463f4691b2de3304210ef18234a374f79d963771385984f3cbf3c69b930dd2b
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a
3df56cf5e9b367ce3a1f69c52fe68655893e7443d0b9df0a8a094606775657c0
3e5f5d5bb911fe749b6e137f9b3bd178b9fb974b8a663ae9de5f7cd09a347fe4
4332f0e11a87046359426bc04132575b49f8681463ce19982334cbed19743fc4
4aef5deb25565ec2445ec74c5cedf70b41158f0cb7f106532a9401a905ab872c
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d
6658eeefaf0ae8ac1a771fa317fc8767442a901f17bbf09bed8806b202eb62eb
7213837405a71f7beb4f15cbbfb217995e5b25daed87b347770eaa6e889f9db5
736aa667730a783030d66102116abddc3d4d11d308ad4c0feb9d35bb369af06c
7994db5d33f635e7af6b22ac20d0558a52a8d0c7b76bdb20f1c954e5df24959e
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd
91517f1b80406f60ff973f40c216ae3c8e92c0e5772fddae886242d675351f13
991b09452bd24378368d62cc9cf07f454d0c4ae611f1f5ffdfdce9c698c4c7b6
a1e3d700ceaa0f25cec567c4376aaf7406e00534a6f4338ffdfa34a31cd8702d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52450034485f2ac563841249d1d745ce2be1708321053dfe61b4a6a3c2542e0
b071c8eedb09399ce51fd05c71ba92369fcab4eae7a7af4e72bc36e14c106bc5
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356
b618a108e7b4291d390b173245be14dd04d0069a8f69d210cb6eb3578999488c
ba0504cfd673e9fbf0bab2b70a67ac1bbea97891e12fc8cd3f94070f0c4898f8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c181bbfad26d37185ce421f901df11b7a9f9d43b26182949a8525421531b854c
c5313f13ffe3f06ab735c56ef2bef329419f70327b67468277cdfc71e0cf09c3
cda40e018f08dd9c9c4dd19d0222f72497294fabc0182eb26de919cc0dd54a1d
d3cb43791ed64ad592868586d474c7bafcf5da9a0c79c683e37708dc24838abd
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8bd0cf569d9e34a7ce707907f38194869300c1ae935ff3575ed148c4985b4ed
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
ee1c4cfd1b1818743cf6930452dee0e56aa4709359e06ded6052d1e7abb14474
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f