urlscan.io logo urlscan.io
SecurityTrails logo

www.citipost-nordwest.de Open in urlscan Pro
185.60.251.251  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citipost-nordwest.de/
Effective URL: https://www.citipost-nordwest.de/
Submission: On August 26 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 49 HTTP transactions. The main IP is 185.60.251.251, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is www.citipost-nordwest.de.
TLS certificate: Issued by R3 on August 10th 2021. Valid for: 3 months.
This is the only time www.citipost-nordwest.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.60.251.251 44066 (DE-FIRSTC...)
22 151.101.14.2 54113 (FASTLY)
6 2a02:6ea0:c70... 60068 (CDN77 ^_^)
5 87.230.98.74 61157 (PLUSSERVE...)
9 2a00:1450:400... 15169 (GOOGLE)
1 52.211.47.82 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
49 12
2    185.60.251.251 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
citipost-nordwest.de
www.citipost-nordwest.de
22    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
assets.jimstatic.com
u.jimcdn.com
api.dmp.jimdo-server.com
image.jimcdn.com
fonts.jimstatic.com
6    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.consentmanager.mgr.consensu.org
cdn.consentmanager.net
5    87.230.98.74 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com
consentmanager.mgr.consensu.org
9    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
1    52.211.47.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-47-82.eu-west-1.compute.amazonaws.com
a.jimdo.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
10 image.jimcdn.com www.citipost-nordwest.de
9 www.youtube-nocookie.com www.citipost-nordwest.de
www.youtube-nocookie.com
6 assets.jimstatic.com www.citipost-nordwest.de
assets.jimstatic.com
5 consentmanager.mgr.consensu.org www.citipost-nordwest.de
consentmanager.mgr.consensu.org
5 cdn.consentmanager.mgr.consensu.org www.citipost-nordwest.de
consentmanager.mgr.consensu.org
cdn.consentmanager.mgr.consensu.org
4 fonts.jimstatic.com u.jimcdn.com
fonts.jimstatic.com
1 cdn.consentmanager.net
1 www.gstatic.com www.youtube-nocookie.com
1 i.ytimg.com www.youtube-nocookie.com
1 yt3.ggpht.com www.youtube-nocookie.com
1 www.google.com www.youtube-nocookie.com
1 fonts.gstatic.com www.youtube-nocookie.com
1 a.jimdo.com assets.jimstatic.com
1 api.dmp.jimdo-server.com www.citipost-nordwest.de
1 u.jimcdn.com www.citipost-nordwest.de
1 www.citipost-nordwest.de
1 citipost-nordwest.de 1 redirects
49 17

This site contains links to these domains. Also see Links.

Domain
www.citipost.online
www.citipost-briefmarken.de
cms.e.jimdo.com
a.jimdo.com
Subject Issuer Validity Valid
www.citipost-nordwest.de
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
*.jimstatic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.jimcdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.dmp.jimdo-server.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
1376624012.rsc.cdn77.org
R3		 2021-08-19 -
2021-11-17		 3 months crt.sh
consentmanager.mgr.consensu.org
R3		 2021-07-03 -
2021-10-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.jimdo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-21 -
2022-06-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.citipost-nordwest.de/
Frame ID: 7DE1B4E6FF26AF6699D16F06639BDF11
Requests: 35 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Frame ID: 240DBAD5B6A1BBA94F990F500829007B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Citipost Nordwest - CITIPOST Nordwest GmbH & Co. KG

Page URL History Show full URLs

  1. https://citipost-nordwest.de/ HTTP 301
    https://www.citipost-nordwest.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

49
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

17
Subdomains

12
IPs

2
Countries

5412 kB
Transfer

8233 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citipost-nordwest.de/ HTTP 301
    https://www.citipost-nordwest.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.citipost-nordwest.de/
Redirect Chain
  • https://citipost-nordwest.de/
  • https://www.citipost-nordwest.de/
47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citipost-nordwest.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.60.251.251 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
d9295f22454d6bf403c2aedec478ed09cbc78b5e96d5aec3d992b653078bb1c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Host
www.citipost-nordwest.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 04:34:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-RateLimit-Limit
8000
X-RateLimit-Remaining
7995
X-RateLimit-Reset
8
X-Jimdo-Instance
i-07dc8ff5a7b07c7ae
X-Jimdo-Wid
s6e32e8eb57f9b6f9
Cache-Control
no-cache, no-store, must-revalidate
Strict-Transport-Security
max-age=604800
Server
nginx
Content-Encoding
gzip

Redirect headers

Date
Thu, 26 Aug 2021 04:34:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-RateLimit-Limit
8000
X-RateLimit-Remaining
7998
X-RateLimit-Reset
59
X-Jimdo-Instance
i-06c66d3c18a42de7e
X-Jimdo-Wid
s6e32e8eb57f9b6f9
Cache-Control
no-cache, no-store, must-revalidate
Location
https://www.citipost-nordwest.de/
Server
nginx
web.css.36118b5a417f94c8e1e5fee22cd81b1f.css
assets.jimstatic.com/ 		228 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web.css.36118b5a417f94c8e1e5fee22cd81b1f.css
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b281cff83031ea1e800a45d79629d72664aa4aa9f24fc540939e2b9cf635c064

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:14 GMT
content-encoding
gzip
age
6756857
etag
"1f149c911834103559fc8a1b1ef99be2"
x-served-by
cache-lcy19231-LCY, cache-fra19146-FRA
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-timer
S1629952455.947292,VS0,VE0
content-length
62959
x-cache-hits
1, 8907
ckies.js.c4e80683fb02bdc0ba01.js
assets.jimstatic.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/ckies.js.c4e80683fb02bdc0ba01.js
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c59dab7124ad69703a6bb26c68b9583d2af62169a5992861fc246c8cda479ae0

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:14 GMT
content-encoding
gzip
age
10445251
etag
"f988bb1f56190440cd4813cd934d2b07"
x-served-by
cache-lcy19261-LCY, cache-fra19146-FRA
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-timer
S1629952455.947284,VS0,VE0
content-length
892
x-cache-hits
1, 15477
cookieControl.js.9e9630cc43daf29b4c14.js
assets.jimstatic.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/cookieControl.js.9e9630cc43daf29b4c14.js
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ce2882987a4e266f7607c5bfb8d04eada8fea112c1b3547c50c6b2d84316732

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:14 GMT
content-encoding
gzip
age
6753716
etag
"2f9cf4203a8ae9df35834ed934c82efa"
x-served-by
cache-lcy19246-LCY, cache-fra19146-FRA
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-timer
S1629952455.947590,VS0,VE0
content-length
8501
x-cache-hits
2, 15529
layout.css
u.jimcdn.com/cms/o/s6e32e8eb57f9b6f9/layout/dm_bde78093a5d571d1b686f5d19c82e240/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://u.jimcdn.com/cms/o/s6e32e8eb57f9b6f9/layout/dm_bde78093a5d571d1b686f5d19c82e240/css/layout.css?t=1625642905
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6671b8078463ea3c3bf5bd69e9c2e38b74f061a6021f9e216c091d2fb7f1e48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:14 GMT
content-encoding
gzip
vary
Accept-Encoding
age
552671
x-cache
HIT
content-length
6251
x-served-by
cache-fra19140-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1629952455.948446,VS0,VE1
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
via
1.1 varnish
cache-control
public, max-age=691200
accept-ranges
bytes
x-cache-hits
1
web.js.85d2f03d01f1292782b0.js
assets.jimstatic.com/ 		694 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/web.js.85d2f03d01f1292782b0.js
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb13ea421f55a90fa4d251295edcf637758a2f65943402771f8410048b5419e7

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:14 GMT
content-encoding
gzip
age
2031401
etag
"f4611e7c964152654b8f94f40c2b7a4e"
x-served-by
cache-lcy19221-LCY, cache-fra19146-FRA
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-timer
S1629952455.969543,VS0,VE0
content-length
233071
x-cache-hits
1, 1802
stickyNav.js
api.dmp.jimdo-server.com/designs/376/versions/1.0/assets/js/ 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmp.jimdo-server.com/designs/376/versions/1.0/assets/js/stickyNav.js
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fdd72c0a97672e72646c410f25eb8e2bb210baa47d96d774e5c7759af00d31c3
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:14 GMT
content-encoding
gzip
age
21
x-cache
HIT
content-transfer-encoding
binary
content-disposition
inline
content-length
506
x-request-id
ea2d6bbb-957d-40c9-ac11-2dba6da941b3
x-served-by
cache-fra19132-FRA
x-runtime
0.000583
access-control-allow-origin
*
x-content-digest
54d7081a086e24b05593e737abbf2261db3654b5
x-timer
S1629952455.991104,VS0,VE0
x-frame-options
ALLOWALL
etag
W/"fdd72c0a97672e72646c410f25eb8e2b"
vary
Origin,Accept-Encoding
content-type
text/javascript
via
1.1 varnish
cache-control
max-age=600, public, stale-while-revalidate=60, stale-if-error=600
accept-ranges
bytes
x-rack-cache
fresh
x-cache-hits
1
cmp.min.css
cdn.consentmanager.mgr.consensu.org/delivery/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/cmp.min.css
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
287ff29dc0bb152d12ac9f1f339003d7622483abb7ac48a4bc435ce9aabbc754

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 26 Aug 2021 04:34:14 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-77-nzt-ray
Zfpt+sD+SMk=
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
x-age
7
x-77-nzt
AcO1rgWMSwzvBwAAAA==
x-accel-expires
@1629954247
last-modified
Sun, 15 Aug 2021 09:22:02 GMT
server
CDN77-Turbo
etag
W/"5573-5c9959e052280"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1800, public
image.png
image.jimcdn.com/app/cms/image/transf/dimension=411x1024:format=png/path/s6e32e8eb57f9b6f9/image/i28394f34872e6f57/version/1607588277/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=411x1024:format=png/path/s6e32e8eb57f9b6f9/image/i28394f34872e6f57/version/1607588277/image.png
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
400dba8815a89fa8dd3f7a133546bdeb1772186848f31f472b63aa2ca21e2594

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
323454
x-cache
HIT, MISS
x-cache-hits
1, 0
fastly-restarts
1
x-served-by
cache-lcy19252-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.032967,VS0,VE30
etag
"4241cc8665b559022f064a963c6ac7fbc528fcee"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
29557
expires
Wed, 22 Sep 2021 10:43:20 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s6e32e8eb57f9b6f9/image/i176c5184affc600a/version/1599649661/ 		423 KB
424 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=2048x2048:format=jpg/path/s6e32e8eb57f9b6f9/image/i176c5184affc600a/version/1599649661/image.jpg
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
8f5c0224e49800d5022064adf6ef8af9f9c4dea3c52bd7beec79395a870d2fb7

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
609776
x-cache
HIT, HIT
x-cache-hits
1, 1
fastly-restarts
1
x-served-by
cache-lcy19250-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.078047,VS0,VE2
etag
"25d1806a836605f733efdfb14170f8442fc60d5d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
433293
expires
Sat, 21 Aug 2021 08:49:25 GMT
image.png
image.jimcdn.com/app/cms/image/transf/none/path/s6e32e8eb57f9b6f9/image/i403694f8ada05d3b/version/1599650026/ 		809 KB
810 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s6e32e8eb57f9b6f9/image/i403694f8ada05d3b/version/1599650026/image.png
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
871e52484a34a69e1fa3af2fbcc88604f221d5dcc2e10c978b5b1e84f081f062

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
2OzETQWsokKXHoLnO0bepI3yOV02fiU.
via
1.1 varnish, 1.1 varnish
etag
"595b0a72a35f320efbee52933a45ff93"
age
603457
x-cache
HIT, HIT
content-disposition
inline; filename*=UTF-8''1599650026.png
fastly-restarts
1
x-amz-id-2
Jd8PHEzJt9PxLPzpIvU5J9efAdNHK16J36rtLVwIZzcf5ZQzqiBimHd/1ukRpuayGVpXYuIKtHc=
x-served-by
cache-lcy19256-LCY, cache-fra19140-FRA
accept-ranges
bytes
last-modified
Wed, 09 Sep 2020 11:13:30 GMT
server
AmazonS3
x-timer
S1629952455.111231,VS0,VE4
date
Thu, 26 Aug 2021 04:34:15 GMT
x-amz-request-id
6HE3V5NAQTK1SC25
access-control-allow-origin
*
expires
Thu, 19 Aug 2021 04:54:33 GMT
content-length
828297
content-type
image/png
x-cache-hits
1, 1
image.png
image.jimcdn.com/app/cms/image/transf/dimension=519x10000:format=png/path/s6e32e8eb57f9b6f9/image/i18879ce38b68f8d3/version/1612879446/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=519x10000:format=png/path/s6e32e8eb57f9b6f9/image/i18879ce38b68f8d3/version/1612879446/image.png
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
97bea6f6f18adf9f4f51b96c8a694e5781b2ffdcc0e41ac9bb42f4d79cd17479

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
323454
x-cache
HIT, MISS
x-cache-hits
1, 0
fastly-restarts
1
x-served-by
cache-lcy19237-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.111566,VS0,VE31
etag
"a96b4ea97417e7e6df93806611ec193b86ebb7fc"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
227061
expires
Wed, 22 Sep 2021 10:43:21 GMT
image.png
image.jimcdn.com/app/cms/image/transf/dimension=519x10000:format=png/path/s6e32e8eb57f9b6f9/image/i5bf8e2c1a120b15d/version/1612879444/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=519x10000:format=png/path/s6e32e8eb57f9b6f9/image/i5bf8e2c1a120b15d/version/1612879444/image.png
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
26b4e2c9657c1e9ec78ef187eee8b9e3c2e297dfca9adbbaff2ab613ebd901bb

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
317745
x-cache
HIT, HIT
x-cache-hits
1, 1
fastly-restarts
1
x-served-by
cache-lcy19283-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.123868,VS0,VE2
etag
"9412eb170f50a6a3b9d9aa09902d546f48d9706f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
220386
expires
Wed, 22 Sep 2021 12:18:29 GMT
image.png
image.jimcdn.com/app/cms/image/transf/dimension=184x10000:format=png/path/s6e32e8eb57f9b6f9/image/i93290bc996880830/version/1607591668/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=184x10000:format=png/path/s6e32e8eb57f9b6f9/image/i93290bc996880830/version/1607591668/image.png
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
73f30dcf69bd062501802c865b522e579654d700a902c9c54ea8190aaa0400bb

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
330406
x-cache
HIT, MISS
x-cache-hits
1, 0
fastly-restarts
1
x-served-by
cache-lcy19237-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.123951,VS0,VE27
etag
"dabc50aeffbe8b4921b1f5080755f13238b5bd20"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
6684
expires
Wed, 22 Sep 2021 08:47:29 GMT
image.png
image.jimcdn.com/app/cms/image/transf/dimension=106x10000:format=png/path/s6e32e8eb57f9b6f9/image/i6dd591cd2f8d98e8/version/1524814542/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=106x10000:format=png/path/s6e32e8eb57f9b6f9/image/i6dd591cd2f8d98e8/version/1524814542/image.png
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
1910e0fa09e317533ed7f92b8a56dd9c01c01cd54d87ddc6463b2d51b0a8e0e1

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
1323017
x-cache
HIT, MISS
x-cache-hits
1, 0
fastly-restarts
1
x-served-by
cache-lcy19244-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.123936,VS0,VE26
etag
"79d7f6022f96b41d2216545837760ade25180ff1"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
10871
expires
Fri, 10 Sep 2021 21:03:58 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=106x10000:format=jpg/path/s6e32e8eb57f9b6f9/image/idaeff88b62c5f76b/version/1524814540/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=106x10000:format=jpg/path/s6e32e8eb57f9b6f9/image/idaeff88b62c5f76b/version/1524814540/image.jpg
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
c2f9856c385fa8eaaa1b0a212b866c64480f7c348f8c3f6bd4b5930c54673ef5

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
317746
x-cache
HIT, HIT
x-cache-hits
1, 1
fastly-restarts
1
x-served-by
cache-lcy19274-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.124183,VS0,VE1
etag
"c150f236a0ed216736c26a8beb9dd55e2d94290b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
6367
expires
Wed, 22 Sep 2021 12:18:29 GMT
image.jpg
image.jimcdn.com/app/cms/image/transf/dimension=114x10000:format=jpg/path/s6e32e8eb57f9b6f9/image/i0d1f488c7db01dd3/version/1524814536/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/dimension=114x10000:format=jpg/path/s6e32e8eb57f9b6f9/image/i0d1f488c7db01dd3/version/1524814536/image.jpg
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.1.3 /
Resource Hash
1c9869201b7281f48db5bf364b8dee35184d29d87e1e928d959dae4f95531314

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
via
1.1 varnish, 1.1 varnish
age
1176565
x-cache
HIT, HIT
x-cache-hits
1, 1
fastly-restarts
1
x-served-by
cache-lcy19272-LCY, cache-fra19140-FRA
accept-ranges
bytes
server
Thumbor/6.1.3
x-timer
S1629952455.170904,VS0,VE1
etag
"23472cc9a2a13e16b62d6a4a8c4c8aa2730cd786"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2678400,public
content-length
6874
expires
Sun, 15 Aug 2021 19:07:45 GMT
css
fonts.jimstatic.com/ 		2 KB
906 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?family=Source+Sans+Pro:400
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s6e32e8eb57f9b6f9/layout/dm_bde78093a5d571d1b686f5d19c82e240/css/layout.css?t=1625642905
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
3e5dad95a8c93f26185508f85b590fbf64f3e884131a32b58bbd566fabd122db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://u.jimcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish
x-cache
MISS
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
547
x-xss-protection
0
x-served-by
cache-fra19146-FRA
last-modified
Thu, 26 Aug 2021 03:46:11 GMT
server
nginx/1.21.1
date
Thu, 26 Aug 2021 04:34:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Thu, 26 Aug 2021 04:34:15 GMT
cache-control
private, max-age=86400, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
css
fonts.jimstatic.com/ 		676 B
410 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?family=Lato:300
Requested by
Host: u.jimcdn.com
URL: https://u.jimcdn.com/cms/o/s6e32e8eb57f9b6f9/layout/dm_bde78093a5d571d1b686f5d19c82e240/css/layout.css?t=1625642905
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
c33f763b053a0a287a21f38834377efc07ae81334d54275ec2d6ff2921ae4d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://u.jimcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish
x-cache
MISS
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
338
x-xss-protection
0
x-served-by
cache-fra19146-FRA
last-modified
Thu, 26 Aug 2021 03:51:07 GMT
server
nginx/1.21.1
date
Thu, 26 Aug 2021 04:34:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Thu, 26 Aug 2021 04:34:15 GMT
cache-control
private, max-age=86400, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
cmp.php
consentmanager.mgr.consensu.org/delivery/ 		866 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=8598&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&&l=en&o=1629952455120
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
65cae71dd8b74f8e7e59f7dca889c2a3e2e81c3373e3eb4048daeac4b2e7199c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Aug 2021 04:34:15 GMT
Last-Modified
Thu, 26 Aug 2021 04:34:15 GMT
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cmp_en.min.js
cdn.consentmanager.mgr.consensu.org/delivery/ 		302 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/cmp_en.min.js
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
35d2dc08ad3484def39b54e445ed952e64cbfd1045ea791f4354e03b75c92e5f

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-77-nzt-ray
tOtZQWuh3Pg=
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
x-age
1
x-77-nzt
AcO1rgVgocDvAQAAAA==
x-accel-expires
@1629954254
last-modified
Tue, 17 Aug 2021 07:53:36 GMT
server
CDN77-Turbo
etag
W/"4b907-5c9bc9d70c000"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, public
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.jimstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Source+Sans+Pro:400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.citipost-nordwest.de
Referer
https://fonts.jimstatic.com/css?family=Source+Sans+Pro:400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3982459
via
1.1 varnish
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
16135
x-xss-protection
0
x-served-by
cache-fra19165-FRA
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Mon, 11 Jul 2022 02:19:56 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
bfa0b4b8941d94d9d6d8bc6fe31ef9f9.woff
assets.jimstatic.com/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.jimstatic.com/bfa0b4b8941d94d9d6d8bc6fe31ef9f9.woff
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.css.36118b5a417f94c8e1e5fee22cd81b1f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82421715ce7e4a050a4ea924e92fcfd9229326f0364c8ff85daca5afbbcaf6c9

Request headers

Origin
https://www.citipost-nordwest.de
Referer
https://assets.jimstatic.com/web.css.36118b5a417f94c8e1e5fee22cd81b1f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
age
9082056
etag
"bfa0b4b8941d94d9d6d8bc6fe31ef9f9"
x-served-by
cache-lcy19261-LCY, cache-fra19165-FRA
x-cache
HIT, HIT
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-timer
S1629952455.225056,VS0,VE0
content-length
7944
x-cache-hits
3, 21947
931bdb6b50816b03206c66921760b246.gif
assets.jimstatic.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.jimstatic.com/931bdb6b50816b03206c66921760b246.gif
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.css.36118b5a417f94c8e1e5fee22cd81b1f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

Referer
https://assets.jimstatic.com/web.css.36118b5a417f94c8e1e5fee22cd81b1f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
age
1226089
etag
"931bdb6b50816b03206c66921760b246"
x-served-by
cache-lcy19224-LCY, cache-fra19146-FRA
x-cache
HIT, HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-timer
S1629952455.261912,VS0,VE0
content-length
8581
x-cache-hits
1, 2170
3nIYKK896R8
www.youtube-nocookie.com/embed/ Frame 240D 		54 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e5de358a2352f58d44c5e356d1ad1c76e6acce787a87e4701c502603a9a6558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube-nocookie.com
:scheme
https
:path
/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.citipost-nordwest.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.citipost-nordwest.de/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 26 Aug 2021 04:34:15 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime
2592000
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+578; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.jimstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?family=Lato:300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.citipost-nordwest.de
Referer
https://fonts.jimstatic.com/css?family=Lato:300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
791637
via
1.1 varnish
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
23167
x-xss-protection
0
x-served-by
cache-fra19165-FRA
last-modified
Tue, 10 Aug 2021 00:18:53 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Wed, 17 Aug 2022 00:40:17 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
loginstate
a.jimdo.com/app/web/ 		64 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.jimdo.com/app/web/loginstate?callback=jQuery112003588955611438298_1629952455169&owi=s6e32e8eb57f9b6f9&_=1629952455170
Requested by
Host: assets.jimstatic.com
URL: https://assets.jimstatic.com/web.js.85d2f03d01f1292782b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.47.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-47-82.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f4348ae74557272a85350bc0f194922b59a40b7b7d2c6661cd06ba16d42e76f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 04:34:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
64
Strict-Transport-Security
max-age=10886400
Content-Type
application/javascript
image.png
image.jimcdn.com/app/cms/image/transf/none/path/s6e32e8eb57f9b6f9/backgroundarea/i29c7aa5f3ea5d364/version/1625642906/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.jimcdn.com/app/cms/image/transf/none/path/s6e32e8eb57f9b6f9/backgroundarea/i29c7aa5f3ea5d364/version/1625642906/image.png
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79eee77da43e841900103c43c31a48f20cc6827d7415d8e6a644c39ed2bf0670

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
U6ZHhu8EqLOAFgnsnseDmWv.hQetfGZP
via
1.1 varnish, 1.1 varnish
etag
"89edb8ba586991acf5e1a9e95977b737"
age
0
x-cache
MISS, MISS
content-disposition
inline; filename*=UTF-8''1625642906.png
fastly-restarts
1
x-amz-id-2
hd4pq0AuaNEkVaMqqu+qQcodslVhWIAuThXWnLKKv4GfjAty7ycynR2sT+nAirBv80qxDNnV3M0=
x-served-by
cache-lcy19249-LCY, cache-fra19140-FRA
accept-ranges
bytes
last-modified
Wed, 07 Jul 2021 07:28:27 GMT
server
AmazonS3
x-timer
S1629952455.340640,VS0,VE181
date
Thu, 26 Aug 2021 04:34:15 GMT
x-amz-request-id
976JAQPEDZH7EYYY
access-control-allow-origin
*
expires
Sun, 29 Aug 2021 12:18:29 GMT
content-length
2482146
content-type
image/png
x-cache-hits
0, 0
www-player-webp.css
www.youtube-nocookie.com/s/player/31389f53/ Frame 240D 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/31389f53/www-player-webp.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dafb4a30433a050891ecf874719457879b50afb8a98fd8d046a8d379cc9c7e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 14:48:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:17:35 GMT
server
sffe
age
222340
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46244
x-xss-protection
0
expires
Tue, 23 Aug 2022 14:48:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 240D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube-nocookie.com
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 00:42:56 GMT
x-content-type-options
nosniff
age
186679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 00:42:56 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/31389f53/www-embed-player.vflset/ Frame 240D 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/31389f53/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
175dfbeb246f172120624127bb315d52e5911e56d4c6f0b905bb113d9766b319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 16:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:17:35 GMT
server
sffe
age
131089
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65213
x-xss-protection
0
expires
Wed, 24 Aug 2022 16:09:26 GMT
base.js
www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/ Frame 240D 		2 MB
498 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc067f9dfaffa03c5b4815c2fa9fad33987e0248c201dba03a36a549f5f73191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 14:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:17:35 GMT
server
sffe
age
221981
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
509353
x-xss-protection
0
expires
Tue, 23 Aug 2022 14:54:34 GMT
fetch-polyfill.js
www.youtube-nocookie.com/s/player/31389f53/fetch-polyfill.vflset/ Frame 240D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/31389f53/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 09:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:17:35 GMT
server
sffe
age
67901
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Thu, 25 Aug 2022 09:42:34 GMT
cmp.php
consentmanager.mgr.consensu.org/delivery/ 		866 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentmanager.mgr.consensu.org/delivery/cmp.php?__cmpcc=1&id=8598&o=1629952455&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&&l=en&odw=0&dlt=1
Requested by
Host: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=8598&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&&l=en&o=1629952455120
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
2a5923708c7e900296c239523830aee1da177e1f29d59a1063e09919729e601b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Aug 2021 04:34:15 GMT
Last-Modified
Thu, 26 Aug 2021 04:34:15 GMT
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
remote.js
www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/ Frame 240D 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2adbdcbb6e7561fb8f21e7b417ee08b0dea6f75f16577a11cc43b07ae24e480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 14:54:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:17:35 GMT
server
sffe
age
221980
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29748
x-xss-protection
0
expires
Tue, 23 Aug 2022 14:54:35 GMT
u7VSrL2vzvCSHp-xGnQw7TgH-M4lvADc4CuUaJueRfA.js
www.google.com/js/th/ Frame 240D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/u7VSrL2vzvCSHp-xGnQw7TgH-M4lvADc4CuUaJueRfA.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbb552acbdafcef0921e9fb11a7430ed3807f8ce25bc00dce02b94689b9e45f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 00:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13278
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Aug 2022 00:41:05 GMT
embed.js
www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/ Frame 240D 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
562e400d484924cd8c163734a9e4c95019c0f51e862545050c6eba6658a49566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 14:54:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 00:17:35 GMT
server
sffe
age
221980
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7276
x-xss-protection
0
expires
Tue, 23 Aug 2022 14:54:35 GMT
truncated
/ Frame 240D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQT_syn16weH0xFpTI_7ovmqkX2R9kGZtQIobqI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 240D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQT_syn16weH0xFpTI_7ovmqkX2R9kGZtQIobqI=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9e7a04adba38c6944193b0d8ad64e0c5946e588c37daf881d9691721541d58ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1890
x-xss-protection
0
server
fife
etag
"v2b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 21 Jul 2021 05:53:45 GMT
sddefault.webp
i.ytimg.com/vi_webp/3nIYKK896R8/ Frame 240D 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/3nIYKK896R8/sddefault.webp
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92a060ff8a28a8b7248bb90b77205ffa7582f143535e9dadf2225fb5b9d1282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1538935313"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94458
x-xss-protection
0
expires
Thu, 26 Aug 2021 06:34:15 GMT
cmp.php
consentmanager.mgr.consensu.org/delivery/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentmanager.mgr.consensu.org/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=8598&o=1629952455&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&&l=en&odw=0&dlt=1
Requested by
Host: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/cmp.php?__cmpcc=1&id=8598&o=1629952455&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&&l=en&odw=0&dlt=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
f8f9a4a16c7dcc95f2f0430afffae2c23b5a462b94f6f2abc3d9d37ecc024fa3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Aug 2021 04:34:15 GMT
Last-Modified
Thu, 26 Aug 2021 04:34:15 GMT
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 240D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/31389f53/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Thu, 26 Aug 2021 04:34:15 GMT
generate_204
www.youtube-nocookie.com/ Frame 240D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube-nocookie.com/generate_204?dvGDZg
Requested by
Host: www.citipost-nordwest.de
URL: https://www.citipost-nordwest.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:34:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bV8xLndfODU5OC5kXzE0MTE3LnhfMi52LnAudF8xNDExNw.js
cdn.consentmanager.mgr.consensu.org/delivery/customdata/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/customdata/bV8xLndfODU5OC5kXzE0MTE3LnhfMi52LnAudF8xNDExNw.js
Requested by
Host: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=8598&o=1629952455&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&&l=en&odw=0&dlt=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
5fe3efcc1b19785f1c054c6427cdaf450eb5b8f73d4159e54875cd8961936d2c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-powered-by
PleskLin
x-77-cache
MISS
x-cache
EXPIRED
x-age
24541
x-xss-protection
0
x-77-nzt
AcO1rgXqS6nL3V8AAA==
x-accel-expires
@1629956055
last-modified
Thu, 26 Aug 2021 04:34:15 GMT
server
CDN77-Turbo
x-77-nzt-ray
t6EhjB2YaKI=
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*, *
cache-control
public, max-age=1800
expires
Thu, 26 Aug 2021 05:04:15 GMT
langpurpose_de.min.js
cdn.consentmanager.mgr.consensu.org/delivery/lang/ 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/lang/langpurpose_de.min.js
Requested by
Host: cdn.consentmanager.mgr.consensu.org
URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp_en.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
b46ce3c2b44e71efdf941c3c30a97db0c560292d8ef2857f128318fbb5061159

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
br
vary
Accept-Encoding
x-77-nzt-ray
uBwmuYi0q0I=
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
x-age
15
x-77-nzt
AcO1rgX+KPnvDwAAAA==
x-accel-expires
@1629954240
last-modified
Mon, 16 Aug 2021 21:48:26 GMT
server
CDN77-Turbo
etag
W/"611add2a-9a91"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
expires
Sat, 21 Aug 2021 14:29:39 GMT
cmplogo.svg
cdn.consentmanager.mgr.consensu.org/delivery/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.consentmanager.mgr.consensu.org/delivery/cmplogo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
br
x-77-nzt-ray
u2R0ZdMXyCg=
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
x-age
50671
x-77-nzt
AcO1rgW6i6vv78UAAA==
x-accel-expires
@1629988184
last-modified
Mon, 14 Jun 2021 21:37:37 GMT
server
CDN77-Turbo
etag
W/"60c7cc21-d0f"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
expires
Sat, 21 Aug 2021 14:29:39 GMT
pixel.php
consentmanager.mgr.consensu.org/delivery/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consentmanager.mgr.consensu.org/delivery/pixel.php?id=8598&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&o=1629952455770&l=DE&lv=32167&d=1&ct=14&e=&e2=&e3=&i=&sv=42&dv=2&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Aug 2021 04:34:15 GMT
Last-Modified
Thu, 26 Aug 2021 04:34:15 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
43
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel.php
consentmanager.mgr.consensu.org/delivery/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consentmanager.mgr.consensu.org/delivery/pixel.php?id=8598&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.citipost-nordwest.de%2F&o=1629952455771&l=DE&lv=32167&d=1&ct=14&e=&e2=&e3=&i=&sv=42&dv=2&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5037422.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Aug 2021 04:34:15 GMT
Last-Modified
Thu, 26 Aug 2021 04:34:15 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Content-Length
43
X-XSS-Protection
0
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cmplogo.svg
cdn.consentmanager.net/delivery/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.consentmanager.net/delivery/cmplogo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / PleskLin
Resource Hash
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1

Request headers

Referer
https://www.citipost-nordwest.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 26 Aug 2021 04:34:15 GMT
content-encoding
br
x-77-nzt-ray
5mc2Mfj5GCI=
x-powered-by
PleskLin
x-77-cache
HIT
x-cache
HIT
x-age
50671
x-77-nzt
AcO1rgVTur/v78UAAA==
x-accel-expires
@1629988184
last-modified
Mon, 14 Jun 2021 21:37:37 GMT
server
CDN77-Turbo
etag
W/"60c7cc21-d0f"
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
expires
Sat, 21 Aug 2021 14:29:39 GMT
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 240D 		28 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/31389f53/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/3nIYKK896R8?wmode=transparent&vq=hd1080
X-YouTube-Client-Version
1.20210822.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtpMWpnYmJ6aWpiWSjHs5yJBg%3D%3D
X-YouTube-Ad-Signals
dt=1629952455411&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C487%2C274&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 26 Aug 2021 04:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 26 Aug 2021 04:34:17 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ckies object| __core-js_shared__ object| CookieControlSet object| CookieControl function| loadCss function| loadCSS function| onloadCSS object| jimdoData object| __regModuleBuffer function| regModule function| cmp_getlang boolean| gdprAppliesGlobally number| cmp_id string| cmp_params string| cmp_host string| cmp_cdn function| cmp_addFrame function| cmp_rc function| cmp_stub function| cmp_msghandler function| cmp_setStub function| __cmp function| __tcfapi function| __uspapi function| loadJimdoWebJsonp object| picturefillCFG function| picturefill function| jimdoGen002 object| Mustache object| Modernizr object| _jimBlob function| _jmdlg object| jQuery112003588955611438298 object| ModalWindow function| changeCaptcha object| ModernizrVideo function| _ function| $f function| Froogaloop function| _onLoadGooglePlus object| jsonCallback string| PAYMILL_PUBLIC_KEY object| _jimDoge function| setSrcSetImgWidth function| gaOptOut function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_purpose function| cmp_stack function| cmp_vendor function| cmp_utils function| cmp_storage function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_cookielist function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmpsource function| cmpmngr_queryfile string| cmpccsversionbuild number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getcss object| cmpmngr function| __cmapi object| s function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 string| cmp_config_data_cs object| cmp_config_data object| cmp_scripts object| cmp_scripturls string| cmp_proto object| cmp_timer function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_yesorange function| cmp_svg_noorange function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled function| cmp_svg_1 number| cmpGDPR number| cmpCCPA string| cmpConsentString string| cmpLastStatus string| cmpLastTCFStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes string| cmpIABUSP object| dataLayer object| utag_data

1 Cookies

Domain/Path Name / Value
www.citipost-nordwest.de/ Name: __cmpcc
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.jimdo.com
api.dmp.jimdo-server.com
assets.jimstatic.com
cdn.consentmanager.mgr.consensu.org
cdn.consentmanager.net
citipost-nordwest.de
consentmanager.mgr.consensu.org
fonts.gstatic.com
fonts.jimstatic.com
i.ytimg.com
image.jimcdn.com
u.jimcdn.com
www.citipost-nordwest.de
www.google.com
www.gstatic.com
www.youtube-nocookie.com
yt3.ggpht.com
151.101.14.2
185.60.251.251
2a00:1450:4001:800::2004
2a00:1450:4001:801::200e
2a00:1450:4001:809::2016
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a02:6ea0:c700::11
52.211.47.82
87.230.98.74
175dfbeb246f172120624127bb315d52e5911e56d4c6f0b905bb113d9766b319
1910e0fa09e317533ed7f92b8a56dd9c01c01cd54d87ddc6463b2d51b0a8e0e1
1c9869201b7281f48db5bf364b8dee35184d29d87e1e928d959dae4f95531314
26b4e2c9657c1e9ec78ef187eee8b9e3c2e297dfca9adbbaff2ab613ebd901bb
287ff29dc0bb152d12ac9f1f339003d7622483abb7ac48a4bc435ce9aabbc754
2a5923708c7e900296c239523830aee1da177e1f29d59a1063e09919729e601b
2e5de358a2352f58d44c5e356d1ad1c76e6acce787a87e4701c502603a9a6558
35d2dc08ad3484def39b54e445ed952e64cbfd1045ea791f4354e03b75c92e5f
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5dad95a8c93f26185508f85b590fbf64f3e884131a32b58bbd566fabd122db
400dba8815a89fa8dd3f7a133546bdeb1772186848f31f472b63aa2ca21e2594
4ce2882987a4e266f7607c5bfb8d04eada8fea112c1b3547c50c6b2d84316732
562e400d484924cd8c163734a9e4c95019c0f51e862545050c6eba6658a49566
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5fe3efcc1b19785f1c054c6427cdaf450eb5b8f73d4159e54875cd8961936d2c
65cae71dd8b74f8e7e59f7dca889c2a3e2e81c3373e3eb4048daeac4b2e7199c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
73f30dcf69bd062501802c865b522e579654d700a902c9c54ea8190aaa0400bb
79eee77da43e841900103c43c31a48f20cc6827d7415d8e6a644c39ed2bf0670
82421715ce7e4a050a4ea924e92fcfd9229326f0364c8ff85daca5afbbcaf6c9
871e52484a34a69e1fa3af2fbcc88604f221d5dcc2e10c978b5b1e84f081f062
8f5c0224e49800d5022064adf6ef8af9f9c4dea3c52bd7beec79395a870d2fb7
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
97bea6f6f18adf9f4f51b96c8a694e5781b2ffdcc0e41ac9bb42f4d79cd17479
9e7a04adba38c6944193b0d8ad64e0c5946e588c37daf881d9691721541d58ed
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b281cff83031ea1e800a45d79629d72664aa4aa9f24fc540939e2b9cf635c064
b46ce3c2b44e71efdf941c3c30a97db0c560292d8ef2857f128318fbb5061159
bbb552acbdafcef0921e9fb11a7430ed3807f8ce25bc00dce02b94689b9e45f0
c2f9856c385fa8eaaa1b0a212b866c64480f7c348f8c3f6bd4b5930c54673ef5
c33f763b053a0a287a21f38834377efc07ae81334d54275ec2d6ff2921ae4d97
c59dab7124ad69703a6bb26c68b9583d2af62169a5992861fc246c8cda479ae0
c6671b8078463ea3c3bf5bd69e9c2e38b74f061a6021f9e216c091d2fb7f1e48
c92a060ff8a28a8b7248bb90b77205ffa7582f143535e9dadf2225fb5b9d1282
d2adbdcbb6e7561fb8f21e7b417ee08b0dea6f75f16577a11cc43b07ae24e480
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9295f22454d6bf403c2aedec478ed09cbc78b5e96d5aec3d992b653078bb1c4
dafb4a30433a050891ecf874719457879b50afb8a98fd8d046a8d379cc9c7e04
dc067f9dfaffa03c5b4815c2fa9fad33987e0248c201dba03a36a549f5f73191
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb13ea421f55a90fa4d251295edcf637758a2f65943402771f8410048b5419e7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f4348ae74557272a85350bc0f194922b59a40b7b7d2c6661cd06ba16d42e76f0
f8f9a4a16c7dcc95f2f0430afffae2c23b5a462b94f6f2abc3d9d37ecc024fa3
fdd72c0a97672e72646c410f25eb8e2bb210baa47d96d774e5c7759af00d31c3