urlscan.io logo urlscan.io
SecurityTrails logo

hs-niederrhein.com Open in urlscan Pro
2001:8d8:100f:f000::29d  Public Scan

Go To Rescan Add Verdict Report
URL: http://hs-niederrhein.com/
Submission: On September 22 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 26 HTTP transactions. The main IP is 2001:8d8:100f:f000::29d, located in Germany and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is hs-niederrhein.com.
This is the only time hs-niederrhein.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2001:8d8:100f... 8560 (ONEANDONE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
26 5
16    2001:8d8:100f:f000::29d (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
hs-niederrhein.com
2    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
5    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
Domain Requested by
16 hs-niederrhein.com hs-niederrhein.com
4 pagead2.googlesyndication.com hs-niederrhein.com
pagead2.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com hs-niederrhein.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
26 6

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://hs-niederrhein.com/
Frame ID: 42823E547A4E0628660440FDE45BE2A1
Requests: 3 HTTP requests in this frame

Frame: http://hs-niederrhein.com/headline.html
Frame ID: D2238EE6DA302EEFA4259EC76CC91882
Requests: 6 HTTP requests in this frame

Frame: http://hs-niederrhein.com/navi.html
Frame ID: 0BCCC0FA1D05F1F9D144683FD49986AF
Requests: 2 HTTP requests in this frame

Frame: http://hs-niederrhein.com/_home.html
Frame ID: B086082A0D7573D425521058C49B8C1A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/zrt_lookup.html
Frame ID: E4CCE8E58D68E21076D7B2E325F16D3F
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Frame ID: 8ABFE47C8BAE007199EF61F3DEC8B27C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1335377651175458&output=html&h=125&slotname=6050618305&adk=1908670522&adf=2434253522&w=125&lmt=1234251350&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fhs-niederrhein.com%2F_home.html&flash=0&wgl=1&adsid=NT&dt=1537623303555&bpp=15&bdt=32&fdt=18&idt=64&shv=r20180917&cbv=r20180604&saldr=sa&correlator=3657334689670&frm=21&ife=1&pv=2&ga_vid=1498783326.1537623303&ga_sid=1537623303&ga_hid=1594899313&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=394&ady=524&biw=1600&bih=1200&isw=1334&ish=1080&ifk=3364670671&scr_x=0&scr_y=0&eid=21060853%2C21070024&oid=3&top=http%3A%2F%2Fhs-niederrhein.com%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1334%2C1080&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&fsb=1&xpc=dBT3FSJGvq&p=http%3A//hs-niederrhein.com&dtd=82
Frame ID: 82B724B5260FCAB01A2234C4E4EEBCCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Page Statistics

26
Requests

31 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

167 kB
Transfer

398 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 1
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=10867140&utmhn=hs-niederrhein.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Die%20Homepage%20von%20Prof.%20Dr.%20Harald%20Vergossen&utmhid=947812889&utmr=-&utmp=%2F&utmht=1537623303435&utmac=UA-21475246-3&utmcc=__utma%3D269717096.1498783326.1537623303.1537623303.1537623303.1%3B%2B__utmz%3D269717096.1537623303.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=412016218&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=10867140&utmhn=hs-niederrhein.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Die%20Homepage%20von%20Prof.%20Dr.%20Harald%20Vergossen&utmhid=947812889&utmr=-&utmp=%2F&utmht=1537623303435&utmac=UA-21475246-3&utmcc=__utma%3D269717096.1498783326.1537623303.1537623303.1537623303.1%3B%2B__utmz%3D269717096.1537623303.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=412016218&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hs-niederrhein.com/ 		857 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hs-niederrhein.com/
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
484d3ba9f1093529556d0f7cfc1713145f644c29475952efaa95df106bc3e370

Request headers

Host
hs-niederrhein.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Date
Sat, 22 Sep 2018 13:35:03 GMT
Server
Apache
Last-Modified
Mon, 21 Nov 2011 16:37:35 GMT
ETag
W/"359-4b2414dd0f1c0"
Content-Encoding
gzip
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hs-niederrhein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
5959
date
Sat, 22 Sep 2018 11:55:44 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17168
expires
Sat, 22 Sep 2018 13:55:44 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=10867140&utmhn=hs-niederrhein.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=10867140&utmhn=hs-niederrhein.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=10867140&utmhn=hs-niederrhein.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Die%20Homepage%20von%20Prof.%20Dr.%20Harald%20Vergossen&utmhid=947812889&utmr=-&utmp=%2F&utmht=1537623303435&utmac=UA-21475246-3&utmcc=__utma%3D269717096.1498783326.1537623303.1537623303.1537623303.1%3B%2B__utmz%3D269717096.1537623303.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=412016218&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hs-niederrhein.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Sep 2018 13:35:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=10867140&utmhn=hs-niederrhein.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Die%20Homepage%20von%20Prof.%20Dr.%20Harald%20Vergossen&utmhid=947812889&utmr=-&utmp=%2F&utmht=1537623303435&utmac=UA-21475246-3&utmcc=__utma%3D269717096.1498783326.1537623303.1537623303.1537623303.1%3B%2B__utmz%3D269717096.1537623303.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=412016218&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
headline.html
hs-niederrhein.com/ Frame D223 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hs-niederrhein.com/headline.html
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
322e63c23436c8e6eae8e52d90048e9d2c444a3101d55da498daf943c2a984f2

Request headers

Host
hs-niederrhein.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://hs-niederrhein.com/
Accept-Encoding
gzip, deflate
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hs-niederrhein.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Date
Sat, 22 Sep 2018 13:35:03 GMT
Server
Apache
Last-Modified
Fri, 31 Oct 2014 13:01:52 GMT
ETag
W/"a09-506b799c29000"
Content-Encoding
gzip
navi.html
hs-niederrhein.com/ Frame 0BCC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hs-niederrhein.com/navi.html
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
fbdb89b6766ed935d7053b56882e0eb10569e7e0d09dac192c23d4b38f31c203

Request headers

Host
hs-niederrhein.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://hs-niederrhein.com/
Accept-Encoding
gzip, deflate
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hs-niederrhein.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Date
Sat, 22 Sep 2018 13:35:03 GMT
Server
Apache
Last-Modified
Sun, 20 Nov 2011 22:23:29 GMT
ETag
W/"e24-4b23205027a40"
Content-Encoding
gzip
_home.html
hs-niederrhein.com/ Frame B086 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hs-niederrhein.com/_home.html
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
ad842854c6936e6d6befec35fe3ddc327645ae42409207d128713be2943c09a7

Request headers

Host
hs-niederrhein.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://hs-niederrhein.com/
Accept-Encoding
gzip, deflate
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hs-niederrhein.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Date
Sat, 22 Sep 2018 13:35:03 GMT
Server
Apache
Last-Modified
Tue, 10 Feb 2009 07:35:50 GMT
ETag
W/"da2-4628b8947c180"
Content-Encoding
gzip
2.jpg
hs-niederrhein.com/Ypics/ Frame D223 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/2.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/headline.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
edde369a45b2c5293610f7d3820f85823036a189a8013ac182cb962be039672e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/headline.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/headline.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:01 GMT
Server
Apache
ETag
"41c-3f3c211fb0340"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1052
3.jpg
hs-niederrhein.com/Ypics/ Frame D223 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/3.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/headline.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
a1693befdf9d1e0ec475989c9ee7a074bb6b9d3a3f7b7b44369f5a375fb1046a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/headline.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/headline.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:02:57 GMT
Server
Apache
ETag
"400-3f3c211bdfa40"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1024
1.jpg
hs-niederrhein.com/Ypics/ Frame D223 		815 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/1.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/headline.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
5002d136c7daa5237ee4637b5d01f4a23ec78dae85ab3bc27eeb9dab6915ad15

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/headline.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/headline.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:00 GMT
Server
Apache
ETag
"32f-3f3c211ebc100"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
815
4.jpg
hs-niederrhein.com/Ypics/ Frame D223 		790 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/4.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/headline.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
0cb6be29427245f0afe5c25a1c9ee3f0cf30fdd656c48998427afaa238f1e19a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/headline.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/headline.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:02:59 GMT
Server
Apache
ETag
"316-3f3c211dc7ec0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
790
6.jpg
hs-niederrhein.com/Ypics/ Frame D223 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/6.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/headline.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
ec70dc692be426c0c78a2d03b11f163f27fec043cfcc51ebf3e0f1f41845b60c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/headline.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/headline.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 25 Jun 2005 09:23:29 GMT
Server
Apache
ETag
"bce-3fa5a78b10640"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3022
foto.gif
hs-niederrhein.com/Ypics/ Frame B086 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/foto.gif
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/_home.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
d49b4c24247e60b89668f7dfe91539fb3d45da9132e717f03bc7942dc1923db4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/_home.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:01:17 GMT
Server
Apache
ETag
"2d28-3f3c20bc81940"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
11560
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B086 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/_home.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ce283a57a306f3114633f756551f12a077d8f8038e9e335b7b0c0016cd83a2d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 22 Sep 2018 13:35:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9014797344150048453
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
20291
X-XSS-Protection
1; mode=block
Expires
Sat, 22 Sep 2018 13:35:03 GMT
pfeil_L.jpg
hs-niederrhein.com/Ypics/ Frame B086 		739 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/pfeil_L.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/_home.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
ca2eedfb4b709141b1f81782a4ffe3fca0288731371503c8855a14126bbf301e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/_home.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:05 GMT
Server
Apache
ETag
"2e3-3f3c212380c40"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
739
pfeil_O.jpg
hs-niederrhein.com/Ypics/ Frame B086 		738 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/pfeil_O.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/_home.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
05ddfef00e5e0500da02d88beef6a978c37a75ef30b884129b25dd4c91c6a653

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/_home.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:03 GMT
Server
Apache
ETag
"2e2-3f3c2121987c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
738
haus.jpg
hs-niederrhein.com/Ypics/ Frame B086 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/haus.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/_home.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
1e4907743fb89e7dcd255920747f19fb4b0df625dd61ada95beab71d21ffae31

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/_home.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:04 GMT
Server
Apache
ETag
"330-3f3c21228ca00"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
816
pfeil_R.jpg
hs-niederrhein.com/Ypics/ Frame B086 		728 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/pfeil_R.jpg
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/_home.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
6562248cd8213a5e8d1bdfc6ed0dda983619b3f5ceea78bd2f8734d476d48fc8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/_home.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:02 GMT
Server
Apache
ETag
"2d8-3f3c2120a4580"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
728
blind.gif
hs-niederrhein.com/Ypics/ Frame B086 		68 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/blind.gif
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/_home.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/_home.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:15 GMT
Server
Apache
ETag
"44-3f3c212d0a2c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
68
blind.gif
hs-niederrhein.com/Ypics/ Frame 0BCC 		68 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hs-niederrhein.com/Ypics/blind.gif
Requested by
Host: hs-niederrhein.com
URL: http://hs-niederrhein.com/navi.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::29d , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hs-niederrhein.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://hs-niederrhein.com/navi.html
Cookie
__utma=269717096.1498783326.1537623303.1537623303.1537623303.1; __utmc=269717096; __utmz=269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=269717096.1.10.1537623303
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hs-niederrhein.com/navi.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Sep 2018 13:35:03 GMT
Last-Modified
Sat, 02 Apr 2005 11:03:15 GMT
Server
Apache
ETag
"44-3f3c212d0a2c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
68
integrator.js
adservice.google.de/adsid/ Frame B086 		109 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hs-niederrhein.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 22 Sep 2018 13:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame B086 		109 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hs-niederrhein.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 22 Sep 2018 13:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-1335377651175458.js
pagead2.googlesyndication.com/pub-config/r20160913/ Frame B086 		68 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1335377651175458.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 22 Sep 2018 13:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
88
x-xss-protection
1; mode=block
expires
Sun, 23 Sep 2018 01:35:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/ Frame E4CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180917/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hs-niederrhein.com/_home.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hs-niederrhein.com/_home.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 18 Sep 2018 04:37:42 GMT
expires
Tue, 02 Oct 2018 04:37:42 GMT
content-type
text/html; charset=UTF-8
etag
18162506661661110595
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6931
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
377841
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ Frame 8ABF 		196 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2f43b22b2ca1e4e5640d8b3d0714741fd9474b0070e38cb0cccbaddbda16a05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 22 Sep 2018 13:35:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
10256124580689806231
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
74155
X-XSS-Protection
1; mode=block
Expires
Sat, 22 Sep 2018 13:35:03 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 82B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1335377651175458&output=html&h=125&slotname=6050618305&adk=1908670522&adf=2434253522&w=125&lmt=1234251350&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fhs-niederrhein.com%2F_home.html&flash=0&wgl=1&adsid=NT&dt=1537623303555&bpp=15&bdt=32&fdt=18&idt=64&shv=r20180917&cbv=r20180604&saldr=sa&correlator=3657334689670&frm=21&ife=1&pv=2&ga_vid=1498783326.1537623303&ga_sid=1537623303&ga_hid=1594899313&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=394&ady=524&biw=1600&bih=1200&isw=1334&ish=1080&ifk=3364670671&scr_x=0&scr_y=0&eid=21060853%2C21070024&oid=3&top=http%3A%2F%2Fhs-niederrhein.com%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1334%2C1080&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&fsb=1&xpc=dBT3FSJGvq&p=http%3A//hs-niederrhein.com&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1335377651175458&output=html&h=125&slotname=6050618305&adk=1908670522&adf=2434253522&w=125&lmt=1234251350&guci=1.2.0.0.2.2.0&url=http%3A%2F%2Fhs-niederrhein.com%2F_home.html&flash=0&wgl=1&adsid=NT&dt=1537623303555&bpp=15&bdt=32&fdt=18&idt=64&shv=r20180917&cbv=r20180604&saldr=sa&correlator=3657334689670&frm=21&ife=1&pv=2&ga_vid=1498783326.1537623303&ga_sid=1537623303&ga_hid=1594899313&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=394&ady=524&biw=1600&bih=1200&isw=1334&ish=1080&ifk=3364670671&scr_x=0&scr_y=0&eid=21060853%2C21070024&oid=3&top=http%3A%2F%2Fhs-niederrhein.com%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1334%2C1080&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&fsb=1&xpc=dBT3FSJGvq&p=http%3A//hs-niederrhein.com&dtd=82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hs-niederrhein.com/_home.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hs-niederrhein.com/_home.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 22 Sep 2018 13:35:03 GMT
server
cafe
cache-control
private
content-length
382
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Sat, 22-Sep-2018 13:50:03 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Sat, 22 Sep 2018 13:35:03 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ Frame B086 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hs-niederrhein.com/_home.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Sep 2018 03:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26901
x-xss-protection
1; mode=block
server
cafe
etag
11408177114345171100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Oct 2018 03:08:23 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| gaJsHost object| _gat object| _gaq object| gaGlobal object| google_reactive_ads_global_state object| google_jobrunner number| google_global_correlator object| google_prev_clients

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hs-niederrhein.com/ Name: __utmz
Value: 269717096.1537623303.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.hs-niederrhein.com/ Name: __utmb
Value: 269717096.1.10.1537623303
.hs-niederrhein.com/ Name: __utmt
Value: 1
.hs-niederrhein.com/ Name: __utmc
Value: 269717096
.hs-niederrhein.com/ Name: __utma
Value: 269717096.1498783326.1537623303.1537623303.1537623303.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
hs-niederrhein.com
pagead2.googlesyndication.com
www.google-analytics.com
2001:8d8:100f:f000::29d
2a00:1450:4001:814::2002
2a00:1450:4001:817::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05ddfef00e5e0500da02d88beef6a978c37a75ef30b884129b25dd4c91c6a653
0cb6be29427245f0afe5c25a1c9ee3f0cf30fdd656c48998427afaa238f1e19a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e4907743fb89e7dcd255920747f19fb4b0df625dd61ada95beab71d21ffae31
2f43b22b2ca1e4e5640d8b3d0714741fd9474b0070e38cb0cccbaddbda16a05c
322e63c23436c8e6eae8e52d90048e9d2c444a3101d55da498daf943c2a984f2
484d3ba9f1093529556d0f7cfc1713145f644c29475952efaa95df106bc3e370
5002d136c7daa5237ee4637b5d01f4a23ec78dae85ab3bc27eeb9dab6915ad15
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6562248cd8213a5e8d1bdfc6ed0dda983619b3f5ceea78bd2f8734d476d48fc8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
a1693befdf9d1e0ec475989c9ee7a074bb6b9d3a3f7b7b44369f5a375fb1046a
ad842854c6936e6d6befec35fe3ddc327645ae42409207d128713be2943c09a7
ca2eedfb4b709141b1f81782a4ffe3fca0288731371503c8855a14126bbf301e
ce283a57a306f3114633f756551f12a077d8f8038e9e335b7b0c0016cd83a2d0
d49b4c24247e60b89668f7dfe91539fb3d45da9132e717f03bc7942dc1923db4
ec70dc692be426c0c78a2d03b11f163f27fec043cfcc51ebf3e0f1f41845b60c
edde369a45b2c5293610f7d3820f85823036a189a8013ac182cb962be039672e
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
fbdb89b6766ed935d7053b56882e0eb10569e7e0d09dac192c23d4b38f31c203