au.dinestle.us Open in urlscan Pro
172.67.207.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au.dinestle.us/login.php
Submission Tags: krdprod
Submission: On September 14 via api (September 14th 2021, 10:22:52 am UTC) from JP — Scanned from DE

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 53 HTTP transactions. The main IP is 172.67.207.226, located in United States and belongs to CLOUDFLARENET, US. The main domain is au.dinestle.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 14th 2021. Valid for: a year.

This is the only time au.dinestle.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	172.67.207.226 172.67.207.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
7	172.217.16.226 172.217.16.226	15169 (GOOGLE) (GOOGLE)
2	172.217.169.78 172.217.169.78	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	104.22.76.91 104.22.76.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	142.250.187.226 142.250.187.226	15169 (GOOGLE) (GOOGLE)
1	142.250.180.2 142.250.180.2	15169 (GOOGLE) (GOOGLE)
1	142.250.179.226 142.250.179.226	15169 (GOOGLE) (GOOGLE)
1	142.250.178.2 142.250.178.2	15169 (GOOGLE) (GOOGLE)
1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
1	148.69.64.74 148.69.64.74	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
1 1	217.147.127.42 217.147.127.42	201071 (VISL-IE) (VISL-IE)
1	13.226.169.8 13.226.169.8	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.225 216.58.212.225	15169 (GOOGLE) (GOOGLE)
1	142.250.187.196 142.250.187.196	15169 (GOOGLE) (GOOGLE)
53	17

20 172.67.207.226 (United States)

ASN13335 (CLOUDFLARENET, US)

au.dinestle.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.226 (United States)

ASN15169 (GOOGLE, US)
PTR: mad08s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.169.78 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.76.91 (None, )

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.179.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.178.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Gondomar, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.74 (Gondomar, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: bus.clevernt.com

bus.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.147.127.42 (Gibraltar) 1 redirects

ASN201071 (VISL-IE, GI)
PTR: www.aff-handler.com

mmwebhandler.aff-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.169.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-169-8.mxp64.r.cloudfront.net

www.888casino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.225 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams16s22-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.187.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	dinestle.us au.dinestle.us	192 KB
11	wp.com c0.wp.com stats.wp.com pixel.wp.com i1.wp.com	237 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	174 KB
2	clevernt.com sender.clevernt.com bus.clevernt.com	1 KB
2	google.com adservice.google.com www.google.com	2 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	cleverwebserver.com scripts.cleverwebserver.com ui.cleverwebserver.com	52 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	888casino.com www.888casino.com	1 KB
1	aff-online.com 1 redirects mmwebhandler.aff-online.com	364 B
1	googletagservices.com www.googletagservices.com	27 KB
1	googleadservices.com partner.googleadservices.com	659 B
53	12

	Domain	Requested by
20	au.dinestle.us	au.dinestle.us
8	c0.wp.com	au.dinestle.us
7	pagead2.googlesyndication.com	au.dinestle.us pagead2.googlesyndication.com tpc.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	au.dinestle.us www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	www.888casino.com	bus.clevernt.com
1	mmwebhandler.aff-online.com	1 redirects
1	bus.clevernt.com	sender.clevernt.com
1	sender.clevernt.com	au.dinestle.us
1	ui.cleverwebserver.com	au.dinestle.us
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i1.wp.com	au.dinestle.us
1	pixel.wp.com	au.dinestle.us
1	scripts.cleverwebserver.com	au.dinestle.us
1	stats.wp.com	au.dinestle.us
53	19

This site contains links to these domains. Also see Links.

Domain
clevernetwork.pt

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-14` - `2022-09-13`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
*.888casino.com Amazon	`2021-04-13` - `2022-05-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://au.dinestle.us/login.php
Frame ID: DE68A56E9D5672AADA4E48801732443A
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 9019D917C26CA08BD86C4FDA0657A335
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&adk=1812271804&adf=3025194257&lmt=1631614967&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.dinestle.us%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631614967261&bpp=3&bdt=1043&idt=113&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5380622440086&frm=20&pv=2&ga_vid=248543258.1631614967&ga_sid=1631614967&ga_hid=925924091&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062524%2C44748552%2C31062297&oid=3&pvsid=2693452832318845&pem=371&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130
Frame ID: D8A34F67E1789DA596FD3E1513E8C968
Requests: 1 HTTP requests in this frame

Frame: https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
Frame ID: B1C21DD95C1A7BEC46AD87047B828F9F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A8239750B9357DF88F79ED8B47BE8E88
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B836774DD62F41EB84A847850E588D0E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - Nzuchi Times Australia News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

17
IPs

4
Countries

711 kB
Transfer

1860 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://clevernetwork.pt/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://mmwebhandler.aff-online.com/c/42492?sr=1099597 HTTP 302
https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao

53 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request login.php Show response
au.dinestle.us/ 64 KB
14 KB 634ms
571ms Document
text/html 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d000e9f3279be211a30019fc707532f9be0c76c5fa3334f81b0a159cd881b7c

Request headers

:method: GET
:authority: au.dinestle.us
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://au.dinestle.us/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcCeZ%2FA2SSr7yzL2u5sNDLbWdF3GpXQImuLn%2FVEL8FR4hFkjpkypuirG9kR4SSvKDTI%2FzVDIUA7RNFxXGiY3QnXhwDCvZO0Ja0LD3Qw2XJxDZWwQls5Hv5ht%2BzlA6O7TzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68e8e55f5c78412b-PRG
content-encoding: br

GET
H2 200 tipi.woff2
au.dinestle.us/wp-content/themes/zeen/assets/css/tipi/ 15 KB
16 KB 686ms
686ms Font
font/woff2 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/css/tipi/tipi.woff2?9oa0lg
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eac7206bbed48c1c84d787ea935299c7e6e8ad459457b67db7e27e998cbeab4d

Request headers

:path: /wp-content/themes/zeen/assets/css/tipi/tipi.woff2?9oa0lg
pragma: no-cache
origin: https://au.dinestle.us
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.dinestle.us/login.php
Origin: https://au.dinestle.us
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15784
last-modified: Fri, 05 Mar 2021 10:18:56 GMT
server: cloudflare
etag: "3da8-60420590-abe99d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWUGUAYfwx1xyF3OcsYM4XMl%2Bg5I68BHW96s6E5fm58sO1PuiRFFAMInh4cvLGWEXh65%2B9P4B%2FrthCn8Ib3%2BUyF%2FrUa%2F8olLRiUu0SHvQVN%2BFvC0MnP7H%2FIn0pUb4Zo3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 68e8e5631a37412b-PRG
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H2 200 GAqhvO3-X141Az5T4Y604Re8am0.js Show response
au.dinestle.us/cdn-cgi/apps/head/ 4 KB
2 KB 457ms
456ms Script
application/javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/cdn-cgi/apps/head/GAqhvO3-X141Az5T4Y604Re8am0.js
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6478877a2b31716e66b1f9387cb78bd791118f110bfef35204d24dcbefb34b3f

Request headers

:path: /cdn-cgi/apps/head/GAqhvO3-X141Az5T4Y604Re8am0.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C6EPR36TEH4KKA7R
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-version-id: aSfuEO.l5lk5JHC27iKT0aYgKNmiztaq
x-amz-id-2: HT+OhdtOdz/ci0co5lKXDjAlMJBX/EcTIbalXTnXuV/dkqF8+GMKAQ7VQf3nfAIHAwMi6z7qDxQ=
last-modified: Tue, 14 Sep 2021 02:19:07 GMT
server: cloudflare
etag: W/"4c4605d6bea7188bec930510d64ec52a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fF%2FeehSp195jsvMJywo2mLtlYwkXkVR9hisWu3V0JMxq9Z7EdRODlQfXCvxSMaXVxWKkwOIPvq0jKM%2FP3oE0JTzJ%2BSbHVUe%2BBTX8pXv4zv8SpcIqi2ClVhP5%2BCm0l5tm6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 68e8e5631a3b412b-PRG

GET
H2 200 style.min.css
c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/ 79 KB
10 KB 28ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 11 KB
2 KB 28ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 4 KB
1 KB 28ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H2 200 style.min.css
au.dinestle.us/wp-content/plugins/lets-info-up/frontend/css/ 3 KB
1 KB 544ms
542ms Stylesheet
text/css 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/plugins/lets-info-up/frontend/css/style.min.css?ver=1.4.6
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b716c8e60d99ff6f4252f58cb9c9612ea525e421e6d61490e7f49a2c351aba

Request headers

:path: /wp-content/plugins/lets-info-up/frontend/css/style.min.css?ver=1.4.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Aug 2021 13:28:14 GMT
server: cloudflare
etag: W/"bf3-611521ee-a81237;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yruUU0koiX%2F%2BAltnpWX70vKLUMyyJZHCN3qZicIt0YTKexu1ZVEwr2TLVAkpYeM3%2B8fm9fpHM1YcME5oafqkzxVA35A1S6JZ8LrvpkwuZRINfITb2fw0BjYcCL0SBqwkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e5631a3c412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H2 200 style.min.css
au.dinestle.us/wp-content/plugins/lets-live-blog/frontend/css/ 9 KB
2 KB 526ms
524ms Stylesheet
text/css 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/plugins/lets-live-blog/frontend/css/style.min.css?ver=1.2.0
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad293ae72ab30f2459d65c438da017fb944577514c789f2053747d38a7bb4457

Request headers

:path: /wp-content/plugins/lets-live-blog/frontend/css/style.min.css?ver=1.2.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Aug 2021 13:28:18 GMT
server: cloudflare
etag: W/"25a4-611521f2-abe5c3;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2ByZKlJmsKG8zl8srCuv7S0qmyaeE%2F5nYlYR0Jhycof%2BfqKJgk1kOQrDnymP0Wp%2BjCfEqxKuoWemIm9iUzDUVt%2Ftmc1e1C3YzO6SDmp4cqCe6hpKx0op9w9krV8%2FaV9s%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e5631a3e412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H2 200 style.min.css
au.dinestle.us/wp-content/themes/zeen/assets/css/ 356 KB
66 KB 865ms
863ms Stylesheet
text/css 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/css/style.min.css?ver=4.0.9.3
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9129c109e29ecd1817d0cb37d1fb3443e3d6a12dae36ff05a275b9ba481ee972

Request headers

:path: /wp-content/themes/zeen/assets/css/style.min.css?ver=4.0.9.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 02 Apr 2021 15:31:40 GMT
server: cloudflare
etag: W/"58f14-606738dc-abe998;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvkOQKGINKuus6oGqn9YLtyp0Hk%2F8yhB6qt3GvkUzzxqVqxD%2FLgevZeW5JQd%2FidwOXZjaPNuT74Jxe5X2VY9B97RNFCpO6pTQp4kKtSq60ySJv60TxMl%2FgOS9ufoexWKpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e5631a40412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H2 200 dark.min.css
au.dinestle.us/wp-content/themes/zeen/assets/css/ 15 KB
3 KB 523ms
522ms Stylesheet
text/css 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/css/dark.min.css?ver=4.0.9.3
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d002423a54c1a6dc121d6afd4cc71a18737362c82eb70c5c379eb78c7c7c37d

Request headers

:path: /wp-content/themes/zeen/assets/css/dark.min.css?ver=4.0.9.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Jun 2021 17:34:54 GMT
server: cloudflare
etag: W/"3bd0-60b7c13e-abe996;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z%2FBzzNoOGFrcmiGNy13r453O7JC5%2FBd4mzIdXumGwF0u8LKQJ4sBsfg1925ARGLDDdSaVfLN%2FaakqJk63%2BMtfl1sHd%2Bmoo%2Bl1TFZV6wa1an9tavaqMasgZS%2FMD31EG%2BAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e5631a41412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.0/css/ 85 KB
16 KB 27ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.0/css/jetpack.css

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Tue, 03 Aug 2021 16:19:12 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 87 KB
30 KB 31ms
11ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 11 KB
4 KB 32ms
12ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H2 200 login-with-ajax.js Show response
au.dinestle.us/wp-content/themes/zeen/plugins/login-with-ajax/ 2 KB
1 KB 525ms
525ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/plugins/login-with-ajax/login-with-ajax.js?ver=3.1.11
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea6ea01b5ab23276a8aeb42c4b56ca515fb0731a80b530b2fc05c34f1a362179

Request headers

:path: /wp-content/themes/zeen/plugins/login-with-ajax/login-with-ajax.js?ver=3.1.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Dec 2020 18:16:24 GMT
server: cloudflare
etag: W/"850-5fd508f8-abed76;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ankn22yU4sbMv%2BUUadYpbklsDyuwp7ZvtUXFWXY1P8ux5X2IBbP5FdIfnS3vKFO1PIqmwTyrcIZELZItVBXPVFReI3lvK1gF97Dp0RmbFLR6QUBwkSK%2FZEJzxHX%2FWCPFsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e5631a42412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 86ms
36ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377509529524445

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1947bbfa54a1079d10e73adaccdcc21952faa0d6d5929e567eee24f902076fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.dinestle.us/
Origin: https://au.dinestle.us
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48927
x-xss-protection: 0
server: cafe
etag: 6340949852821719840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 10:22:47 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/10.0/_inc/build/photon/ 758 B
425 B 6ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.0/_inc/build/photon/photon.min.js

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H3 200 functions.min.js Show response
au.dinestle.us/wp-content/plugins/lets-live-blog/frontend/js/ 4 KB
2 KB 525ms
525ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/plugins/lets-live-blog/frontend/js/functions.min.js?ver=1.2.0
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 756387852aec9c187327bfa587b6a252886dff244a3f1766df571549e81f3c49

Request headers

:path: /wp-content/plugins/lets-live-blog/frontend/js/functions.min.js?ver=1.2.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Aug 2021 13:28:18 GMT
server: cloudflare
etag: W/"ed9-611521f2-abe5dd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BV4aFIqI4SAp2QtBkEEu3oQinlajPXOnMxB0Z%2Bf8okSo70KCgFCAiCFGcIJQ%2FqOb1Gi1C%2Bg9eEIK2pSfJaL8toCuvHvPOSjTqhm%2B3qgLApeW1yRppAQ%2FPRCM0IVmNOelQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fce64131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H3 200 gsap.min.js Show response
au.dinestle.us/wp-content/themes/zeen/assets/js/gsap/ 61 KB
25 KB 689ms
689ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/js/gsap/gsap.min.js?ver=3.6
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d3820cac85b4f074f0801e3c87c8c3b37b28730bfadefe6ea9a921bfce34bc

Request headers

:path: /wp-content/themes/zeen/assets/js/gsap/gsap.min.js?ver=3.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Feb 2021 12:17:18 GMT
server: cloudflare
etag: W/"f396-603643ce-abed5d;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pl4VfaYmuYbo0ZkMIlD%2F3tUFgHKp1hhgElnYeVQrldFMTqcb8oip4P1bWs3WwR201zHN7Sy38g6dQZwEYX%2F4oCmfvWYiO0ugtTkZWlJPMgIhGIX7XuxjuAaWHQjZeaTN9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fce94131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H3 200 ScrollTrigger.min.js Show response
au.dinestle.us/wp-content/themes/zeen/assets/js/gsap/ 20 KB
10 KB 532ms
531ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/js/gsap/ScrollTrigger.min.js?ver=3.6
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ed648b3788cb18d61d64d9ba4e0ca4f9deb73fa45c5d421dddec79c710f091

Request headers

:path: /wp-content/themes/zeen/assets/js/gsap/ScrollTrigger.min.js?ver=3.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Feb 2021 12:15:24 GMT
server: cloudflare
etag: W/"502c-6036435c-abed5e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6%2FVGwEjF9Xd6pl1jukmtoTUPX4fxisEJfHH3eN1zaFMRmSJU6Qx1tqAuN%2FUeOAElzRaXKZMvrkFUXkmuuGds4Rb80CdVjYFdbygWvGC%2Fl%2F6S2N6aM%2Bx%2B9bEhIPqvx1SZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fcec4131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H3 200 js.cookie.min.js Show response
au.dinestle.us/wp-content/themes/zeen/assets/js/ 2 KB
1 KB 557ms
556ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/js/js.cookie.min.js?ver=2.2.1
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e94d9d4dc2b917019e391f381898fb6a4b74937d274f17001cbaf63ffefcf5df

Request headers

:path: /wp-content/themes/zeen/assets/js/js.cookie.min.js?ver=2.2.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Aug 2020 17:31:30 GMT
server: cloudflare
etag: W/"65f-5f2c3e72-abed62;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6ckZpTO29IAZbtPTeZfQrS22PXd1wI6oWCtmn1I8%2BwJEnLRcV2inInL80Gc93GOTiSmWN5peKBpiNdvnFyXs8Lhvpx3BjcL%2Fjjqrpg23elLfJhnPtPsQ6KbWWkbFdC9wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fcf04131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H3 200 imagesloaded.pkgd.min.js Show response
au.dinestle.us/wp-content/themes/zeen/assets/js/ 5 KB
2 KB 571ms
569ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/js/imagesloaded.pkgd.min.js?ver=4.1.4
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d86ec39200e69c8758314c29df763ef2f7d362df0a85cb0b104c9647b4ed94

Request headers

:path: /wp-content/themes/zeen/assets/js/imagesloaded.pkgd.min.js?ver=4.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Aug 2020 19:04:06 GMT
server: cloudflare
etag: W/"15ca-5f2c5426-abed54;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtkA1b7Iw28wUVAqP9xSqt%2Fcec8gWTiuifOuAtLHOxlD6KhoMP%2FfV01R1KujgIKdUODq%2FWtAQkcg3kpDkVj1jV1aYhu%2B6%2BNUDB55rFXBvO5JJS%2BlYTW5A17pBj4Fmwz0tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fcf24131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H3 200 menu-aim.min.js Show response
au.dinestle.us/wp-content/themes/zeen/assets/js/ 4 KB
2 KB 525ms
524ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/js/menu-aim.min.js?ver=1.9.0
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077f77c9c36b6609c8aee82deb6ca41f0d4e20dbd30eecd0e77771fd09a87655

Request headers

:path: /wp-content/themes/zeen/assets/js/menu-aim.min.js?ver=1.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Jan 2020 18:19:28 GMT
server: cloudflare
etag: W/"119f-5e1e0630-abed58;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJdF7QJqHbOGbshBWGW2f1ZLKn14zhl1D3Dswi35AMoBHU8RBq1ZsiVro1KGzxBPoGRlCPcsznHIKMzzo6tFweDMopxfcBiebTUMbm0WbqtJMdYbtOo6h9yaeigx9etDdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fcf44131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H3 200 jquery.fluidbox.min.js Show response
au.dinestle.us/wp-content/themes/zeen/assets/js/ 10 KB
4 KB 517ms
516ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/js/jquery.fluidbox.min.js?ver=2.0.5
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61de4d25638c0ac70f8c985d267e54126a7a14e0a13b8e0776c69480a5f97da

Request headers

:path: /wp-content/themes/zeen/assets/js/jquery.fluidbox.min.js?ver=2.0.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Mar 2021 16:53:58 GMT
server: cloudflare
etag: W/"272c-603fbf26-abed63;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JizNAxLODEkJvlu6EhEt75ap1Am7IAckbXyiELdaTIlc%2FWAzJ%2BaUUgEJUV1o6smJ8fv7LB3PS%2F24PND%2B7qRonXwk4nuUsbxpS587DU9ZjXC0gquWTn7m6Dp8ZlUK9dwC%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fcf54131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H3 200 functions.min.js Show response
au.dinestle.us/wp-content/themes/zeen/assets/js/ 76 KB
22 KB 700ms
699ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-content/themes/zeen/assets/js/functions.min.js?ver=4.0.9.3
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7ccdab87edb21d33b1bb6b1b89c0ccb70ed2e7c3041d4fb50c19ca13ebcb72

Request headers

:path: /wp-content/themes/zeen/assets/js/functions.min.js?ver=4.0.9.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Jun 2021 20:03:26 GMT
server: cloudflare
etag: W/"12e1a-60d0f08e-abed64;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RARqDEwKwBgXEz%2BDT44yCwXM7V%2F5gMXPXm0Le%2BTNO80d8XAf5YXhetGdGe0OW2gMBfHu9Jt39uxgXAz0YYyiI56AZd4IlrxYpe0kLW0uikuPNE5nTWvrogHT26Cyvps7iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e563fcf64131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 75ms
25ms Script
text/javascript 172.217.169.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js?ver=5.8.1

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 909
date: Tue, 14 Sep 2021 10:07:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 14 Sep 2021 12:07:37 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 1 KB
719 B 6ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:46 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 14 Sep 2022 10:22:46 GMT

GET
H2 200 e-202137.js Show response
stats.wp.com/ 9 KB
3 KB 26ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202137.js
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 04 Sep 2022 22:22:09 GMT

GET
H3 200 8oI7NKYh5bTIii8XQvo0J0Xy8KE.js Show response
au.dinestle.us/cdn-cgi/apps/body/ 605 B
1 KB 398ms
397ms Script
application/javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/cdn-cgi/apps/body/8oI7NKYh5bTIii8XQvo0J0Xy8KE.js
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/cdn-cgi/apps/head/GAqhvO3-X141Az5T4Y604Re8am0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd844296cbd329da33f152a885f7c772e966dd1144dbb89c14ec0054c6c4f13

Request headers

:path: /cdn-cgi/apps/body/8oI7NKYh5bTIii8XQvo0J0Xy8KE.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQWX0TE179PGGP2S
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-version-id: eCxUxx15iMz32I.TFN.Q_82oC6aB051v
x-amz-id-2: HGKkvDI9JZiU6a1McrQglHA/Ix3KOmR+nc9U4YQEwJ52FDCIRBVkJE/Ab2eVcQYXzwBel+jGEr0=
last-modified: Tue, 14 Sep 2021 02:19:07 GMT
server: cloudflare
etag: W/"846be395631c30bbfe029ebad96153d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FJk8UxZ1YV8ckZjjaTODyjKTc7om89DLT3HgtVmwo05VCCIYmmrfD3BvRpPxStRlaPLx7CtJJCdzHYU6sEZNH12dzQY5nuRr%2B%2F8tmN3MfMMdkJcni72HcWv2NclG4RoXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 68e8e568bb6c4131-PRG

GET
H3 200 wp-emoji-release.min.js Show response
au.dinestle.us/wp-includes/js/ 18 KB
5 KB 522ms
522ms Script
application/x-javascript 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.dinestle.us/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Jun 2021 01:15:12 GMT
server: cloudflare
etag: W/"4705-60c01620-abfac4;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEqsB3Vffn7KCDvyo1hBS6u1AZs3bD1i1uIvhEfivfkIgdBgvZirdj7lim%2Fvtdo3DN2ibFkH0sQYTIF%2BgMxFnohOpTYNEi0yoFui7BzZQwV5uZAU7Y4cSOOiOw5VRf%2BNuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68e8e568bb6e4131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 10:22:47 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6499d7a5acc01d11387b9450ce12336cbadb6846f154263c891be9eea8df6a50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 nzuchitimes-logo.png
au.dinestle.us/wp-content/uploads/2021/08/ 5 KB
6 KB 185ms
184ms Image
image/png 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.dinestle.us/wp-content/uploads/2021/08/nzuchitimes-logo.png
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65fc945172650ba18219845ac19d148dc87730a6a380c715f4379906d1cc4c3c

Request headers

:path: /wp-content/uploads/2021/08/nzuchitimes-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5022
last-modified: Thu, 12 Aug 2021 14:23:29 GMT
server: cloudflare
etag: "139e-61152ee1-abf08d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LLO34akMiaPZs0Jv6w5AAyPt9hQVfvdudkF61uYqKSdZiKXM91TZNvFgURANcLoRZgMmiuPd1qKOJ9o9sLRP9fhf2QTtRVbPp55%2FUKkTC15KyUlhcdGRMDs%2B6RhB7sYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 68e8e568fbc44131-PRG
expires: Tue, 21 Sep 2021 10:22:47 GMT

GET
H3 200 world-times.png
au.dinestle.us/wp-content/uploads/2020/07/ 5 KB
5 KB 557ms
557ms Image
image/png 172.67.207.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.dinestle.us/wp-content/uploads/2020/07/world-times.png
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.207.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b95f34976e43bddd7338391940a7bc1848d49de7da8b02274a5415d176fa7193

Request headers

:path: /wp-content/uploads/2020/07/world-times.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.dinestle.us
referer: https://au.dinestle.us/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4886
last-modified: Thu, 12 Aug 2021 13:29:54 GMT
server: cloudflare
etag: "1316-61152252-abf33f;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hsnem4i43yIuTRIyIOTs2K%2BLDkxQ56Y6WiDk7xOW6ZdEUdv%2FxIQwta1kMYLn9EflTzhOSyOYIQr0KeZBP%2BiazC9DlGLOVgOKn4V52UW0Mr7kVtY%2BX9JzbPMJvofUscg4OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 68e8e568fbc54131-PRG
expires: Tue, 21 Sep 2021 10:22:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 50ms
25ms XHR
text/plain 172.217.169.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=925924091&t=pageview&_s=1&dl=https%3A%2F%2Fau.dinestle.us%2Flogin.php&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Nzuchi%20Times%20Australia%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1227208036&gjid=1320199009&cid=248543258.1631614967&tid=UA-187610894-4&_gid=1141946202.1631614967&_r=1&_slc=1&z=1867735164

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js?ver=5.8.1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://au.dinestle.us/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 10:22:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au.dinestle.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c8dd7a14e66bf6d8ca157d32253bb801.js Show response
scripts.cleverwebserver.com/ 127 KB
51 KB 208ms
127ms Script
application/javascript 104.22.76.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/c8dd7a14e66bf6d8ca157d32253bb801.js
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.76.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2153f4f487d3a0f98a597623b45e0a94708cacf5b998feee66fcdc48deabda26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 14 Sep 2021 05:57:32 GMT
server: cloudflare
x-amz-request-id: B799E981Y6PVZE8Q
etag: W/"271344a5773ab73bfb842872eec2785f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: oAG_fkDXLXXNeNXtnGOcfEItwgj_oT8R
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 68e8e569ca314108-PRG
x-amz-id-2: o66AptKC70liVj3FS2/0wsEYRpU68i271NJaoVahndqJJX6MBU8R8/I4QppaUxNvHeyzxWKFDPw=

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 12ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.0&blog=197353820&post=0&tz=3&srv=au.dinestle.us&host=au.dinestle.us&ref=&fcp=1622&rand=0.05592344474757449
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 2431.jpg
i1.wp.com/au.dinestle.us/wp-content/uploads/2021/08/ 169 KB
170 KB 27ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/au.dinestle.us/wp-content/uploads/2021/08/2431.jpg?w=1200&ssl=1

Requested by

Host: au.dinestle.us
URL: https://au.dinestle.us/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6900806e24d334109c2b38dcdf7acfc9ef8a60675d76d13b934df6e4b50482b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Sep 2021 10:22:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 02:05:36 GMT
server: nginx
etag: "dc4b90167c99ae67"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://au.dinestle.us/wp-content/uploads/2021/08/2431.jpg>; rel="canonical"
content-length: 173426
expires: Thu, 07 Sep 2023 14:05:36 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 251 KB
93 KB 68ms
43ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377509529524445

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e43fa40c6832cda017315748d54516cc55c2d4785529f682248cd1f474389f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94967
x-xss-protection: 0
server: cafe
etag: 3426842561966430038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Sep 2021 10:22:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 9019 10 KB
5 KB 68ms
19ms Document
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7377509529524445

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210908/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dinestle.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Sep 2021 20:03:05 GMT
expires: Mon, 27 Sep 2021 20:03:05 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 51582
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
659 B 78ms
28ms Script
text/javascript 142.250.180.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=au.dinestle.us&callback=_gfp_s_&client=ca-pub-7377509529524445

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f2.1e100.net

Software

cafe /

Resource Hash

d69c5449c84d1bbc67bb88f1cadf541efb3d2157334b39010a64998b9f22b085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 75ms
27ms Script
application/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au.dinestle.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8A3 603 B
67 B 65ms
39ms Document
text/html 142.250.187.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&adk=1812271804&adf=3025194257&lmt=1631614967&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.dinestle.us%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631614967261&bpp=3&bdt=1043&idt=113&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5380622440086&frm=20&pv=2&ga_vid=248543258.1631614967&ga_sid=1631614967&ga_hid=925924091&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062524%2C44748552%2C31062297&oid=3&pvsid=2693452832318845&pem=371&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7377509529524445&output=html&adk=1812271804&adf=3025194257&lmt=1631614967&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.dinestle.us%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631614967261&bpp=3&bdt=1043&idt=113&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5380622440086&frm=20&pv=2&ga_vid=248543258.1631614967&ga_sid=1631614967&ga_hid=925924091&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062524%2C44748552%2C31062297&oid=3&pvsid=2693452832318845&pem=371&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dinestle.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Sep 2021 10:22:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Sep-2021 10:37:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 80ms
32ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273431406706"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
expires: Tue, 14 Sep 2021 10:22:47 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/ 161 B
251 B 590ms
574ms Script
text/javascript 104.22.76.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.76.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.19
Resource Hash: ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.19
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript;charset=UTF-8
cf-ray: 68e8e56aeb7a4108-PRG

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 28ms
28ms Fetch
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=dinestle.us&host=au.dinestle.us&success=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 10:22:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 52740.php Show response
sender.clevernt.com/transporter/ Frame B1C2 545 B
821 B 181ms
68ms Document
text/html 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL: https://sender.clevernt.com/transporter/52740.php?ppuc=1&ppu=0&id=535419&ref=aHR0cHM6Ly9hdS5kaW5lc3RsZS51cy9sb2dpbi5waHA%3D&ruri=&r=351182598&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=923&ts=0.603
Requested by: Host: au.dinestle.us
URL: https://au.dinestle.us/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Gondomar, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS: are.clevernt.com
Software: nginx /
Resource Hash: 669668e987f85ab4b37154684feb50e51bd27444489bb8c5687d57c9f4bfe7e9

Request headers

:method: GET
:authority: sender.clevernt.com
:scheme: https
:path: /transporter/52740.php?ppuc=1&ppu=0&id=535419&ref=aHR0cHM6Ly9hdS5kaW5lc3RsZS51cy9sb2dpbi5waHA%3D&ruri=&r=351182598&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=923&ts=0.603
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dinestle.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/

Response headers

server: nginx
date: Tue, 14 Sep 2021 10:22:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: hstpv4user=eyJJRCI6Ijc0NzQ4MjMwd2FuNjE0MDc3ZjgzNzhmNSIsIkNUUiI6IlVTIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzYzMjQ5MzA2OCIsIkxhc3RVcGRhdGUiOjE2MzE2MTQ5Njh9; expires=1663150968; path=/; domain=.clevernt.com; SameSite=None; Secure
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Tue, 14 Sep 2021 10:22:48 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 kVLpshPpWFYzfWJAH97AqF31IN8InwYsiJ0v1O1l4rJfmUunzKChr9FLQotE8TNvKQyvh-OD3N85vbUk7woW0UUo_qmuDaTtvA36M191PyqPXlN7IZFLK8fTFKxEnWvqUnzATfF0aBbIjqsm3jQevg==.html Show response
bus.clevernt.com/ Frame B1C2 369 B
328 B 146ms
40ms Document
text/html 148.69.64.74
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL: https://bus.clevernt.com/kVLpshPpWFYzfWJAH97AqF31IN8InwYsiJ0v1O1l4rJfmUunzKChr9FLQotE8TNvKQyvh-OD3N85vbUk7woW0UUo_qmuDaTtvA36M191PyqPXlN7IZFLK8fTFKxEnWvqUnzATfF0aBbIjqsm3jQevg==.html
Requested by: Host: sender.clevernt.com
URL: https://sender.clevernt.com/transporter/52740.php?ppuc=1&ppu=0&id=535419&ref=aHR0cHM6Ly9hdS5kaW5lc3RsZS51cy9sb2dpbi5waHA%3D&ruri=&r=351182598&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&wn=null&res=1600x1200&landing=1&hei=923&ts=0.603
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.74 Gondomar, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS: bus.clevernt.com
Software: nginx /
Resource Hash: 782e16fe2967e39a2f55e5bac74333254c78da103a194582b49d31f015516512

Request headers

:method: GET
:authority: bus.clevernt.com
:scheme: https
:path: /kVLpshPpWFYzfWJAH97AqF31IN8InwYsiJ0v1O1l4rJfmUunzKChr9FLQotE8TNvKQyvh-OD3N85vbUk7woW0UUo_qmuDaTtvA36M191PyqPXlN7IZFLK8fTFKxEnWvqUnzATfF0aBbIjqsm3jQevg==.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sender.clevernt.com/
accept-encoding: gzip, deflate, br
cookie: hstpv4user=eyJJRCI6Ijc0NzQ4MjMwd2FuNjE0MDc3ZjgzNzhmNSIsIkNUUiI6IlVTIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzYzMjQ5MzA2OCIsIkxhc3RVcGRhdGUiOjE2MzE2MTQ5Njh9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sender.clevernt.com/

Response headers

server: nginx
date: Tue, 14 Sep 2021 10:22:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip

GET
H2

403

starburst-hot.htm Show response
www.888casino.com/exclusive-mob/ Frame B1C2
Redirect Chain

https://mmwebhandler.aff-online.com/c/42492?sr=1099597
https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao

919 B
1 KB

97ms
16ms

Document
text/html

13.226.169.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
Requested by: Host: bus.clevernt.com
URL: https://bus.clevernt.com/kVLpshPpWFYzfWJAH97AqF31IN8InwYsiJ0v1O1l4rJfmUunzKChr9FLQotE8TNvKQyvh-OD3N85vbUk7woW0UUo_qmuDaTtvA36M191PyqPXlN7IZFLK8fTFKxEnWvqUnzATfF0aBbIjqsm3jQevg==.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.169.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-169-8.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: cd95a558b2890d0c98ce3dd30c70162cc01cee853744b3666973f482d3f0212b

Request headers

:method: GET
:authority: www.888casino.com
:scheme: https
:path: /exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bus.clevernt.com/kVLpshPpWFYzfWJAH97AqF31IN8InwYsiJ0v1O1l4rJfmUunzKChr9FLQotE8TNvKQyvh-OD3N85vbUk7woW0UUo_qmuDaTtvA36M191PyqPXlN7IZFLK8fTFKxEnWvqUnzATfF0aBbIjqsm3jQevg==.html

Response headers

server: CloudFront
date: Tue, 14 Sep 2021 10:22:48 GMT
content-type: text/html
content-length: 919
x-cache: Error from cloudfront
via: 1.1 3a0e1d5f608bda83df3702e1cc449b6a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
x-amz-cf-id: CMwuydoy10pYj9fA5JrgatgZqHoKjg4ASF2uv6_VMt5dxzFas8M8pw==

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html; charset=utf-8
expires: 0
location: https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao
server
x-aspnetmvc-version: 4.0
set-cookie: uffiliate_click_42492_1099597_=uffiliate_click_42492_1099597_; expires=Thu, 14-Oct-2021 10:22:48 GMT; path=/; SameSite=None; Secure
srv: 1231321
date: Tue, 14 Sep 2021 10:22:47 GMT
content-length: 301

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 58ms
32ms XHR
application/json 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d3ea7c5313804d66dd17dc18304d3006f69b5953a55183cef0ecdbcfaa0f1d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Sep 2021 10:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8438
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 114ms
43ms Script
text/javascript 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 10:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 14 Sep 2021 10:22:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A823 12 KB
5 KB 188ms
18ms Document
text/html 216.58.212.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.225 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams16s22-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dinestle.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 14 Sep 2021 06:20:42 GMT
expires: Wed, 14 Sep 2022 06:20:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B836 783 B
1 KB 194ms
28ms Document
text/html 142.250.187.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f4.1e100.net

Software

GSE /

Resource Hash

a7ea026e9b8e3d19e3523d961e034948e20c4bd068fabb0187d7354a825514d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q4gOgos1Bwj41Y21f9G4Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.dinestle.us/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 14 Sep 2021 10:22:49 GMT
date: Tue, 14 Sep 2021 10:22:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Q4gOgos1Bwj41Y21f9G4Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B836 0
0 92ms
91ms Image
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=2693452832318845&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mad08s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response
pagead2.googlesyndication.com/bg/ Frame A823 35 KB
13 KB 18ms
18ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f2.1e100.net

Software

sffe /

Resource Hash

eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 06:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 06:20:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=2693452832318845&bg=!FRalFlLNAAYT0U73E9E7ACkAdvg8WoEFrLGrsz0GtwC3sEFab1D3_iyXk0dV7_Y1AP7VkvMcHuZMTgIAAAB_UgAAAAtoAQcKADJqqCgOw_cCkyF0laaS4h6PIH5Wlesl6E2KRTFe-CkEEq_3J6dI6Tt-E9rg1Q2nrXMqRpkCbPQ_7XRZFyuxWpc-6XsCM15qYUVVSjcIdAB4IRSY_WgqrAISrc67fvqbwXP9-axJOYjTXnnwWY67pY59QAy-ApSLWKr3Dwgnmjig7Z4cJLUZWjlqx1P16LD4G0HyEWskI9eq4_umpfo17yf55NtWKHSqdpa7pQXwkM95LZjfIQ1aaFSB9SOTNFQMTsSsYX6soDjl_OokjhPP0HFh-6WlAOHYQ-w3Iuv71dRN6KpjfJ53BgZGCCXg80xVv8gu7gypRzsDBVjeV1w9V-3lVxjJwrobjfM7gTrs3Q24-qRaD7iBtW7EufTrO6RnXrBW-0aOxZGSQ_lMR8E9TXLYLEBTUJQCZdg3npdf3xfmEEIBJCDvZbsPELOTVWmCgjK6dUV50wT5iivjEk1jHkYMgdDmiRCJKucJA08Bvb5F92Q7um6fwP4VkPNAPtfVPOkYrpyVoWLro37cARsLtfVzIKapmP1AKHUGxKxuK8AZBt25cTRXwAIQNA3YtdoOG6m7OuzwKCKLMLfiIcd-G0lMo-I0qm-LoQrlojeoX8VA_lRk2WzT0l6tYVLe135D8LAKv83toFBhMto8jna5X-UU7l5HoJGvy6A59eosIHUHVNyATxrPxeQS-5V65VppYUJ9ooXQS1YWtXEcX06lUwd2qcgGixPTBakOsEj-YNf9gIIVpPtyi1c8RuD2qhEIF1oOba3iQv6lCu15wYKB-LFAcxBW357CcNB-Ur-8OqYodpFBdEIDNGraOFpohQdJ73EtLPI4PRzmEDbxBahNnoMZmPX3e_uZKdU0SvzcVuNeC1SPfyl_Rgz0_2Qo9ApfT6UQ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.dinestle.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Sep 2021 10:22:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dinestle.us/	1970-01-20 14:44:46	Name: _ga Value: GA1.2.248543258.1631614967
.dinestle.us/	1970-01-19 21:15:01	Name: _gid Value: GA1.2.1141946202.1631614967
.dinestle.us/	1970-01-19 21:13:35	Name: _gat Value: 1
.doubleclick.net/	1970-01-19 21:13:35	Name: test_cookie Value: CheckForPermission
.dinestle.us/	1970-01-20 06:35:10	Name: __gads Value: ID=d8698a260598dd25-223477572ccb0061:T=1631614967:RT=1631614967:S=ALNI_MZEUUAZ-dz4w_9grGXASnh8ZEPe6Q
au.dinestle.us/	1970-01-19 21:56:46	Name: clever-last-tracker-52740 Value: 1
au.dinestle.us/	1970-01-19 21:14:46	Name: clever-counter-52740 Value: 0-1
.clevernt.com/	1969-12-31 23:59:59	Name: hstpv4user Value: eyJJRCI6Ijc0NzQ4MjMwd2FuNjE0MDc3ZjgzNzhmNSIsIkNUUiI6IlVTIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzYzMjQ5MzA2OCIsIkxhc3RVcGRhdGUiOjE2MzE2MTQ5Njh9
mmwebhandler.aff-online.com/	1970-01-19 21:56:46	Name: uffiliate_click_42492_1099597_ Value: uffiliate_click_42492_1099597_

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://au.dinestle.us/login.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7377509529524445&output=html&adk=1812271804&adf=3025194257&lmt=1631614967&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fau.dinestle.us%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631614967261&bpp=3&bdt=1043&idt=113&shv=r20210908&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5380622440086&frm=20&pv=2&ga_vid=248543258.1631614967&ga_sid=1631614967&ga_hid=925924091&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062524%2C44748552%2C31062297&oid=3&pvsid=2693452832318845&pem=371&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.888casino.com/exclusive-mob/starburst-hot.htm?sr=1099597&mm_id=42492&utm_source=aff&utm_medium=casap&utm_content=100090451&utm_campaign=100090451_Luisao Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
au.dinestle.us
bus.clevernt.com
c0.wp.com
googleads.g.doubleclick.net
i1.wp.com
mmwebhandler.aff-online.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
scripts.cleverwebserver.com
sender.clevernt.com
stats.wp.com
tpc.googlesyndication.com
ui.cleverwebserver.com
www.888casino.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.22.76.91
13.226.169.8
142.250.178.2
142.250.179.226
142.250.180.2
142.250.187.196
142.250.187.226
148.69.64.74
148.69.64.76
172.217.16.226
172.217.169.78
172.67.207.226
192.0.76.3
192.0.77.2
192.0.77.37
216.58.212.225
217.147.127.42
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
077f77c9c36b6609c8aee82deb6ca41f0d4e20dbd30eecd0e77771fd09a87655
0c7ccdab87edb21d33b1bb6b1b89c0ccb70ed2e7c3041d4fb50c19ca13ebcb72
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1947bbfa54a1079d10e73adaccdcc21952faa0d6d5929e567eee24f902076fd1
2153f4f487d3a0f98a597623b45e0a94708cacf5b998feee66fcdc48deabda26
21d86ec39200e69c8758314c29df763ef2f7d362df0a85cb0b104c9647b4ed94
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
4bd844296cbd329da33f152a885f7c772e966dd1144dbb89c14ec0054c6c4f13
4d000e9f3279be211a30019fc707532f9be0c76c5fa3334f81b0a159cd881b7c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6478877a2b31716e66b1f9387cb78bd791118f110bfef35204d24dcbefb34b3f
6499d7a5acc01d11387b9450ce12336cbadb6846f154263c891be9eea8df6a50
65fc945172650ba18219845ac19d148dc87730a6a380c715f4379906d1cc4c3c
669668e987f85ab4b37154684feb50e51bd27444489bb8c5687d57c9f4bfe7e9
6900806e24d334109c2b38dcdf7acfc9ef8a60675d76d13b934df6e4b50482b3
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
756387852aec9c187327bfa587b6a252886dff244a3f1766df571549e81f3c49
782e16fe2967e39a2f55e5bac74333254c78da103a194582b49d31f015516512
8d002423a54c1a6dc121d6afd4cc71a18737362c82eb70c5c379eb78c7c7c37d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9129c109e29ecd1817d0cb37d1fb3443e3d6a12dae36ff05a275b9ba481ee972
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0ed648b3788cb18d61d64d9ba4e0ca4f9deb73fa45c5d421dddec79c710f091
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7ea026e9b8e3d19e3523d961e034948e20c4bd068fabb0187d7354a825514d0
ad293ae72ab30f2459d65c438da017fb944577514c789f2053747d38a7bb4457
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b95f34976e43bddd7338391940a7bc1848d49de7da8b02274a5415d176fa7193
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c61de4d25638c0ac70f8c985d267e54126a7a14e0a13b8e0776c69480a5f97da
cd95a558b2890d0c98ce3dd30c70162cc01cee853744b3666973f482d3f0212b
d2b716c8e60d99ff6f4252f58cb9c9612ea525e421e6d61490e7f49a2c351aba
d3ea7c5313804d66dd17dc18304d3006f69b5953a55183cef0ecdbcfaa0f1d1a
d69c5449c84d1bbc67bb88f1cadf541efb3d2157334b39010a64998b9f22b085
d7d3820cac85b4f074f0801e3c87c8c3b37b28730bfadefe6ea9a921bfce34bc
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43fa40c6832cda017315748d54516cc55c2d4785529f682248cd1f474389f3e
e94d9d4dc2b917019e391f381898fb6a4b74937d274f17001cbaf63ffefcf5df
ea6ea01b5ab23276a8aeb42c4b56ca515fb0731a80b530b2fc05c34f1a362179
eac7206bbed48c1c84d787ea935299c7e6e8ad459457b67db7e27e998cbeab4d
eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

au.dinestle.us Open in urlscan Pro 172.67.207.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

0 %IPv6

12 Domains

19 Subdomains

17 IPs

4 Countries

711 kBTransfer

1860 kBSize

9 Cookies

1 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

au.dinestle.us Open in urlscan Pro
172.67.207.226 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

17
IPs

4
Countries

711 kB
Transfer

1860 kB
Size

9
Cookies

53 HTTP transactions
3 data transactions