cilek.blob.core.windows.net Open in urlscan Pro
20.60.128.68  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 8x869j1f23.html Show response cilek.blob.core.windows.net/web/	1 KB 2 KB	413ms 101ms	Document text/html	20.60.128.68 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cilek.blob.core.windows.net/web/8x869j1f23.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.128.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 2423f22931d91e2fa65e4c22286733e4c83c5181bfe6e93c8f0a3b1be008541e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 1515 Content-MD5 bW7aDUfZNI9rL1BmB5HmaQ== Content-Type text/html Date Wed, 08 Nov 2023 12:26:21 GMT ETag 0x8DB958CE4E277D0 Last-Modified Sat, 05 Aug 2023 08:20:57 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id b92d351a-601e-0025-0a3e-12c382000000 x-ms-version 2009-09-19
GET H/1.1	200 OK	jquery.min.js Show response cilek.blob.core.windows.net/web/	86 KB 86 KB	99ms 98ms	Script text/javascript	20.60.128.68 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cilek.blob.core.windows.net/web/jquery.min.js Requested by Host: cilek.blob.core.windows.net URL: https://cilek.blob.core.windows.net/web/8x869j1f23.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.128.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb Request headers accept-language de-DE,de;q=0.9 Referer https://cilek.blob.core.windows.net/web/8x869j1f23.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Wed, 08 Nov 2023 12:26:21 GMT Last-Modified Sat, 05 Aug 2023 07:42:41 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 prY1DulKPqdFlcBly/WK8A== ETag 0x8DB95878C566C7F Content-Type text/javascript x-ms-request-id b92d3597-601e-0025-763e-12c382000000 x-ms-version 2009-09-19 Content-Length 88147
GET H/1.1	200 OK	cloakan.js Show response cilek.blob.core.windows.net/web/	309 B 718 B	517ms 229ms	Script text/javascript	20.60.128.68 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cilek.blob.core.windows.net/web/cloakan.js Requested by Host: cilek.blob.core.windows.net URL: https://cilek.blob.core.windows.net/web/8x869j1f23.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.128.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 98160d16e23afc381965f4a4419834532fa5a53f2f9821fd66419c14703151c3 Request headers accept-language de-DE,de;q=0.9 Referer https://cilek.blob.core.windows.net/web/8x869j1f23.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Wed, 08 Nov 2023 12:26:22 GMT Last-Modified Sat, 05 Aug 2023 07:42:40 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 SS+KII9lqYaH6XtpuF+O2Q== ETag 0x8DB95878C2996AD Content-Type text/javascript x-ms-request-id b92d36a8-601e-0025-6f3e-12c382000000 x-ms-version 2009-09-19 Content-Length 309
GET H/1.1	200 OK	style.css cilek.blob.core.windows.net/web/	166 B 568 B	518ms 231ms	Stylesheet text/css	20.60.128.68 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cilek.blob.core.windows.net/web/style.css Requested by Host: cilek.blob.core.windows.net URL: https://cilek.blob.core.windows.net/web/8x869j1f23.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.128.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5 Request headers accept-language de-DE,de;q=0.9 Referer https://cilek.blob.core.windows.net/web/8x869j1f23.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Wed, 08 Nov 2023 12:26:22 GMT Last-Modified Sat, 05 Aug 2023 07:42:40 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 9ruAIrm4XHnQO3/sM8J0AQ== ETag 0x8DB95878C2A59DE Content-Type text/css x-ms-request-id 95f5503a-201e-001b-383e-1254fd000000 x-ms-version 2009-09-19 Content-Length 166
GET H2	200	px.php Show response www.cloakan.co/	55 B 321 B	326ms 193ms	XHR text/html	77.245.159.14 NIOBEBILISIMHIZME...
General Check archive.org Show headers Download Go to Full URL https://www.cloakan.co/px.php?id=8x869j1f23 Requested by Host: cilek.blob.core.windows.net URL: https://cilek.blob.core.windows.net/web/8x869j1f23.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR), Reverse DNS stilgar.wlsrv.com Software LiteSpeed / PHP/7.3.33 Resource Hash a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2 Request headers accept-language de-DE,de;q=0.9 Referer https://cilek.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:22 GMT content-encoding br server LiteSpeed x-powered-by PHP/7.3.33 vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8 access-control-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 45
GET H2	200	nv.php Show response www.cloakan.co/	253 B 399 B	422ms 318ms	Script text/html	77.245.159.14 NIOBEBILISIMHIZME...
General Check archive.org Show headers Download Go to Full URL https://www.cloakan.co/nv.php?id=8x869j1f23-m Requested by Host: cilek.blob.core.windows.net URL: https://cilek.blob.core.windows.net/web/cloakan.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR), Reverse DNS stilgar.wlsrv.com Software LiteSpeed / PHP/7.3.33 Resource Hash e6b46e09d048bb99506a7e2a8d1632f502b17634c55b3a8d4f45e8889bdbb6a6 Request headers accept-language de-DE,de;q=0.9 Referer https://cilek.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:22 GMT content-encoding br server LiteSpeed x-powered-by PHP/7.3.33 vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 126
GET H2	200	/ Show response kepez-37-nolu-asm.business.site/ Frame 3DFD	194 KB 62 KB	165ms 106ms	Document text/html	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://kepez-37-nolu-asm.business.site/ Requested by Host: www.cloakan.co URL: https://www.cloakan.co/nv.php?id=8x869j1f23-m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b39e7857a31b8346e423499698f6eadc10a3e313356c103675ad1b7d26d80178 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ZtYHZcNnljR4sT2zr0cAig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cilek.blob.core.windows.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-ZtYHZcNnljR4sT2zr0cAig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy unsafe-none date Wed, 08 Nov 2023 12:26:24 GMT expires Mon, 01 Jan 1990 00:00:00 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF server-timing gfet4t7; dur=93 x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
GET H2	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/am=EAZpEAgAAQ/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das2ZtlwRMVMTW80Dv6OCwla0O972JA/ Frame 3DFD	187 KB 67 KB	51ms 15ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/am=EAZpEAgAAQ/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das2ZtlwRMVMTW80Dv6OCwla0O972JA/m=_b,_tp Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba213912df8160a6a74cc0fb788a4dcb60d52744b06aadc7680340b4397b2cf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 21:22:50 GMT content-encoding gzip x-content-type-options nosniff age 54214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67578 x-xss-protection 0 last-modified Mon, 06 Nov 2023 08:04:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/geo-boq-js-css-signers" vary Accept-Encoding report-to {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 06 Nov 2024 21:22:50 GMT
GET H2	200	icon fonts.googleapis.com/ Frame 3DFD	616 B 463 B	58ms 23ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons+Extended Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 08 Nov 2023 12:26:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 08 Nov 2023 12:26:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 08 Nov 2023 12:26:24 GMT
GET H2	200	css fonts.googleapis.com/ Frame 3DFD	2 KB 1 KB	57ms 23ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Architects+Daughter:400|Roboto:400 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0e02c1aac8a5181f1178ab947f5e519601842e76de8cdbc8e614e4a5af8bc70e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 08 Nov 2023 12:26:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 08 Nov 2023 11:50:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 08 Nov 2023 12:26:24 GMT
POST H2	204	cspreport kepez-37-nolu-asm.business.site/_/GeoMerchantPrestoSiteUi/ Frame 3DFD	0 321 B	65ms 65ms	Other text/html	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://kepez-37-nolu-asm.business.site/_/GeoMerchantPrestoSiteUi/cspreport Requested by Host: cilek.blob.core.windows.net URL: https://cilek.blob.core.windows.net/web/8x869j1f23.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-QQLbIv7r7fDgKgRUE3GNBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://kepez-37-nolu-asm.business.site/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 08 Nov 2023 12:26:24 GMT content-security-policy script-src 'report-sample' 'nonce-QQLbIv7r7fDgKgRUE3GNBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin server-timing gfet4t7; dur=51 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin-allow-popups server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2 fonts.gstatic.com/s/architectsdaughter/v18/ Frame 3DFD	13 KB 13 KB	54ms 18ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/architectsdaughter/v18/KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Architects+Daughter:400|Roboto:400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://kepez-37-nolu-asm.business.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 01 Nov 2023 21:34:24 GMT x-content-type-options nosniff age 571920 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13156 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:51:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 31 Oct 2024 21:34:24 GMT
GET H2	200	kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 fonts.gstatic.com/s/materialiconsextended/v149/ Frame 3DFD	159 KB 159 KB	63ms 28ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://kepez-37-nolu-asm.business.site/ Origin https://kepez-37-nolu-asm.business.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 21:25:49 GMT x-content-type-options nosniff age 313235 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 162924 x-xss-protection 0 last-modified Thu, 25 Aug 2022 00:15:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 03 Nov 2024 21:25:49 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3DFD	15 KB 16 KB	49ms 13ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Architects+Daughter:400|Roboto:400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://kepez-37-nolu-asm.business.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 19:40:17 GMT x-content-type-options nosniff age 146767 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 05 Nov 2024 19:40:17 GMT
GET H2	200	AF1QipNwR7O9gD0Yi4EXvXXwMs8IkEURFXOMsGL5egX2=w1080-h608-p-no-v0 lh3.googleusercontent.com/p/ Frame 3DFD	40 KB 41 KB	263ms 25ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipNwR7O9gD0Yi4EXvXXwMs8IkEURFXOMsGL5egX2=w1080-h608-p-no-v0 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 5e1294f501b565f66cca4c26da388a6cf3f49d1eb4626e8d550dfa3f479da119 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vf3" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="2021-02-13.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41406 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipMibDqjzAyH_3jH8LSy8HTq-iUZNZwUoim_H2Fe=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	120 KB 120 KB	333ms 95ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipMibDqjzAyH_3jH8LSy8HTq-iUZNZwUoim_H2Fe=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash d5973b127d7085801fbd5fa1de59cd2b9f7e757e836a2fc9d7b20504a1ebcc34 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd9" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="2021-01-29.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123201 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipPAaUc5CYNip2uINszy32jVNxPGrP1LfNMBeXpI=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	62 KB 62 KB	340ms 103ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipPAaUc5CYNip2uINszy32jVNxPGrP1LfNMBeXpI=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9a30255d7d1d9733f0228585864a3a2d28ac735eac316e90c1d9b630bcc6a334 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG-20210129-WA0045.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63697 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipMeOcVIudeteXOPaWqEmI6w_S20NLS2ALExc65u=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	45 KB 45 KB	354ms 117ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipMeOcVIudeteXOPaWqEmI6w_S20NLS2ALExc65u=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 613794371670be4092c279d333af347b0b09724bfafbee30cfbeb34237ad1d76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG-20210129-WA0042.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46314 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipO_G4QcXzQJBNEpEzsQskpvOySQiew7bVtaW3Ld=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	55 KB 56 KB	290ms 53ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipO_G4QcXzQJBNEpEzsQskpvOySQiew7bVtaW3Ld=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9e264f8a053e314c5854f1fcfb0dec4ae47b93d8ff55ff9b8b41ac32109245b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG-20210129-WA0040.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56751 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipMM2amxNf5ZaJgpl_y_20ecCsWKcPHdV9dTedxh=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	50 KB 50 KB	326ms 89ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipMM2amxNf5ZaJgpl_y_20ecCsWKcPHdV9dTedxh=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash bcf1e6c87d8ec40c10f54808e6482ee939880ab03fec27f461a0690323b81d26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG-20210129-WA0039.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51298 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipMlRJdvH1YklU1azaP_ZSwSIR76Aoi6FLYTED-c=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	36 KB 36 KB	97ms 96ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipMlRJdvH1YklU1azaP_ZSwSIR76Aoi6FLYTED-c=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 0888ecf1235fd27f3c3a7711178e062e9e3616023ffbb33e782429702f659699 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG-20210129-WA0038.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36864 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipNXsgKiSlhAdVS7VJSz1m3HBOr374jM4B210NSt=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	56 KB 56 KB	116ms 116ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipNXsgKiSlhAdVS7VJSz1m3HBOr374jM4B210NSt=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ff5bba30159066e313f520f5225e9c3c44497067dc83759ff4b3fa2d2cf74594 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG-20210129-WA0033.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57573 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipMpEo1ILsOH3Gw26W6wXfqCftw366biunFi_Ct6=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	38 KB 38 KB	113ms 113ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipMpEo1ILsOH3Gw26W6wXfqCftw366biunFi_Ct6=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 495ddd846e3b831f90767cb8d4dddc4220e148eda6a13de2e127f71daaa93db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vd1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="IMG-20210129-WA0032.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39119 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	AF1QipNwR7O9gD0Yi4EXvXXwMs8IkEURFXOMsGL5egX2=w960-h960-n-o-v1 lh3.googleusercontent.com/p/ Frame 3DFD	34 KB 34 KB	115ms 114ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/p/AF1QipNwR7O9gD0Yi4EXvXXwMs8IkEURFXOMsGL5egX2=w960-h960-n-o-v1 Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 423c9db4a803e7a1eb3fb75e6b5cb4f6c4733157798e392bb28afb44fcdecec6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT x-content-type-options nosniff server fife etag "vf3" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="2021-02-13.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34700 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 3DFD	52 KB 21 KB	239ms 201ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 08 Nov 2023 11:49:42 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2204 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 08 Nov 2023 13:49:42 GMT
GET H2	200	api.js Show response www.gstatic.com/feedback/ Frame 3DFD	40 KB 16 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/feedback/api.js Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a4ff98b8a43b0415a004ddc0730597e486357a6026047c49490bda998883b490 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15558 x-xss-protection 0 pragma no-cache last-modified Wed, 08 Nov 2023 11:02:42 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="product-feedback-gathering" vary Accept-Encoding, Origin report-to {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]} content-type text/javascript cache-control no-cache, must-revalidate accept-ranges bytes expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	api.js Show response apis.google.com/js/ Frame 3DFD	18 KB 8 KB	282ms 30ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Wed, 08 Nov 2023 12:26:26 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7112 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "241a6a66017d8392" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Wed, 08 Nov 2023 12:26:26 GMT
GET H2	200	staticmap maps.googleapis.com/maps/api/ Frame 3DFD	139 KB 139 KB	300ms 264ms	Image image/jpeg	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://maps.googleapis.com/maps/api/staticmap?scale=1&size=1600x900&style=feature:poi.business|visibility:off&style=feature:water|visibility:simplified&style=feature:road|element:labels.icon|visibility:off&style=feature:road.highway|element:labels|saturation:-90|lightness:25&format=jpg&language=tr&region=TR&markers=color:0xddaa44|36.9720047,30.7016369&zoom=16&client=google-presto&signature=9JBg1uD_XDW8Ci3fM8SyCDfxpqk Requested by Host: kepez-37-nolu-asm.business.site URL: https://kepez-37-nolu-asm.business.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash f65b76bf68b34e10a0753d296ec54debd15369a26f23b4e928bc33980fde99f4 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Wed, 08 Nov 2023 12:26:26 GMT server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 server-timing gfet4t7; dur=66 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 141826 x-xss-protection 0 expires Thu, 09 Nov 2023 12:26:26 GMT
GET DATA	200 OK	truncated / Frame 3DFD	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3DFD	12 KB 12 KB	15ms 14ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Architects+Daughter:400|Roboto:400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://kepez-37-nolu-asm.business.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 11:32:51 GMT x-content-type-options nosniff age 348814 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 03 Nov 2024 11:32:51 GMT
GET H3	200	m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KU... Show response www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=_b,_tp/excm=_b,_tp,siteview/ed=... Frame 3DFD	249 KB 87 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=_b,_tp/excm=_b,_tp,siteview/ed=1/wt=2/ujg=1/rs=AD4das00ehMQKmyh7xeajKaHTyhwr0WmPQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yEQyxe:p8L0ob;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/am=EAZpEAgAAQ/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das2ZtlwRMVMTW80Dv6OCwla0O972JA/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 125bff45b40f9516c0faac4320f4a9b377ca8e84e9467c119fa4b13fc81c400d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 21:22:50 GMT content-encoding gzip x-content-type-options nosniff age 54216 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 89273 x-xss-protection 0 last-modified Fri, 03 Nov 2023 17:47:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/geo-boq-js-css-signers" vary Accept-Encoding report-to {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 06 Nov 2024 21:22:50 GMT
GET H3	200	m=JbzNG,iSvg6e,uY3Nvd,hr05tc Show response www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame 3DFD	36 KB 12 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,siteview/ed=1/wt=2/ujg=1/rs=AD4das00ehMQKmyh7xeajKaHTyhwr0WmPQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yEQyxe:p8L0ob;yxTchf:KUM7Z;zxnPse:GkRiKb/m=JbzNG,iSvg6e,uY3Nvd,hr05tc Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/am=EAZpEAgAAQ/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das2ZtlwRMVMTW80Dv6OCwla0O972JA/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca333edbb17e9cb1db2bd159b44f54f9992dd94a8f6e7a0bf957eb9663ca8e23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 21:28:19 GMT content-encoding gzip x-content-type-options nosniff age 53887 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11989 x-xss-protection 0 last-modified Fri, 03 Nov 2023 17:47:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/geo-boq-js-css-signers" vary Accept-Encoding report-to {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 06 Nov 2024 21:28:19 GMT
GET H3	200	m=RqjULd Show response www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame 3DFD	18 KB 6 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,hr05tc,iSvg6e,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,uY3Nvd,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,siteview/ed=1/wt=2/ujg=1/rs=AD4das00ehMQKmyh7xeajKaHTyhwr0WmPQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yEQyxe:p8L0ob;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/am=EAZpEAgAAQ/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das2ZtlwRMVMTW80Dv6OCwla0O972JA/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7ebdd60aa2a29d5acf62fb3e322d7e0fb49f285994a3cc952b8b5974d3ed53f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 21:28:19 GMT content-encoding gzip x-content-type-options nosniff age 53887 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6332 x-xss-protection 0 last-modified Fri, 03 Nov 2023 17:47:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/geo-boq-js-css-signers" vary Accept-Encoding report-to {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 06 Nov 2024 21:28:19 GMT
GET H3	200	m=bm51tf Show response www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame 3DFD	1 KB 726 B	14ms 14ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,hr05tc,iSvg6e,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,uY3Nvd,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,siteview/ed=1/wt=2/ujg=1/rs=AD4das00ehMQKmyh7xeajKaHTyhwr0WmPQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yEQyxe:p8L0ob;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/am=EAZpEAgAAQ/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das2ZtlwRMVMTW80Dv6OCwla0O972JA/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1db3ab6ded0d480ad84c3250241d3bfe384642a026cdf8e3cc8e488f03c764c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 21:28:19 GMT content-encoding gzip x-content-type-options nosniff age 53887 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 699 x-xss-protection 0 last-modified Fri, 03 Nov 2023 17:47:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/geo-boq-js-css-signers" vary Accept-Encoding report-to {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 06 Nov 2024 21:28:19 GMT
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame 3DFD	3 KB 2 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.xNIIwCWp0iQ.L.B1.O/am=EAZpEAgAAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,hr05tc,iSvg6e,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,uY3Nvd,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,siteview/ed=1/wt=2/ujg=1/rs=AD4das00ehMQKmyh7xeajKaHTyhwr0WmPQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yEQyxe:p8L0ob;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.Fd2yLbQr_os.es5.O/am=EAZpEAgAAQ/d=1/excm=_b,_tp,siteview/ed=1/dg=0/wt=2/ujg=1/rs=AD4das2ZtlwRMVMTW80Dv6OCwla0O972JA/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cfca39075a2270ee8ec04a5674e94962663d8d1a4a23f1320b115d0d30d97b21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://kepez-37-nolu-asm.business.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 21:28:19 GMT content-encoding gzip x-content-type-options nosniff age 53887 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1678 x-xss-protection 0 last-modified Fri, 03 Nov 2023 17:47:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/geo-boq-js-css-signers" vary Accept-Encoding report-to {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 06 Nov 2024 21:28:19 GMT

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 20:27:37	Name: NID Value: 511=IIHN025ORXetYMtJAmn1rrL4eLgC4L-ly0V878MtpqK3rf0HJxHDDQ-DC62kuE1LvMw3xTCJonclRWANqyy3juAem-eufwusa7_iwBjHHUe2aftugGaV83HvEBr24WzaT21kuivNtisFteY8YkTD9LqRsg8csg1svYnpi_VpInM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cilek.blob.core.windows.net
fonts.googleapis.com
fonts.gstatic.com
kepez-37-nolu-asm.business.site
lh3.googleusercontent.com
maps.googleapis.com
www.cloakan.co
www.google-analytics.com
www.gstatic.com
20.60.128.68
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
77.245.159.14
04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f
0888ecf1235fd27f3c3a7711178e062e9e3616023ffbb33e782429702f659699
0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6
0e02c1aac8a5181f1178ab947f5e519601842e76de8cdbc8e614e4a5af8bc70e
125bff45b40f9516c0faac4320f4a9b377ca8e84e9467c119fa4b13fc81c400d
1db3ab6ded0d480ad84c3250241d3bfe384642a026cdf8e3cc8e488f03c764c6
1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80
2423f22931d91e2fa65e4c22286733e4c83c5181bfe6e93c8f0a3b1be008541e
284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
423c9db4a803e7a1eb3fb75e6b5cb4f6c4733157798e392bb28afb44fcdecec6
495ddd846e3b831f90767cb8d4dddc4220e148eda6a13de2e127f71daaa93db7
5e1294f501b565f66cca4c26da388a6cf3f49d1eb4626e8d550dfa3f479da119
613794371670be4092c279d333af347b0b09724bfafbee30cfbeb34237ad1d76
7ebdd60aa2a29d5acf62fb3e322d7e0fb49f285994a3cc952b8b5974d3ed53f6
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
98160d16e23afc381965f4a4419834532fa5a53f2f9821fd66419c14703151c3
9a30255d7d1d9733f0228585864a3a2d28ac735eac316e90c1d9b630bcc6a334
9e264f8a053e314c5854f1fcfb0dec4ae47b93d8ff55ff9b8b41ac32109245b1
a4ff98b8a43b0415a004ddc0730597e486357a6026047c49490bda998883b490
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2
b39e7857a31b8346e423499698f6eadc10a3e313356c103675ad1b7d26d80178
ba213912df8160a6a74cc0fb788a4dcb60d52744b06aadc7680340b4397b2cf6
bcf1e6c87d8ec40c10f54808e6482ee939880ab03fec27f461a0690323b81d26
ca333edbb17e9cb1db2bd159b44f54f9992dd94a8f6e7a0bf957eb9663ca8e23
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cfca39075a2270ee8ec04a5674e94962663d8d1a4a23f1320b115d0d30d97b21
d5973b127d7085801fbd5fa1de59cd2b9f7e757e836a2fc9d7b20504a1ebcc34
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b46e09d048bb99506a7e2a8d1632f502b17634c55b3a8d4f45e8889bdbb6a6
f65b76bf68b34e10a0753d296ec54debd15369a26f23b4e928bc33980fde99f4
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff5bba30159066e313f520f5225e9c3c44497067dc83759ff4b3fa2d2cf74594