www.nordkurier.de Open in urlscan Pro
2606:4700:10::6816:17c3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Submission: On April 14 via manual (April 14th 2021, 12:46:08 pm UTC) from PL

Summary HTTP 67 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 16 domains to perform 67 HTTP transactions. The main IP is 2606:4700:10::6816:17c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nordkurier.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 25th 2020. Valid for: a year.

This is the only time www.nordkurier.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:10:... 2606:4700:10::6816:17c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
6	99.84.156.97 99.84.156.97	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20e8:3e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	99.84.153.196 99.84.153.196	16509 (AMAZON-02) (AMAZON-02)
1	35.201.77.229 35.201.77.229	15169 (GOOGLE) (GOOGLE)
1 2	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
5	2606:4700:303... 2606:4700:3030::6815:3b17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
67	24

27 2606:4700:10::6816:17c3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nordkurier.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.84.156.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-97.txl52.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e8:3e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.153.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-153-196.txl52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.77.229 (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdns.yieldscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.100.40 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::6815:3b17 (United States)

ASN13335 (CLOUDFLARENET, US)

trmcdn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	nordkurier.de www.nordkurier.de	2 MB
7	google.com cse.google.com www.google.com clients1.google.com	168 KB
6	privacy-mgmt.com cdn.privacy-mgmt.com	69 KB
5	trmcdn.eu trmcdn.eu	215 KB
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	16 KB
3	googlesyndication.com pagead2.googlesyndication.com	131 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	googleapis.com www.googleapis.com fonts.googleapis.com	829 B
2	cloudflare.com cdnjs.cloudflare.com	31 KB
2	geoedge.be rumcdn.geoedge.be	33 KB
2	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	109 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	yieldscale.com cdns.yieldscale.com	336 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
1	googletagservices.com www.googletagservices.com	21 KB
67	16

	Domain	Requested by
27	www.nordkurier.de	www.nordkurier.de
6	cdn.privacy-mgmt.com	www.nordkurier.de rumcdn.geoedge.be cdn.privacy-mgmt.com
5	trmcdn.eu	www.nordkurier.de
4	www.google.com	cse.google.com www.nordkurier.de
3	c.amazon-adsystem.com	www.nordkurier.de c.amazon-adsystem.com
3	pagead2.googlesyndication.com	www.nordkurier.de pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	www.nordkurier.de
2	de.ioam.de	1 redirects www.nordkurier.de
2	rumcdn.geoedge.be	www.nordkurier.de rumcdn.geoedge.be
2	cse.google.com	www.nordkurier.de www.google.com
1	fonts.googleapis.com	cdn.privacy-mgmt.com
1	clients1.google.com	www.nordkurier.de
1	www.googleapis.com	www.nordkurier.de
1	cdn.jsdelivr.net	cdns.yieldscale.com
1	cdns.yieldscale.com	www.nordkurier.de
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.googletagmanager.com	www.nordkurier.de
1	www.googletagservices.com	www.nordkurier.de
1	script.ioam.de	www.nordkurier.de
67	21

This site contains links to these domains. Also see Links.

Domain
partnersuche.nordkurier.de
familie.nordkurier.de
jobs.nordkurier.de
www.nordkurier-reisen.de
www.ikiosk.de
themenwelten.nordkurier.de
www.nordkurier-mediengruppe.de
www.nordkurier-briefdienst.de
www.nordkurier-druck.de
www.meckpomm.de
www.mecklenbook.de
www.um-tv.de
www.good-stock.de
nordkurier.media-box.de
cmp.nordkurier.de
shop.nordkurier.de

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-25` - `2021-08-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh
*.privacy-mgmt.com R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
rumcdn.geoedge.be Amazon	`2020-10-02` - `2021-11-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
cdns.yieldscale.com GTS CA 1D4	`2021-03-30` - `2021-06-28`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Frame ID: 2B6A30E609014AA4ADCCB2901EE36127
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html
Frame ID: 8307835B1EED5EBADCA346599B60FC77
Requests: 1 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
Frame ID: 0F77CB8D27D661101CD4C7A3EE291812
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

67
Requests

100 %
HTTPS

74 %
IPv6

16
Domains

21
Subdomains

24
IPs

2
Countries

3312 kB
Transfer

7106 kB
Size

13
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://partnersuche.nordkurier.de/
Title: Partnersuche

Search URL Search Domain Scan URL

URL: https://familie.nordkurier.de/
Title: Familie

Search URL Search Domain Scan URL

URL: https://jobs.nordkurier.de/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.nordkurier-reisen.de/
Title: Reisen

Search URL Search Domain Scan URL

URL: https://www.ikiosk.de/shop/epaper/nordkurier.html
Title: Kaufen

Search URL Search Domain Scan URL

URL: https://themenwelten.nordkurier.de/keine-zeiten-fuer-alleswisser-aber-fuer-tippgeber-schon-114499
Title: Beruf & Karriere Keine Zeiten für Alleswisser, aber für Tippgeber schon

Search URL Search Domain Scan URL

URL: https://themenwelten.nordkurier.de/fuer-einstieg-und-aufstieg-114489
Title: Beruf & Karriere Für Einstieg und Aufstieg

Search URL Search Domain Scan URL

URL: https://themenwelten.nordkurier.de/schrumpfkurs-bei-ausbildung-114484
Title: Beruf & Karriere Schrumpfkurs bei Ausbildung?

Search URL Search Domain Scan URL

URL: https://themenwelten.nordkurier.de/schnupper-runde-beim-freiwilligendienst-114476
Title: Beruf & Karriere Schnupper-Runde beim Freiwilligendienst

Search URL Search Domain Scan URL

URL: https://themenwelten.nordkurier.de/endlich-das-erste-eigene-geld-114470
Title: Beruf & Karriere Endlich: Das erste eigene Geld

Search URL Search Domain Scan URL

URL: http://www.nordkurier-mediengruppe.de/
Title: Nordkurier Mediengruppe

Search URL Search Domain Scan URL

URL: http://www.nordkurier-briefdienst.de/
Title: Nordkurier Logistik Brief + Paket

Search URL Search Domain Scan URL

URL: http://www.nordkurier-druck.de/
Title: Nordkurier Druck

Search URL Search Domain Scan URL

URL: http://www.meckpomm.de/
Title: MeckPomm.de

Search URL Search Domain Scan URL

URL: https://www.mecklenbook.de/
Title: Mecklenbook

Search URL Search Domain Scan URL

URL: http://www.um-tv.de/
Title: UM.tv

Search URL Search Domain Scan URL

URL: https://www.good-stock.de/e-commerce-fulfillment/shopify-fulfillment/
Title: Fulfillment Service für Shopify Shop

Search URL Search Domain Scan URL

URL: http://nordkurier.media-box.de/
Title: Mediabox

Search URL Search Domain Scan URL

URL: https://cmp.nordkurier.de/
Title: Cookie Management

Search URL Search Domain Scan URL

URL: https://shop.nordkurier.de/Abo
Title: Abo

Search URL Search Domain Scan URL

URL: https://shop.nordkurier.de/service
Title: Aboservice

Search URL Search Domain Scan URL

URL: https://shop.nordkurier.de/
Title: Shop

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://de.ioam.de/tx.io?st=nordkuri&cp=Ratgeber&sc=yes&sv=ke&co=kommentar&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.nordkurier.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=0017&i2=0017f67571d9d0ad16076e3f7&ep=1640218599&vr=423&id=qn28vx&i3=0017f67571d9d0ad16076e3f7%3A1647780343974%3A1618404343974%3A.nordkurier.de%3A1%3Anordkuri%3ARatgeber%3Anoevent%3A1618404343974&n1=1&dntt=0&lt=1618404343978&ev=&cs=nat0hg&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=nordkuri&cp=Ratgeber&sc=yes&sv=ke&co=kommentar&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.nordkurier.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=0017&i2=0017f67571d9d0ad16076e3f7&ep=1640218599&vr=423&id=qn28vx&i3=0017f67571d9d0ad16076e3f7%3A1647780343974%3A1618404343974%3A.nordkurier.de%3A1%3Anordkuri%3ARatgeber%3Anoevent%3A1618404343974&n1=1&dntt=0&lt=1618404343978&ev=&cs=nat0hg&mo=1&sr=71

67 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html Show response
www.nordkurier.de/ratgeber/ 2 MB
1 MB 92ms
64ms Document
text/html 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b349171f32fe5738bca6761a67fe2f9c62d4ab13c7884e9f08edf9e76068ce53

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	allow-from nordkuriercrmtest.crm4.dynamics.com

Request headers

:method: GET
:authority: www.nordkurier.de
:scheme: https
:path: /ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d47b5db978139be2553bf06b222a038af1618404343; expires=Fri, 14-May-21 12:45:43 GMT; path=/; domain=.nordkurier.de; HttpOnly; SameSite=Lax; Secure 1a6a442eb9a448b3bd56be90b1d98072=WyIyOTg0MTIwNjU1Il0; Expires=Thu, 15-Apr-21 12:44:33 GMT; Domain=www.nordkurier.de; Path=/; HttpOnly
x-content-type-options: nosniff nosniff
drupal-pagecache-memcache: MISS
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: public, max-age=300
content-language: de
x-frame-options: allow-from nordkuriercrmtest.crm4.dynamics.com
x-generator: Nordkurier.de
link: <https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html>; rel="canonical",<https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html>; rel="shortlink"
last-modified: Wed, 14 Apr 2021 12:44:32 GMT
vary: Cookie,Accept-Encoding
x-varnish: 5903176 2542152
age: 70
via: 1.1 varnish (Varnish/5.2)
x-varnish-cache: HIT
cf-cache-status: DYNAMIC
cf-request-id: 09720395d90000c27c25abd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63fd08695b92c27c-FRA
content-encoding: br

GET
H2 200 PT_Sans-Web-Regular.ttf
www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/PT_Sans/ 260 KB
132 KB 54ms
53ms Font
application/font-sfnt 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/PT_Sans/PT_Sans-Web-Regular.ttf

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3895f89eac8f79ffb30fb97580265c9cdb3a8027935444ef6727ae40db5e7ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nordkurier.de
Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976067
content-encoding: br
cf-request-id: 09720396260000c27c30aef000000001
x-varnish: 11681521 12652198
last-modified: Thu, 04 Feb 2021 08:09:35 GMT
server: cloudflare
etag: W/"4111c-5ba7e396a80c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-sfnt
cache-control: public, max-age=11229800
cf-ray: 63fd0869dc1ac27c-FRA

GET
H2 200 icomoon.ttf
www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/IcoMoon/fonts/ 77 KB
39 KB 46ms
46ms Font
application/font-sfnt 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/IcoMoon/fonts/icomoon.ttf?hg8jnv

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99a80c32ad0e61a248f522a589300c114673faa3b19fea71a653902914f96e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nordkurier.de
Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976067
content-encoding: br
cf-request-id: 09720396270000c27c58282000000001
x-varnish: 9752511 11904119
last-modified: Wed, 03 Feb 2021 10:21:54 GMT
server: cloudflare
etag: W/"1334c-5ba6bf4c21364"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-sfnt
cache-control: public, max-age=11229800
cf-ray: 63fd0869dc1bc27c-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

452299bf973d96a1602d92ae67d7b7f16fc74ada4032467ecb96881fdb776b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48496
x-xss-protection: 0
server: cafe
etag: 14493341862605126176
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 12:45:43 GMT

GET
H2 200 css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
www.nordkurier.de/sites/default/files/css/ 7 KB
2 KB 41ms
36ms Stylesheet
text/css 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976067
content-encoding: br
cf-request-id: 097203962b0000c27c9d026000000001
x-varnish: 11009897
last-modified: Tue, 19 Jan 2021 09:53:37 GMT
server: cloudflare
etag: W/"8a9-5b93dcffe6b2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=11229800
cf-ray: 63fd0869dc25c27c-FRA

GET
H2 200 css_jOTPo8ZzgDoWh-3Dm0BvWb_TPd1r6ri_U_BeIGA80Yw.css
www.nordkurier.de/sites/default/files/css/ 22 KB
3 KB 30ms
26ms Stylesheet
text/css 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/css/css_jOTPo8ZzgDoWh-3Dm0BvWb_TPd1r6ri_U_BeIGA80Yw.css

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce4cfa3c673803a1687edc39b406f59bfd33ddd6beab8bf53f05e20603cd18c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 519402
content-encoding: br
cf-request-id: 097203962b0000c27c388cd000000001
x-varnish: 6133800
last-modified: Thu, 08 Apr 2021 10:09:13 GMT
server: cloudflare
etag: W/"d8f-5bf733d3d84cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=11229800
cf-ray: 63fd0869dc27c27c-FRA

GET
H2 200 css_JJEmFK0tziqhOOhXBbUrglQNzmfpjEFEX6P7El3N67w.css
www.nordkurier.de/sites/default/files/css/ 10 KB
3 KB 25ms
21ms Stylesheet
text/css 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/css/css_JJEmFK0tziqhOOhXBbUrglQNzmfpjEFEX6P7El3N67w.css

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24912614ad2dce2aa138e85705b52b82540dce67e98c41445fa3fb125dcdebbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976067
content-encoding: br
cf-request-id: 097203962b0000c27cb0a0b000000001
x-varnish: 9752512
last-modified: Tue, 12 Jan 2021 16:52:46 GMT
server: cloudflare
etag: W/"aae-5b8b6da22c18e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=11229800
cf-ray: 63fd0869dc28c27c-FRA

GET
H2 200 css_ibrnQjIpUn1dGKexhNl0VZqgrdzr1Hkyl13hUx7tQDk.css
www.nordkurier.de/sites/default/files/css/ 2 KB
774 B 23ms
19ms Stylesheet
text/css 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/css/css_ibrnQjIpUn1dGKexhNl0VZqgrdzr1Hkyl13hUx7tQDk.css

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bae7423229527d5d18a7b184d974559aa0addcebd47932975de1531eed4039

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4938830
content-encoding: br
cf-request-id: 097203962c0000c27c4c313000000001
x-varnish: 695107
last-modified: Tue, 16 Feb 2021 08:49:21 GMT
server: cloudflare
etag: W/"2b6-5bb702db8c20d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=11229800
cf-ray: 63fd0869dc29c27c-FRA

GET
H2 200 css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css
www.nordkurier.de/sites/default/files/css/ 76 KB
13 KB 31ms
28ms Stylesheet
text/css 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/css/css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03b6f454c63c6fab9440b107ad03290d743d1ba75478f102b10991d9b576260

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4075704
content-encoding: br
cf-request-id: 097203962d0000c27c688fe000000001
x-varnish: 6477361
last-modified: Thu, 25 Feb 2021 13:37:42 GMT
server: cloudflare
etag: W/"3762-5bc2941838024"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=11229800
cf-ray: 63fd0869dc2bc27c-FRA

GET
H2 200 js_wKyFX46tVKJtPKN12qNjRfS4aubW4G2u7LK22vlDiKo.js Show response
www.nordkurier.de/sites/default/files/js/ 130 KB
44 KB 41ms
37ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_wKyFX46tVKJtPKN12qNjRfS4aubW4G2u7LK22vlDiKo.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0ac855f8ead54a26d3ca375daa36345f4b86ae6d6e06daeecb2b6daf94388aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4940816
content-encoding: br
cf-request-id: 097203962c0000c27c7ba61000000001
x-varnish: 467062
last-modified: Tue, 19 Jan 2021 09:53:37 GMT
server: cloudflare
etag: W/"b3d5-5b93dcffed88b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd0869ec2dc27c-FRA

GET
H2 200 js_daid75V0XKh_J6wv5AdtiQtkL9mI6J_XJAC4-2-InPI.js Show response
www.nordkurier.de/sites/default/files/js/ 51 KB
16 KB 36ms
33ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_daid75V0XKh_J6wv5AdtiQtkL9mI6J_XJAC4-2-InPI.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a89def95745ca87f27ac2fe4076d890b642fd988e89fd72400b8fb6f889cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2332868
content-encoding: br
cf-request-id: 097203962c0000c27cb2194000000001
x-varnish: 10486194
last-modified: Thu, 18 Mar 2021 12:39:59 GMT
server: cloudflare
etag: W/"43ad-5bdcee5cade69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd0869ec2ec27c-FRA

GET
H2 200 js_dd7AFCE6MyWIVd05uErKwuf888mSlmTW8RYzhj_bJRA.js Show response
www.nordkurier.de/sites/default/files/js/ 151 KB
41 KB 46ms
43ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_dd7AFCE6MyWIVd05uErKwuf888mSlmTW8RYzhj_bJRA.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75dec014213a33258855dd39b84acac2e7fcf3c9929664d6f11633863fdb2510

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2396861
content-encoding: br
cf-request-id: 097203962c0000c27c97171000000001
x-varnish: 5637869
last-modified: Wed, 17 Mar 2021 08:26:33 GMT
server: cloudflare
etag: W/"abb7-5bdb73d9d7ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd0869ec2fc27c-FRA

GET
H2 200 js_qdr8xfHD_lrKXSls700z_usw-J4C-T0YDzcTLgj0Eso.js Show response
www.nordkurier.de/sites/default/files/js/ 10 KB
4 KB 24ms
21ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_qdr8xfHD_lrKXSls700z_usw-J4C-T0YDzcTLgj0Eso.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9dafcc5f1c3fe5aca5d296cef4d33feeb30f89e02f93d180f37132e08f412ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4938972
content-encoding: br
cf-request-id: 097203962d0000c27c2f196000000001
x-varnish: 1942345
last-modified: Tue, 16 Feb 2021 08:49:09 GMT
server: cloudflare
etag: W/"eae-5bb702d09955c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd0869ec31c27c-FRA

GET
H2 200 js_goKZOkjSB_PhGzQ78t-Y2X8SA7OkilARfO6ahjq5New.js Show response
www.nordkurier.de/sites/default/files/js/ 3 KB
1 KB 25ms
24ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_goKZOkjSB_PhGzQ78t-Y2X8SA7OkilARfO6ahjq5New.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8282993a48d207f3e11b343bf2df98d97f1203b3a48a50117cee9a863ab935ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4936556
content-encoding: br
cf-request-id: 09720396300000c27c939e9000000001
x-varnish: 173444
last-modified: Tue, 19 Jan 2021 09:54:00 GMT
server: cloudflare
etag: W/"4db-5b93dd15ad094"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd0869ec37c27c-FRA

GET
H2 200 js_HExkb_xga5b22lWF8gLi8Xe_DAGxdawCwZcKGmdAMIw.js Show response
www.nordkurier.de/sites/default/files/js/ 4 KB
2 KB 23ms
22ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_HExkb_xga5b22lWF8gLi8Xe_DAGxdawCwZcKGmdAMIw.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c4c646ffc606b96f6da5585f202e2f177bf0c01b175ac02c1970a1a6740308c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4763126
content-encoding: br
cf-request-id: 09720396300000c27c4ea80000000001
x-varnish: 7804797
last-modified: Thu, 18 Feb 2021 09:38:52 GMT
server: cloudflare
etag: W/"686-5bb991a82eb69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd0869ec38c27c-FRA

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=016080730690978638615:aclo6jgktdi

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

9dc025d516fe7351d9310d1cc04e06ae4401bc7136d30d86749289a8ef5ea4d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3460
x-xss-protection: 0
expires: Wed, 14 Apr 2021 12:45:43 GMT

GET
H2 200 js_kvpjs2qLLDGGpLFcAC5cXDrAi_8s-gRmcfGRVHO_CY4.js Show response
www.nordkurier.de/sites/default/files/js/ 7 KB
2 KB 33ms
32ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_kvpjs2qLLDGGpLFcAC5cXDrAi_8s-gRmcfGRVHO_CY4.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fa63b36a8b2c3186a4b15c002e5c5c3ac08bff2cfa046671f1915473bf098e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4940798
content-encoding: br
cf-request-id: 09720396340000c27c513ac000000001
x-varnish: 1324457
last-modified: Fri, 12 Feb 2021 10:27:03 GMT
server: cloudflare
etag: W/"a07-5bb2113c6f469"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd0869ec3bc27c-FRA

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 48 KB
14 KB 195ms
88ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
Software: nginx / BLACKBIRD-SRC v0.13 0017
Resource Hash: 7fd17d5b28c85e25dd3d6b9d916ba750ba0c29ff1c07387c958160c6d5520a19

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 12:45:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 12:45:43 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 0017
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Wed, 14 Apr 2021 14:45:43 GMT

OPTIONS
H2 200 native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 202ms
97ms Preflight
text/html 99.84.156.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1061%2C%22requestUUID%22%3A%22252ba91b-50d0-4330-b3fe-54523fa58cfd%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.nordkurier.de%2Fratgeber%2Fes-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.nordkurier.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 99.84.156.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-97.txl52.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.nordkurier.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=utf-8
content-length: 13
date: Wed, 14 Apr 2021 12:45:43 GMT
x-powered-by: Express
access-control-allow-origin: https://www.nordkurier.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
allow: POST,GET,HEAD
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: DbKTOTnTtFuV1H07v4YuPC_yansJtgLia0y14ci_MWGBtIP9JjNeQg==

GET
H2 200 native-message Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 332 KB
17 KB 124ms
118ms XHR
application/json 99.84.156.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1061%2C%22requestUUID%22%3A%22252ba91b-50d0-4330-b3fe-54523fa58cfd%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.nordkurier.de%2Fratgeber%2Fes-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.nordkurier.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/sites/default/files/js/js_dd7AFCE6MyWIVd05uErKwuf888mSlmTW8RYzhj_bJRA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-97.txl52.r.cloudfront.net
Software: / Express
Resource Hash: 73daf6112c3e7bbbec93748f86a6a75cb0cf6fc856021974d9e984a50908b58b

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-encoding: gzip
x-amz-cf-pop: TXL52-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nordkurier.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: 3LoTcnw7oQf7lVmWO8hQw08f5LwyY9xstn9mkUAJpDTgiTncaZsooA==
via: 1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ff711cf78ebfa3c9e8bd545ebe64513c66927edc75a6b0828e4e886c2fa0a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "842 / 82 of 1000 / last-modified: 1618398539"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20925
x-xss-protection: 0
expires: Wed, 14 Apr 2021 12:45:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 147 KB
47 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKLB37

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c6897ba45ee6d851cd16ffdb13f6b55fa74fc24f6bd34cfaa24e222ad32abce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48161
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Apr 2021 12:45:43 GMT

GET
DATA 200
OK truncated
/ 64 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0c0be0a72171fc128c6f682b9d7c96616141bffdcdab5264292435166a70a50

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 43 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6005429f1a366624d247f9534e2f8c07c4f0296dac6906736a3865e09a3a2d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 56 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 946eafc1d49f00aab584fd21e8fa1cafb840287aeddcd6ca020cfcee47460dcf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 74 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e86b0f05e5391fcb07643a1c2f049443a671b1ecb7a2cbb614074000341e6d56

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 72 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08f06be318d3841e2dcf02aca4057cf361ba9a2fee6d1a0a8b19dad37d08591

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 logo_nordkurier.png
www.nordkurier.de/sites/all/themes/custom/nordkurier2013/images/ 16 KB
16 KB 19ms
18ms Image
image/png 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/all/themes/custom/nordkurier2013/images/logo_nordkurier.png

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/sites/default/files/css/css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73efa3c6048e9ab950db21c267279960356bbc74505e713c6380ff16539735dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/sites/default/files/css/css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976064
content-type: image/png
content-length: 16372
cf-request-id: 09720396e60000c27c200d7000000001
last-modified: Thu, 04 Feb 2021 08:09:35 GMT
server: cloudflare
etag: "3ff4-5ba7e396a9060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 12652278
cache-control: public, max-age=11229800
accept-ranges: bytes
cf-ray: 63fd086b0da1c27c-FRA

GET
H2 200 DejaVu-Sans.woff
www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/DejaVu/ 25 KB
25 KB 41ms
39ms Font
application/font-woff 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/DejaVu/DejaVu-Sans.woff

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/sites/default/files/css/css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

931b67bbdf14e0c9895163111489019925a8d9193876efd823148168d763e52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nordkurier.de
Referer: https://www.nordkurier.de/sites/default/files/css/css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976066
content-encoding: br
cf-request-id: 09720396e80000c27c63a05000000001
x-varnish: 12035140
last-modified: Thu, 04 Feb 2021 08:09:35 GMT
server: cloudflare
etag: W/"630c-5ba7e396a1360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=11229800
cf-ray: 63fd086b0da7c27c-FRA

GET
H2 200 DejaVu-Sans-Bold.woff
www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/DejaVu/ 24 KB
25 KB 20ms
19ms Font
application/font-woff 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/all/themes/custom/nordkurier2013/fonts/DejaVu/DejaVu-Sans-Bold.woff

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/sites/default/files/css/css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e09403bd55b7740b4cb4e2e1ebe6132d8a1da0414e78a6960164077c2385d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nordkurier.de
Referer: https://www.nordkurier.de/sites/default/files/css/css_oDtvRUxjxvq5RAsQetAykNdD0bp1R48QKxCZHZtXYmA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976066
content-encoding: br
cf-request-id: 09720396e90000c27c25ac9000000001
x-varnish: 12035144
last-modified: Thu, 04 Feb 2021 08:09:35 GMT
server: cloudflare
etag: W/"61d0-5ba7e396a03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=11229800
cf-ray: 63fd086b0da8c27c-FRA

GET
DATA 200
OK truncated
/ 44 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f228abc5eea4f794a7da3b2adaed2f1b2554f997eb505a41a0fc14cd125121c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 54 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2e26acbea59df9e43b49ac5e1c6ff2aa205c58535c08b985fcce1836e2844ac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 27 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b2e043091b149273679592415d4aa0f6053a4e926d5547b3979607fe9c18220

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 275 KB
90 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=016080730690978638615:aclo6jgktdi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 07:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 536675
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92401
x-xss-protection: 0
expires: Fri, 08 Apr 2022 07:41:08 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=016080730690978638615:aclo6jgktdi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 07:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 536675
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Fri, 08 Apr 2022 07:41:08 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=016080730690978638615:aclo6jgktdi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 11:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 2996
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Wed, 14 Apr 2021 12:45:47 GMT

GET
H2 200 pubads_impl_2021040804.js Show response
securepubads.g.doubleclick.net/gpt/ 296 KB
104 KB 181ms
59ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 19:24:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106480
x-xss-protection: 0
expires: Wed, 14 Apr 2021 12:45:43 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/ 222 KB
83 KB 57ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7351608356042114&plah=www.nordkurier.de&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84808
x-xss-protection: 0
server: cafe
etag: 12939789125640300468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 12:45:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/ Frame 8307 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210412/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nordkurier.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nordkurier.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Apr 2021 19:32:04 GMT
expires: Tue, 27 Apr 2021 19:32:04 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 62019
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84417b8b1d1a367d7dc6c6e52d493cb9aba06ec80d1fc60e7fa2241522604ada

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 nk.jpg
www.nordkurier.de/sites/default/files/epaper-preview/ 337 KB
338 KB 25ms
24ms Image
image/jpeg 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/default/files/epaper-preview/nk.jpg?2021-04-14-14

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1f79b3b79bd26ab330268510bc56484bcc904914f8b6d01b74fa87d8771c134

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:43 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2724
cf-ray: 63fd086cb86dc27c-FRA
content-length: 345188
cf-request-id: 09720397f50000c27c41274000000001
last-modified: Tue, 13 Apr 2021 22:30:09 GMT
server: cloudflare
etag: "54464-5bfe22c3ff790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2462554
cache-control: public, max-age=11229800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/e1a02409-364c-4a32-9ad1-c51f69b5e739/ 11 KB
5 KB 51ms
12ms Script
application/javascript 2600:9000:20e8:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e1a02409-364c-4a32-9ad1-c51f69b5e739/grumi-ip.js
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1299ce67397a707e7293ce99272f03b906402a6e5471f7ebc00c190f66a054af

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:37:46 GMT
content-encoding: br
last-modified: Wed, 17 Mar 2021 12:14:37 GMT
server: AmazonS3
age: 478
etag: W/"5a4a9f26eb1aa954674403d3fafcaabf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: wF7gWvHhTf56IV2lZd.j22QLNh7iwxHu
via: 1.1 458f29e42261f01e7368474593f44b66.cloudfront.net (CloudFront)
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop: TXL52-C1
content-type: application/javascript
x-amz-cf-id: dCgXIRWcnHEfttpn87CCH56wfR6cdSRiMDa-PnrAdUS01TpVXis0dQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 300ms
124ms Script
application/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: Server /
Resource Hash: 2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:39:49 GMT
content-encoding: gzip
server: Server
age: 354
etag: 9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: 11GrZ4vbIcrQ20hh8BdcRvzkMaiC0j9l
x-amz-cf-id: S9f5-7itQwpuEi4zW-JLoYkuk5yxIW4USFgcWzHYxd7pW3HY2zcCBA==

GET
H2 200 prebid.js Show response
cdns.yieldscale.com/ 335 KB
336 KB 175ms
68ms Script
text/javascript 35.201.77.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.yieldscale.com/prebid.js
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.77.229 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156e21cc56df2aad1ef25ec51bb30b304504b3dc7d66868a59ac457a24268e52

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:43 GMT
age: 0
x-guploader-uploadid: ABg5-UxCSkoB85EpsqduYDDeU4OsvYvLBPCsqD8GKcDi-z_DuEHASibnqkT8SnJLP2bFS-zOSqqCnt90tIGF_xrQb9U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 343248
last-modified: Tue, 09 Mar 2021 16:59:54 GMT
server: UploadServer
etag: "73381ca9f9c04dddedbd86a81d7ad0da"
x-goog-hash: crc32c=sJpfrw==, md5=czgcqfnATd3tvYaoHXrQ2g==
x-goog-generation: 1615309194543994
cache-control: no-cache
x-goog-stored-content-length: 343248
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 14 Apr 2022 12:45:43 GMT

GET
DATA 200
OK truncated
/ 49 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69de4cf25b80c3e67ed84eaa54adf42215256bcafe7d9515234ef624a41516ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 49 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76fe2b8d83d5193ef0db3a4f5d6fcdb45774978198bea1a44deb56a4e82c7bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 44 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aaa7a33054991f4cc05e88cf36260ab3d4fed114190df73952ceeba4ba7719d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=nordkuri&cp=Ratgeber&sc=yes&sv=ke&co=kommentar&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.nordkurier.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=0017&i2=0017f67571d9...
https://de.ioam.de/tx.io?st=nordkuri&cp=Ratgeber&sc=yes&sv=ke&co=kommentar&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.nordkurier.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=0017&i2=0017f67571d9...

0
717 B

57ms
56ms

Script
application/x-javascript

91.215.100.40
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=nordkuri&cp=Ratgeber&sc=yes&sv=ke&co=kommentar&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.nordkurier.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=0017&i2=0017f67571d9d0ad16076e3f7&ep=1640218599&vr=423&id=qn28vx&i3=0017f67571d9d0ad16076e3f7%3A1647780343974%3A1618404343974%3A.nordkurier.de%3A1%3Anordkuri%3ARatgeber%3Anoevent%3A1618404343974&n1=1&dntt=0&lt=1618404343978&ev=&cs=nat0hg&mo=1&sr=71
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de4.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 0036
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 12:45:44 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 0036
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Wed, 14 Apr 2021 12:45:44 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 0036
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Wed, 14 Apr 2021 12:45:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=nordkuri&cp=Ratgeber&sc=yes&sv=ke&co=kommentar&ct=0100000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.nordkurier.de&xy=1600x1200x24&lo=PL%2FMazowieckie&cb=0017&i2=0017f67571d9d0ad16076e3f7&ep=1640218599&vr=423&id=qn28vx&i3=0017f67571d9d0ad16076e3f7%3A1647780343974%3A1618404343974%3A.nordkurier.de%3A1%3Anordkuri%3ARatgeber%3Anoevent%3A1618404343974&n1=1&dntt=0&lt=1618404343978&ev=&cs=nat0hg&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Tue, 14 Apr 2020 12:45:44 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e1a02409-364c-4a32-9ad1-c51f69b5e739/ 88 KB
29 KB 19ms
16ms Script
text/javascript 2600:9000:20e8:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e1a02409-364c-4a32-9ad1-c51f69b5e739/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e1a02409-364c-4a32-9ad1-c51f69b5e739/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac537bf59368130f203060350628ae92f86cc8e0d756ef04ae900b5dc3f36e20

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:37:46 GMT
content-encoding: br
last-modified: Wed, 14 Apr 2021 12:30:09 GMT
server: AmazonS3
age: 479
etag: W/"739a0c60836a733afcdcdaa5fb058aa2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: qCdJEJwvy.XrjOhM3t.8_OE.JXtVH43h
via: 1.1 458f29e42261f01e7368474593f44b66.cloudfront.net (CloudFront)
cache-control: public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: TXL52-C1
content-type: text/javascript
x-amz-cf-id: TEHJnRRQ49SvTn3kNRcSTd-1g64kDxOZmkIzBvE2jPg4UYDhqM_FeQ==

GET
DATA 200
OK truncated
/ 68 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6302432cf939e58905ea7edbc9a8492ece2a4e175e6e0a07eb2fe68869fbb8ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 60 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d691949da9ec4d94673057b7c0434a4bcd5d39381c7f667cbf82e68b22dcabc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 6ms
6ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210414

Requested by

Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3638b591fff866351eae88d2ac43ca5464f35fec200609ec6c21e489ebafc6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16761
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 928
etag: W/"677-u0rjPBclpotvIWt5TtHHL1/z7nM"
x-served-by: cache-fra19126-FRA
date: Wed, 14 Apr 2021 12:45:44 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 88 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 791a749a1dc5a6dbfba5ed703810f594a8c6013712f9cfb54f98ed01ae436d92

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 96ms
95ms XHR
text/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3873&u=https%3A%2F%2Fwww.nordkurier.de%2Fratgeber%2Fes-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html&pid=uXg8rvJQBlJUW&cb=0&ws=1600x1200&v=7.61.00&t=1500&slots=%5B%7B%22sd%22%3A%22leaderboard_1%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22medium_rectangle_1%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22skyscraper_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%7D%2C%7B%22sd%22%3A%22skyscraper_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%7D%5D&cfgv=0&gdpre=1&gdprc=CPEmPLvPEmPLvAGABCENBVCgAAAAAH_AAB5YAAAO6AIMAAUAgCFsAAQIFCIQAAQBiQAAAAFFCIBQJIAEqgAWVwEUoAEACAxAQgQAgBBQgwCAAQAAJKAgBACwQCAAiAQAAgAEAIAAEJBILACQEAAAFAJCBAiACECAgiAAg5DAgIgCCAFABAAAuJDACAMosACBBgBUIAJUgKCAAIC6BEAoAKwAywBqADsAIAAUsA1gB1QD5AMCEgAwAHADnASWEABgDNAXkAyMJASAAQADwAKwAiQBlgDUAH6AQAApYBigDWAG0AN4AfIBMQCZQGBAMGCgBAAdgC-AGEAksMABAXQGgGgBWAGWANQAdgBAACCgFLANYAbwA6oB8gEVAMCDgAwAHAGyASWOABAAOAPkOgEgA-ACsANQAsQBcwDFAHUAXaA0QeADABUAZkBJZIACAT4lAJAAQADwANoAiQBhAGKAOoAu0B2oyAQAI4AZYA1AB2AFLAN4AmIBgQqASAI4AZYA1AB2AFLAN4AmIBgQDciEAgARwA1AChgGKAOoAu0BogDtSIAIAFQBmSkAYAoYBcwDaAK2AXaA7UqADABUAD4BJYAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: TXL52-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.nordkurier.de
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: P2mXC8qJNLr4s1PBW5dtQharjNyt7mPwrmES5D24usAyQNXZH8j8DQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 151ms
49ms XHR
application/javascript 99.84.153.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-153-196.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 60855
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Tue, 13 Apr 2021 19:51:30 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5e73c9f0818a1864e592f61fe6506072.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: 8Ta7AC2-anq8YEKpspYVV29h8F-RNsfu2PeDCkirpUXzvPEASXYhaw==

GET
DATA 200
OK truncated
/ 40 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45f17783f271dd3d1ddadf5e2f3ab755d40bdc322537e4be777abd51a36623a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 62 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad5fdf597fb6cb5556c74098c4e35a5fd932d334d96a252c6a2dad4a6085a96d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 88 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1574860263d6c730ef2fdcb342e81c4399e6547e6959279f8d593cc906ec3c19

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 55 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0a301121619daca9cda02821f47859d0581be1341092fab45666db707e17ffb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 58 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d89213a593175f3be8d008c181c1c2edd5ca0200f33c8e5998117eb59bd9d46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 image_knqu65.jpg
trmcdn.eu/system-images/Thumbnails/ 15 KB
16 KB 49ms
12ms Image
image/jpeg 2606:4700:3030::6815:3b17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trmcdn.eu/system-images/Thumbnails/image_knqu65.jpg
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3b17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e9b5b73d032db6bc7f0dda928c9198ac37216d0668a91dbf1d4f73188f5039

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2361499
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0972039a6900004e92d395d000000001
last-modified: Thu, 22 Oct 2020 09:41:09 GMT
server: cloudflare
etag: W/"5f9153b5-3b7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BKMtehfkVXR0628EIL%2FMI31%2FfXWlKSt4lf%2BUmxgQZL95IWEp4pHyubUJ%2BLGfKlO4bcJ8AW2Xi5AXLjQfVkCF8%2BCRAjl7k1i7eIS2z%2FjJyLwD9kLrXyk%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 63fd0870ab514e92-FRA
expires: Sat, 17 Apr 2021 04:47:25 GMT

GET
H2 200 image_SclKeC.jpg
trmcdn.eu/system-images/Thumbnails/ 52 KB
52 KB 64ms
28ms Image
image/jpeg 2606:4700:3030::6815:3b17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trmcdn.eu/system-images/Thumbnails/image_SclKeC.jpg
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3b17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425ddc39c64f744d46dae053edb48be089325a9c1ff2c2f4da9a0a1b718079f7

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 900391
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0972039a6900004e926dba3000000001
last-modified: Fri, 23 Oct 2020 06:38:46 GMT
server: cloudflare
etag: W/"5f927a76-cfff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F1HSzFchT6xE40ys7t68f%2FBo9Z0V6bVHyMwpp5pfjeKZm%2FHx7xXM%2F7StGTW0jBkoe3%2FftcHjxfHktX5u2zYt3e6Z%2BfX1witQ8D1FYDjsgZDWUdw%2F3i8%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 63fd0870ab554e92-FRA
expires: Tue, 04 May 2021 02:39:13 GMT

GET
H2 200 image_MR9Hhj.jpg
trmcdn.eu/system-images/Thumbnails/ 48 KB
48 KB 49ms
13ms Image
image/jpeg 2606:4700:3030::6815:3b17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trmcdn.eu/system-images/Thumbnails/image_MR9Hhj.jpg
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3b17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5856600b528b29c3a27a17368972744655401cf29558642c93105930ce094870

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 878959
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0972039a6900004e92ce2f2000000001
last-modified: Fri, 23 Oct 2020 06:39:05 GMT
server: cloudflare
etag: W/"5f927a89-bfe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GZh9krogGYk09LtrGNABb9sh5iqfqLqmE0aQEhe44ztWT3AsKhCW42ueO6YIe96WnPTV9sWUXk1ZlFB7SqN215F2xsgM2fXbHEP%2BUMl1yINegI36Y4s%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 63fd0870ab564e92-FRA
expires: Tue, 04 May 2021 08:36:25 GMT

GET
H2 200 image_q1iex0.jpg
trmcdn.eu/system-images/Thumbnails/ 70 KB
71 KB 64ms
28ms Image
image/jpeg 2606:4700:3030::6815:3b17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trmcdn.eu/system-images/Thumbnails/image_q1iex0.jpg
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3b17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a8627e5a8feecf9b9dd389c3ad792ed3fe3f9c13a356003d641dbd25d5624a

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 630702
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0972039a6a00004e9293166000000001
last-modified: Fri, 23 Oct 2020 06:39:25 GMT
server: cloudflare
etag: W/"5f927a9d-1198a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OiShT95mbkgDjDROsN7cx5YThuz9hzXv9TSAc81mT0a0dk4OvMbdmbKatfzySdEX1N8vdjWM%2BDRZkezvZv%2BRruM8ncXYzBri97goh9CJyiBBTcSPqzk%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 63fd0870ab574e92-FRA
expires: Fri, 07 May 2021 05:34:02 GMT

GET
H2 200 image_WyFhvA.jpg
trmcdn.eu/system-images/Thumbnails/ 27 KB
28 KB 63ms
29ms Image
image/jpeg 2606:4700:3030::6815:3b17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trmcdn.eu/system-images/Thumbnails/image_WyFhvA.jpg
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3b17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad0d354ae7d821ac243fcf43a3aeeee3db5d7d32e42994cd11b63e18bbf2954

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 718081
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0972039a6a00004e92d99f5000000001
last-modified: Fri, 23 Oct 2020 06:39:42 GMT
server: cloudflare
etag: W/"5f927aae-6cc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=phXsu%2FARsMBgy%2BdP%2FFpTN%2F62meAUkWFGg0KgefmZZenfDGgiBA6XX9ZfcK%2BBeG4hpdKeCOD5jlf24K78bGfk4L6IRgAV%2BnPZ8Wfkg%2FWVp2PFjQ624F0%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 63fd0870ab584e92-FRA
expires: Thu, 06 May 2021 05:17:43 GMT

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/ 125 KB
29 KB 26ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1707968
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28876
cf-request-id: 0972039a4e00004e0de5a78000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1f3be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jdXkiVIAwXZQoUSapz%2BJ%2FW5vZXhqsotUe1tMMxhH4KfFf8v5a6EnRUZd3RohvliAcgVabmFVRyN7wK0dAUh%2BAXY9kAp6w1HjtUPtLDLL%2F0dDmltOpdzqBA8ZHZeaqVmYHA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63fd08707bbc4e0d-FRA
expires: Mon, 04 Apr 2022 12:45:44 GMT

GET
H2 200 js_eeWNS3OLrTqBCG0mg_lgNmwdhJYlGRJ6C54yxLxmnWM.js Show response
www.nordkurier.de/sites/default/files/js/ 2 KB
805 B 25ms
21ms Script
text/javascript 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nordkurier.de/sites/default/files/js/js_eeWNS3OLrTqBCG0mg_lgNmwdhJYlGRJ6C54yxLxmnWM.js

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e58d4b738bad3a81086d2683f960366c1d84962519127a0b9e32c4bc669d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5976065
content-encoding: br
cf-request-id: 0972039a4f0000c27cb21d4000000001
x-varnish: 11817529
last-modified: Tue, 12 Jan 2021 16:52:55 GMT
server: cloudflare
etag: W/"2be-5b8b6daa3d924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=11229800
cf-ray: 63fd08707d60c27c-FRA

GET
DATA 200
OK truncated
/ 57 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 045d019f898605579f7045c31a275149be3db29282fb1c501be8ffb46462e682

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/ 19 KB
3 KB 24ms
24ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/sites/default/files/js/js_daid75V0XKh_J6wv5AdtiQtkL9mI6J_XJAC4-2-InPI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1952537
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2581
cf-request-id: 0972039a8b00004e0d59870000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K9m5eOtZ%2FKR5msc6mdvYOWH3z%2FsKRRZAEHcSKrL7ODhaH%2BHDrI%2FyncgmBywfPxLC3w31q7A6JJqMO%2BHi1%2FeJd7JrDBN387qf87K9JDZOBMXLUj6EU0ViPcOJZpDeIZvUAg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63fd0870dc594e0d-FRA
expires: Mon, 04 Apr 2022 12:45:44 GMT

GET
H2 200 ajax-loader.gif
www.nordkurier.de/sites/all/modules/contrib/views_infinite_scroll/images/ 404 B
665 B 86ms
82ms Image
image/gif 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/all/modules/contrib/views_infinite_scroll/images/ajax-loader.gif

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Tue, 13 Apr 2021 01:09:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 5159549
content-type: image/gif
accept-ranges: bytes
cf-ray: 63fd0870fdf3c27c-FRA
content-length: 404
cf-request-id: 0972039a980000c27c9c319000000001

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/ Frame 0F77 4 KB
2 KB 156ms
52ms Document
text/html 99.84.156.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e1a02409-364c-4a32-9ad1-c51f69b5e739/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-97.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60effd373d81355362c0687756ba19e849ed437ebdff6ee60876f42fa5a8fbb

Request headers

:method: GET
:authority: cdn.privacy-mgmt.com
:scheme: https
:path: /index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nordkurier.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nordkurier.de/

Response headers

content-type: text/html
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 14 Apr 2021 12:08:58 GMT
etag: W/"4f1eae5345c39a34cb9bac5635394aaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ffa01f5c992a803f4470401daea2d541.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: voZk-dImMsieUFCPrp2tPtYFOi3lhSQzyhCV6jqOISCX4BKdWl9dXw==
age: 2207

GET
H3-Q050 200 async-ads.js Show response
cse.google.com/adsense/search/ 178 KB
62 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b68c75974725eea1642c61bce3b1a2af00370ec4170bac315d005e46e09c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "17912944079908054913"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 14 Apr 2021 12:45:44 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
37 B 9ms
5ms Image
text/plain 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 10ms
7ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 268926
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1512
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
37 B 8ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:45:44 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 doc7fclo4zm1ja14njsk1co7_file7c9bea04ucz1ha2on23gt.jpg
www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/14/ 33 KB
33 KB 25ms
19ms Image
image/jpeg 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/14/doc7fclo4zm1ja14njsk1co7_file7c9bea04ucz1ha2on23gt.jpg

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c62ed4eb004d7f3b294a00327d2c0de8a9d973a946e41ea3489671f0cf1d09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13488
cf-ray: 63fd08714e58c27c-FRA
content-length: 33515
cf-request-id: 0972039ad10000c27c22b09000000001
last-modified: Wed, 14 Apr 2021 09:00:42 GMT
server: cloudflare
etag: "82eb-5bfeafb4b0888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 4883056
cache-control: public, max-age=11229800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 doc7fclo4zm1ja14njsk1co7_file7fclit45ln7oysn6kxh.jpg
www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/14/ 26 KB
26 KB 26ms
21ms Image
image/jpeg 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/14/doc7fclo4zm1ja14njsk1co7_file7fclit45ln7oysn6kxh.jpg

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394f26211935ee529a97419adce23d7dfedf16ecb71a33051b7607cf612ceef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12711
cf-ray: 63fd08714e5bc27c-FRA
content-length: 26756
cf-request-id: 0972039ad10000c27c39000000000001
last-modified: Wed, 14 Apr 2021 09:02:30 GMT
server: cloudflare
etag: "6884-5bfeb01b73bdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 3927219
cache-control: public, max-age=11229800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 doc7fa5raerctv17v1clg7z_file6prusn18ura167ypfb5v.jpg
www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/09/ 33 KB
33 KB 20ms
14ms Image
image/jpeg 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/09/doc7fa5raerctv17v1clg7z_file6prusn18ura167ypfb5v.jpg

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882a32a5a8796cdab4c674293612bf4f8910a2cc8fcaed5dcd3f8aaf76e9db64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 372903
cf-ray: 63fd08715e60c27c-FRA
content-length: 33743
cf-request-id: 0972039ad30000c27c9d069000000001
last-modified: Sat, 10 Apr 2021 05:08:03 GMT
server: cloudflare
etag: "83cf-5bf9743dc2a66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 11131338
cache-control: public, max-age=11229800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 aufruf_rezepteinsendung_1800x1000.jpg
www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/2021/04/09/ 42 KB
42 KB 23ms
17ms Image
image/jpeg 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/2021/04/09/aufruf_rezepteinsendung_1800x1000.jpg

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936bcb2355e353f4d5ca25bb2dd4c5317744ad24cdd33e6f1d5a4a1b480a2803

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 372758
cf-ray: 63fd08715e63c27c-FRA
content-length: 42550
cf-request-id: 0972039ad40000c27c8936a000000001
last-modified: Sat, 10 Apr 2021 05:07:47 GMT
server: cloudflare
etag: "a636-5bf9742f0521b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 11131505
cache-control: public, max-age=11229800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 doc7fbkjib0d381d3vhr94n_file7fbj23410rsl7qke1zi3.jpg
www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/12/ 40 KB
40 KB 26ms
21ms Image
image/jpeg 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/12/doc7fbkjib0d381d3vhr94n_file7fbj23410rsl7qke1zi3.jpg

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72841144cdad809dc89b6c784314ba30fabb500bb8c71821614008930b02a4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 184865
cf-ray: 63fd08715e68c27c-FRA
content-length: 41258
cf-request-id: 0972039ad40000c27ca5bd9000000001
last-modified: Mon, 12 Apr 2021 09:23:47 GMT
server: cloudflare
etag: "a12a-5bfc31226d2f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 15715619
cache-control: public, max-age=11229800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 doc7fb22pqhb9lwn4ye26k_file7f9w7zyn9pl117ksd9dh.jpg
www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/11/ 25 KB
25 KB 24ms
19ms Image
image/jpeg 2606:4700:10::6816:17c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nordkurier.de/sites/default/files/styles/artikel_bild_640px/public/dcx/images/2021/04/11/doc7fb22pqhb9lwn4ye26k_file7f9w7zyn9pl117ksd9dh.jpg

Requested by

Host: www.nordkurier.de
URL: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:17c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed276ade9140239c72c2cec6dd475d9a3794dc3f61e392ae50546fe375e7c9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nordkurier.de/ratgeber/es-gibt-keine-gefahr-jemanden-beim-einkaufen-zu-infizieren-0238940804.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 14 Apr 2021 12:45:44 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 274648
cf-ray: 63fd08715e6bc27c-FRA
content-length: 25858
cf-request-id: 0972039ad60000c27c513ef000000001
last-modified: Sun, 11 Apr 2021 08:27:36 GMT
server: cloudflare
etag: "6502-5bfae2b65ab1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 14518877
cache-control: public, max-age=11229800
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 Notice.37f30.css
cdn.privacy-mgmt.com/ Frame 0F77 29 KB
5 KB 53ms
53ms Stylesheet
text/css 99.84.156.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.37f30.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-97.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:08:59 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
age: 2206
etag: W/"227670f327655cdc0f6317b8d0f58d27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ffa01f5c992a803f4470401daea2d541.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: arHc615p3_JQkVPybq2TUdIwy7u_xAKFCTTg9lfvN046_T-VX1NOYA==

GET
H2 200 polyfills.65071.js Show response
cdn.privacy-mgmt.com/ Frame 0F77 5 KB
2 KB 60ms
59ms Script
application/javascript 99.84.156.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.65071.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-97.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:08:59 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
age: 2206
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ffa01f5c992a803f4470401daea2d541.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: zCWEry9vwEEBdHH38ZDjT5Mie3RvSCwKVOJBnIcAYx_kM5hqhovjTQ==

GET
H2 200 Notice.edef1.js Show response
cdn.privacy-mgmt.com/ Frame 0F77 171 KB
42 KB 60ms
59ms Script
application/javascript 99.84.156.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.edef1.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-97.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8318b36ea964a68959576876dd85fa417cb7784a31ae78acaa3c58720d62dc34

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 12:08:59 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 16:08:51 GMT
server: AmazonS3
age: 2206
etag: W/"2a94f5880eb7b9fe653fe8a73017e764"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ffa01f5c992a803f4470401daea2d541.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: PErQILQgCLMX57umvMzkJJnxsmnSO8IL6VsUMdowvJe_utifd28hjw==

GET
H2 200 css
fonts.googleapis.com/ Frame 0F77 7 KB
792 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=461394&consentUUID=6b689aef-8907-46c9-a8f0-8b3b826e6254&requestUUID=252ba91b-50d0-4330-b3fe-54523fa58cfd&preload_message=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.privacy-mgmt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 12:33:27 GMT
server: ESF
date: Wed, 14 Apr 2021 12:45:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 12:45:44 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 0F77 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.privacy-mgmt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 268926
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 0F77 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.privacy-mgmt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 268926
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-7351608356042114&su=www.nordkurier.de&doc=complete&pg_h=1200&pg_w=1600&pg_hs=1200&c=2&aa_c=0&av_h=175&av_w=824.500&av_a=105325&s=1613.906&all_s=1613.906&b=-763.906&all_b=-763.906&d=0.292&all_d=0.292&ard=0.110&all_ard=0.110&dt=d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nordkurier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 12:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.nordkurier.de/	1970-01-19 17:34:50	Name: 1a6a442eb9a448b3bd56be90b1d98072 Value: WyIyMjg2NTc2NDk5Il0
.nordkurier.de/	1970-01-19 17:53:33	Name: iom_consent Value: 0100000000&1618404344135
www.nordkurier.de/	1970-01-19 18:16:36	Name: _sp_v1_csv Value: null
www.nordkurier.de/	1970-01-19 18:16:36	Name: _sp_v1_consent Value: 1!0:-1:-1:-1:-1:-1
www.nordkurier.de/	1970-01-19 18:16:36	Name: _sp_v1_lt Value: 1:
www.nordkurier.de/	1970-01-19 18:16:36	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKRmbkgRgGtbE6MUqpIGZeaU4OkF0CVlBdi1tCKRYAmuD4I1IAAAA%3D
www.nordkurier.de/	1970-01-19 18:16:36	Name: _sp_v1_data Value: 2:313870:1618404343:0:1:0:1:0:0:_:-1
www.nordkurier.de/	1970-01-19 18:16:36	Name: _sp_v1_uid Value: 1:77:db31a3e6-df86-4672-ae25-b6ddf093c4f6
.nordkurier.de/	1970-01-19 18:16:36	Name: __cfduid Value: d47b5db978139be2553bf06b222a038af1618404343
.nordkurier.de/	1970-01-20 01:43:00	Name: ioam2018 Value: 0017f67571d9d0ad16076e3f7:1647780343974:1618404343974:.nordkurier.de:2:nordkuri:Ratgeber:noevent:1618404343974:yvkv8a
www.nordkurier.de/	1970-01-19 18:16:36	Name: _sp_v1_opt Value: 1:
www.nordkurier.de/	1969-12-31 23:59:59	Name: has_js Value: 1
.nordkurier.de/	1970-01-20 02:19:00	Name: consentUUID Value: 6b689aef-8907-46c9-a8f0-8b3b826e6254

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.nordkurier.de/sites/default/files/js/js_dd7AFCE6MyWIVd05uErKwuf888mSlmTW8RYzhj_bJRA.js(Line 1) Message: Messaging without detection successfully executed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	allow-from nordkuriercrmtest.crm4.dynamics.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.amazon-adsystem.com
cdn.jsdelivr.net
cdn.privacy-mgmt.com
cdnjs.cloudflare.com
cdns.yieldscale.com
clients1.google.com
cse.google.com
de.ioam.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
rumcdn.geoedge.be
script.ioam.de
securepubads.g.doubleclick.net
trmcdn.eu
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.nordkurier.de
216.58.212.162
2600:9000:20e8:3e00:4:b37b:9440:93a1
2606:4700:10::6816:17c3
2606:4700:3030::6815:3b17
2606:4700::6810:125e
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a04:4e42:3::621
35.201.77.229
91.215.100.40
91.215.103.64
99.84.153.196
99.84.156.97
043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257
045d019f898605579f7045c31a275149be3db29282fb1c501be8ffb46462e682
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d691949da9ec4d94673057b7c0434a4bcd5d39381c7f667cbf82e68b22dcabc
11ff711cf78ebfa3c9e8bd545ebe64513c66927edc75a6b0828e4e886c2fa0a5
1299ce67397a707e7293ce99272f03b906402a6e5471f7ebc00c190f66a054af
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
156e21cc56df2aad1ef25ec51bb30b304504b3dc7d66868a59ac457a24268e52
1574860263d6c730ef2fdcb342e81c4399e6547e6959279f8d593cc906ec3c19
1c4c646ffc606b96f6da5585f202e2f177bf0c01b175ac02c1970a1a6740308c
217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d
24912614ad2dce2aa138e85705b52b82540dce67e98c41445fa3fb125dcdebbc
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
3638b591fff866351eae88d2ac43ca5464f35fec200609ec6c21e489ebafc6e5
3895f89eac8f79ffb30fb97580265c9cdb3a8027935444ef6727ae40db5e7ef2
394f26211935ee529a97419adce23d7dfedf16ecb71a33051b7607cf612ceef4
39a8627e5a8feecf9b9dd389c3ad792ed3fe3f9c13a356003d641dbd25d5624a
425ddc39c64f744d46dae053edb48be089325a9c1ff2c2f4da9a0a1b718079f7
452299bf973d96a1602d92ae67d7b7f16fc74ada4032467ecb96881fdb776b9f
45f17783f271dd3d1ddadf5e2f3ab755d40bdc322537e4be777abd51a36623a6
4ad0d354ae7d821ac243fcf43a3aeeee3db5d7d32e42994cd11b63e18bbf2954
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
52e9b5b73d032db6bc7f0dda928c9198ac37216d0668a91dbf1d4f73188f5039
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5856600b528b29c3a27a17368972744655401cf29558642c93105930ce094870
5c6897ba45ee6d851cd16ffdb13f6b55fa74fc24f6bd34cfaa24e222ad32abce
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
6302432cf939e58905ea7edbc9a8492ece2a4e175e6e0a07eb2fe68869fbb8ad
69de4cf25b80c3e67ed84eaa54adf42215256bcafe7d9515234ef624a41516ff
6b68c75974725eea1642c61bce3b1a2af00370ec4170bac315d005e46e09c5d7
72841144cdad809dc89b6c784314ba30fabb500bb8c71821614008930b02a4dd
73daf6112c3e7bbbec93748f86a6a75cb0cf6fc856021974d9e984a50908b58b
73efa3c6048e9ab950db21c267279960356bbc74505e713c6380ff16539735dd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75a89def95745ca87f27ac2fe4076d890b642fd988e89fd72400b8fb6f889cf2
75dec014213a33258855dd39b84acac2e7fcf3c9929664d6f11633863fdb2510
76fe2b8d83d5193ef0db3a4f5d6fcdb45774978198bea1a44deb56a4e82c7bb3
791a749a1dc5a6dbfba5ed703810f594a8c6013712f9cfb54f98ed01ae436d92
79e58d4b738bad3a81086d2683f960366c1d84962519127a0b9e32c4bc669d63
7aaa7a33054991f4cc05e88cf36260ab3d4fed114190df73952ceeba4ba7719d
7c62ed4eb004d7f3b294a00327d2c0de8a9d973a946e41ea3489671f0cf1d09a
7d89213a593175f3be8d008c181c1c2edd5ca0200f33c8e5998117eb59bd9d46
7fd17d5b28c85e25dd3d6b9d916ba750ba0c29ff1c07387c958160c6d5520a19
8282993a48d207f3e11b343bf2df98d97f1203b3a48a50117cee9a863ab935ec
8318b36ea964a68959576876dd85fa417cb7784a31ae78acaa3c58720d62dc34
84417b8b1d1a367d7dc6c6e52d493cb9aba06ec80d1fc60e7fa2241522604ada
882a32a5a8796cdab4c674293612bf4f8910a2cc8fcaed5dcd3f8aaf76e9db64
89bae7423229527d5d18a7b184d974559aa0addcebd47932975de1531eed4039
8b2e043091b149273679592415d4aa0f6053a4e926d5547b3979607fe9c18220
8ce4cfa3c673803a1687edc39b406f59bfd33ddd6beab8bf53f05e20603cd18c
8f228abc5eea4f794a7da3b2adaed2f1b2554f997eb505a41a0fc14cd125121c
92fa63b36a8b2c3186a4b15c002e5c5c3ac08bff2cfa046671f1915473bf098e
931b67bbdf14e0c9895163111489019925a8d9193876efd823148168d763e52a
936bcb2355e353f4d5ca25bb2dd4c5317744ad24cdd33e6f1d5a4a1b480a2803
946eafc1d49f00aab584fd21e8fa1cafb840287aeddcd6ca020cfcee47460dcf
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dc025d516fe7351d9310d1cc04e06ae4401bc7136d30d86749289a8ef5ea4d4
a03b6f454c63c6fab9440b107ad03290d743d1ba75478f102b10991d9b576260
a0c0be0a72171fc128c6f682b9d7c96616141bffdcdab5264292435166a70a50
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a99a80c32ad0e61a248f522a589300c114673faa3b19fea71a653902914f96e5
a9dafcc5f1c3fe5aca5d296cef4d33feeb30f89e02f93d180f37132e08f412ca
ac537bf59368130f203060350628ae92f86cc8e0d756ef04ae900b5dc3f36e20
ad5fdf597fb6cb5556c74098c4e35a5fd932d334d96a252c6a2dad4a6085a96d
b349171f32fe5738bca6761a67fe2f9c62d4ab13c7884e9f08edf9e76068ce53
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c0ac855f8ead54a26d3ca375daa36345f4b86ae6d6e06daeecb2b6daf94388aa
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c60effd373d81355362c0687756ba19e849ed437ebdff6ee60876f42fa5a8fbb
c9e09403bd55b7740b4cb4e2e1ebe6132d8a1da0414e78a6960164077c2385d2
d08f06be318d3841e2dcf02aca4057cf361ba9a2fee6d1a0a8b19dad37d08591
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e1f79b3b79bd26ab330268510bc56484bcc904914f8b6d01b74fa87d8771c134
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0f05e5391fcb07643a1c2f049443a671b1ecb7a2cbb614074000341e6d56
e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4
ed276ade9140239c72c2cec6dd475d9a3794dc3f61e392ae50546fe375e7c9e5
f0a301121619daca9cda02821f47859d0581be1341092fab45666db707e17ffb
f2e26acbea59df9e43b49ac5e1c6ff2aa205c58535c08b985fcce1836e2844ac
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa
f6005429f1a366624d247f9534e2f8c07c4f0296dac6906736a3865e09a3a2d4

www.nordkurier.de Open in urlscan Pro 2606:4700:10::6816:17c3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

74 %IPv6

16 Domains

21 Subdomains

24 IPs

2 Countries

3312 kBTransfer

7106 kBSize

13 Cookies

22 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nordkurier.de Open in urlscan Pro
2606:4700:10::6816:17c3 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

74 %
IPv6

16
Domains

21
Subdomains

24
IPs

2
Countries

3312 kB
Transfer

7106 kB
Size

13
Cookies

67 HTTP transactions
21 data transactions