urlscan.io logo urlscan.io
SecurityTrails logo

geosetter.de Open in urlscan Pro
185.30.32.197  Public Scan

Go To Rescan Add Verdict Report
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Submission Tags: falconsandbox
Submission: On December 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 59 HTTP transactions. The main IP is 185.30.32.197, located in Germany and belongs to DE-WEBGO www.webgo.de, DE. The main domain is geosetter.de.
TLS certificate: Issued by R3 on November 6th 2021. Valid for: 3 months.
This is the only time geosetter.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

41    185.30.32.197 (Germany)

ASN48324 (DE-WEBGO www.webgo.de, DE)
PTR: s197.goserver.host
geosetter.de
4    104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com
www.paypal.com
www.paypalobjects.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
41 geosetter.de geosetter.de
6 pagead2.googlesyndication.com geosetter.de
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.paypalobjects.com geosetter.de
2 www.paypal.com 2 redirects
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
59 10

This site contains links to these domains. Also see Links.

Domain
empty
Subject Issuer Validity Valid
geosetter.de
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://geosetter.de/en/download-en/geosetter_setup.exe
Frame ID: 228678C8A454614C2F4F1C28A5639E21
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: 82F20DAACDAC7DEAD7D83C0E3E84B8B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&h=600&slotname=5553861274&adk=1427619097&adf=303424825&pi=t.ma~as.5553861274&w=288&fwrn=4&fwrnh=100&lmt=1638779209&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638779209158&bpp=4&bdt=208&idt=81&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=5885257757270&frm=20&pv=2&ga_vid=62669146.1638779209&ga_sid=1638779209&ga_hid=536760715&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1114&ady=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752536%2C31062930&oid=2&pvsid=1524349640945159&pem=439&tmod=358896810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=L39PlNBDKE&p=https%3A//geosetter.de&dtd=98
Frame ID: AB7D7D9D6D0632286F788F64721BEEE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&adk=1812271804&adf=3025194257&lmt=1638779209&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638779209173&bpp=1&bdt=223&idt=92&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=288x600&nras=1&correlator=5885257757270&frm=20&pv=1&ga_vid=62669146.1638779209&ga_sid=1638779209&ga_hid=536760715&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752536%2C31062930&oid=2&pvsid=1524349640945159&pem=439&tmod=358896810&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=98
Frame ID: E54D2388DED38190C7A7A4963B5EB083
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7DB9D0B24D6D29EBB6CED1EBC535C6D6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 300A761F28F8DB92E93C1113418D494B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Seite wurde nicht gefunden. - GeoSetter

Page Statistics

59
Requests

97 %
HTTPS

63 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

450 kB
Transfer

1166 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Request Chain 27
  • https://www.paypal.com/de_DE/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/de_DE/i/scr/pixel.gif

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request geosetter_setup.exe
geosetter.de/en/download-en/ 		39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
058fe596ae9ce4568e962253915f7ea191354abf82178ba58700f5a5040c1591

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 06 Dec 2021 08:26:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding,Cookie
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://geosetter.de/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
custom-fonts.css
geosetter.de/wp-content/themes/tortuga/assets/css/ 		4 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
c181bbfad26d37185ce421f901df11b7a9f9d43b26182949a8525421531b854c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"ff3-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
sbi-styles.min.css
geosetter.de/wp-content/plugins/instagram-feed/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:22 GMT
server
nginx
etag
W/"41cd-5bf64ec1cb5b0"
vary
Accept-Encoding
content-type
text/css
style.min.css
geosetter.de/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/css/dist/block-library/style.min.css?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 13:54:46 GMT
server
nginx
etag
W/"e33b-5c00334c793e3"
vary
Accept-Encoding
content-type
text/css
better-recent-comments.min.css
geosetter.de/wp-content/plugins/better-recent-comments/assets/css/ 		1 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/better-recent-comments/assets/css/better-recent-comments.min.css?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
4aef5deb25565ec2445ec74c5cedf70b41158f0cb7f106532a9401a905ab872c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:05 GMT
server
nginx
etag
W/"438-5bf64eb1b91c6"
vary
Accept-Encoding
content-type
text/css
justifiedGallery.min.css
geosetter.de/wp-content/plugins/flickr-justified-gallery/css/ 		2 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/css/justifiedGallery.min.css?ver=v3.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
c5313f13ffe3f06ab735c56ef2bef329419f70327b67468277cdfc71e0cf09c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"9cc-593f194f222e3"
vary
Accept-Encoding
content-type
text/css
flickrJustifiedGalleryWPPlugin.css
geosetter.de/wp-content/plugins/flickr-justified-gallery/css/ 		180 B
305 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/css/flickrJustifiedGalleryWPPlugin.css?ver=v3.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
2bde3296218a2975cfe2c9e4ed31cd4d240f43ac8fbdb0522f9e9a963715cc28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"b4-593f194f222e3"
vary
Accept-Encoding
content-type
text/css
swipebox.min.css
geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/css/swipebox.min.css?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"10d4-593f194f222e3"
vary
Accept-Encoding
content-type
text/css
prettyPhoto.min.css
geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/prettyPhoto.min.css?ver=2.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
3df56cf5e9b367ce3a1f69c52fe68655893e7443d0b9df0a8a094606775657c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"4bdc-5bf64ec00c176"
vary
Accept-Encoding
content-type
text/css
style.css
geosetter.de/wp-content/themes/tortuga/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/style.css?ver=2.0.1
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
4332f0e11a87046359426bc04132575b49f8681463ce19982334cbed19743fc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"da00-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
safari-flexbox-fixes.css
geosetter.de/wp-content/themes/tortuga/assets/css/ 		460 B
393 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/css/safari-flexbox-fixes.css?ver=20200420
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
22cc88ba1b04743117a705c32d3f9680ec5dfd60f560dace2754063fbcea2d55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"1cc-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
genericons.css
geosetter.de/wp-content/themes/tortuga/assets/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/genericons/genericons.css?ver=3.4.1
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"6e6a-5ad74a838a9d8"
vary
Accept-Encoding
content-type
text/css
flexslider.css
geosetter.de/wp-content/themes/tortuga/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/css/flexslider.css?ver=20170421
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
b071c8eedb09399ce51fd05c71ba92369fcab4eae7a7af4e72bc36e14c106bc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"1455-5ad74a8389a38"
vary
Accept-Encoding
content-type
text/css
public.css
geosetter.de/wp-content/plugins/recent-posts-widget-with-thumbnails/ 		1 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.0.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:05:36 GMT
server
nginx
etag
W/"43a-5bf64f0872363"
vary
Accept-Encoding
content-type
text/css
front.min.css
geosetter.de/wp-content/plugins/cookie-notice/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:08 GMT
server
nginx
etag
W/"1b2b-5bf64eb4d01fc"
vary
Accept-Encoding
content-type
text/css
tortuga-pro.css
geosetter.de/wp-content/plugins/tortuga-pro/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/tortuga-pro/assets/css/tortuga-pro.css?ver=1.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
91517f1b80406f60ff973f40c216ae3c8e92c0e5772fddae886242d675351f13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"4220-593f194f21343"
vary
Accept-Encoding
content-type
text/css
jquery.min.js
geosetter.de/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sun, 28 Mar 2021 00:23:28 GMT
server
nginx
etag
W/"15d98-5be8dc6315e8d"
vary
Accept-Encoding
content-type
application/x-javascript
jquery-migrate.min.js
geosetter.de/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sun, 28 Mar 2021 00:23:28 GMT
server
nginx
etag
W/"2bd8-5be8dc6313f4d"
vary
Accept-Encoding
content-type
application/x-javascript
jquery.prettyPhoto.min.js
geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/assets/prettyphoto/jquery.prettyPhoto.min.js?ver=2.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
ba0504cfd673e9fbf0bab2b70a67ac1bbea97891e12fc8cd3f94070f0c4898f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"5955-5bf64ec00d116"
vary
Accept-Encoding
content-type
application/x-javascript
underscore.min.js
geosetter.de/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 13:54:46 GMT
server
nginx
etag
W/"3ead-5c00334c64bc3"
vary
Accept-Encoding
content-type
application/x-javascript
infinite-scroll.pkgd.min.js
geosetter.de/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"64e6-5bf64ec00e0b6"
vary
Accept-Encoding
content-type
application/x-javascript
front.js
geosetter.de/wp-content/plugins/responsive-lightbox/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.3.2
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:20 GMT
server
nginx
etag
W/"68e8-5bf64ec00a236"
vary
Accept-Encoding
content-type
application/x-javascript
svgxuse.min.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/svgxuse.min.js?ver=1.2.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"b6f-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
jquery.flexslider-min.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/jquery.flexslider-min.js?ver=2.6.0
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"5746-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
slider.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		502 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/slider.js?ver=20170421
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
7213837405a71f7beb4f15cbbfb217995e5b25daed87b347770eaa6e889f9db5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"1f6-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
front.min.js
geosetter.de/wp-content/plugins/cookie-notice/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.0.3
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 07 Apr 2021 17:04:08 GMT
server
nginx
etag
W/"2474-5bf64eb4d01fc"
vary
Accept-Encoding
content-type
application/x-javascript
cropped-icon48-1.png
geosetter.de/wp-content/uploads/2018/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/cropped-icon48-1.png
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
d3cb43791ed64ad592868586d474c7bafcf5da9a0c79c683e37708dc24838abd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"b1d-593f194ef15a4"
content-length
2845
content-type
image/png
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain
  • https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
  • https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6b16d96d7374c84e44234b7f901aec48131ad13a2df3fd4c6a1113a4590a98e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Nov 2021 14:52:12 GMT
server
Akamai Image Manager
etag
"W+Pu/C7SAaVROD4yxJfYhtmfI4zA8n2pGKd1zdw5nBA"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
1494
expires
Mon, 06 Dec 2021 20:26:49 GMT

Redirect headers

location
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
date
Mon, 06 Dec 2021 08:26:49 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
a3b4c299156aa
dc
ccg11-origin-www-1.paypal.com
content-length
0
strict-transport-security
max-age=63072000
pixel.gif
www.paypalobjects.com/de_DE/i/scr/
Redirect Chain
  • https://www.paypal.com/de_DE/i/scr/pixel.gif
  • https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1838
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-transform, max-age=43200
last-modified
Sun, 26 Sep 2021 11:52:24 GMT
content-length
42
server
Akamai Image Manager
expires
Mon, 06 Dec 2021 20:26:49 GMT

Redirect headers

location
https://www.paypalobjects.com/de_DE/i/scr/pixel.gif
date
Mon, 06 Dec 2021 08:26:49 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
a132542f0da30
dc
ccg11-origin-www-1.paypal.com
content-length
0
strict-transport-security
max-age=63072000
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63526dfb58967a171a4aad843f41e251f4aba5ee83c8bacc451a180da88f6376
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51279
x-xss-protection
0
server
cafe
etag
128409688353576332
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 08:26:49 GMT
jquery.swipebox.min.js
geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/lightboxes/swipebox/js/jquery.swipebox.min.js?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"329f-593f194f222e3"
vary
Accept-Encoding
content-type
application/x-javascript
jquery.justifiedGallery.min.js
geosetter.de/wp-content/plugins/flickr-justified-gallery/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/js/jquery.justifiedGallery.min.js?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
6658eeefaf0ae8ac1a771fa317fc8767442a901f17bbf09bed8806b202eb62eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"42be-593f194f222e3"
vary
Accept-Encoding
content-type
application/x-javascript
flickrJustifiedGalleryWPPlugin.js
geosetter.de/wp-content/plugins/flickr-justified-gallery/js/ 		658 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/flickr-justified-gallery/js/flickrJustifiedGalleryWPPlugin.js?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
d8bd0cf569d9e34a7ce707907f38194869300c1ae935ff3575ed148c4985b4ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"292-593f194f222e3"
vary
Accept-Encoding
content-type
application/x-javascript
navigation.min.js
geosetter.de/wp-content/themes/tortuga/assets/js/ 		2 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/js/navigation.min.js?ver=20200818
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
275c1a570c8ea7c5e8d5e4099fbfb33dbbd9e601a4d8d879a26088553c8af28f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"7c4-5ad74a8389a38"
vary
Accept-Encoding
content-type
application/x-javascript
scroll-to-top.js
geosetter.de/wp-content/plugins/tortuga-pro/assets/js/ 		1 KB
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/plugins/tortuga-pro/assets/js/scroll-to-top.js?ver=1.6
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
3463f4691b2de3304210ef18234a374f79d963771385984f3cbf3c69b930dd2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
etag
W/"4e7-593f194f21343"
vary
Accept-Encoding
content-type
application/x-javascript
wp-embed.min.js
geosetter.de/wp-includes/js/ 		1 KB
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/wp-embed.min.js?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sun, 28 Mar 2021 00:23:28 GMT
server
nginx
etag
W/"592-5be8dc6319d0d"
vary
Accept-Encoding
content-type
application/x-javascript
wp-emoji-release.min.js
geosetter.de/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sun, 28 Mar 2021 00:23:28 GMT
server
nginx
etag
W/"3795-5be8dc6312fad"
vary
Accept-Encoding
content-type
application/x-javascript
genericons-neue.svg
geosetter.de/wp-content/themes/tortuga/assets/icons/ 		27 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/icons/genericons-neue.svg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
etag
W/"6d66-5ad74a838a9d8"
vary
Accept-Encoding
content-type
image/svg+xml
truncated
/ 		545 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
open-sans-v15-latin-ext_latin-regular.woff2
geosetter.de/wp-content/themes/tortuga/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/fonts/open-sans-v15-latin-ext_latin-regular.woff2
Requested by
Host: geosetter.de
URL: https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b

Request headers

Referer
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Origin
https://geosetter.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
accept-ranges
bytes
etag
"49bc-5ad74a838a9d8"
content-length
18876
titillium-web-v6-latin-ext_latin-regular.woff2
geosetter.de/wp-content/themes/tortuga/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/fonts/titillium-web-v6-latin-ext_latin-regular.woff2
Requested by
Host: geosetter.de
URL: https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82

Request headers

Referer
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Origin
https://geosetter.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
accept-ranges
bytes
etag
"4664-5ad74a838a9d8"
content-length
18020
open-sans-v15-latin-ext_latin-700.woff2
geosetter.de/wp-content/themes/tortuga/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://geosetter.de/wp-content/themes/tortuga/assets/fonts/open-sans-v15-latin-ext_latin-700.woff2
Requested by
Host: geosetter.de
URL: https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356

Request headers

Referer
https://geosetter.de/wp-content/themes/tortuga/assets/css/custom-fonts.css?ver=20180413
Origin
https://geosetter.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
last-modified
Sat, 22 Aug 2020 10:17:13 GMT
server
nginx
accept-ranges
bytes
etag
"4c30-5ad74a838a9d8"
content-length
19504
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://geosetter.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
2017-07-21-213528_en-150x150.jpg
geosetter.de/wp-content/uploads/2018/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/2017-07-21-213528_en-150x150.jpg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
991b09452bd24378368d62cc9cf07f454d0c4ae611f1f5ffdfdce9c698c4c7b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"12e5-593f194ef34e4"
content-length
4837
content-type
image/jpeg
internet_explorers_en-150x150.jpg
geosetter.de/wp-content/uploads/2018/05/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/internet_explorers_en-150x150.jpg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
cda40e018f08dd9c9c4dd19d0222f72497294fabc0182eb26de919cc0dd54a1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"35c9-593f194ef34e4"
content-length
13769
content-type
image/jpeg
run_any_command_header_de-150x150.jpg
geosetter.de/wp-content/uploads/2018/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geosetter.de/wp-content/uploads/2018/05/run_any_command_header_de-150x150.jpg
Requested by
Host: geosetter.de
URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.197 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s197.goserver.host
Software
nginx /
Resource Hash
736aa667730a783030d66102116abddc3d4d11d308ad4c0feb9d35bb369af06c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/en/download-en/geosetter_setup.exe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
last-modified
Wed, 02 Oct 2019 18:24:38 GMT
server
nginx
accept-ranges
bytes
etag
"1fe2-593f194ef4484"
content-length
8162
content-type
image/jpeg
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e43283ca1dede2de51c21a968c0e26321c619bdde59e8f46fa81b89422ad5a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100173
x-xss-protection
0
server
cafe
etag
14175517946312357022
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 08:26:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame 82F2 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 05 Dec 2021 21:23:19 GMT
expires
Sun, 19 Dec 2021 21:23:19 GMT
content-type
text/html; charset=UTF-8
etag
6406113418471942685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4879
x-xss-protection
0
age
39810
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		216 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=geosetter.de&callback=_gfp_s_&client=ca-pub-8542562999199332
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
10e6757aea040c151ff0a13df30ce87893e827f99b2ef00ee40e065eb756dd65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=geosetter.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=geosetter.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 08:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AB7D 		430 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&h=600&slotname=5553861274&adk=1427619097&adf=303424825&pi=t.ma~as.5553861274&w=288&fwrn=4&fwrnh=100&lmt=1638779209&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638779209158&bpp=4&bdt=208&idt=81&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&correlator=5885257757270&frm=20&pv=2&ga_vid=62669146.1638779209&ga_sid=1638779209&ga_hid=536760715&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1114&ady=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752536%2C31062930&oid=2&pvsid=1524349640945159&pem=439&tmod=358896810&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=L39PlNBDKE&p=https%3A//geosetter.de&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
412852648ec49c8e3adf15d8c8746321cff80ce35e642e73da98bf892b689c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 06 Dec 2021 08:26:49 GMT
server
cafe
content-length
209
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 06 Dec 2021 08:26:49 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame E54D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8542562999199332&output=html&adk=1812271804&adf=3025194257&lmt=1638779209&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeosetter.de%2Fen%2Fdownload-en%2Fgeosetter_setup.exe&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638779209173&bpp=1&bdt=223&idt=92&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=288x600&nras=1&correlator=5885257757270&frm=20&pv=1&ga_vid=62669146.1638779209&ga_sid=1638779209&ga_hid=536760715&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44752536%2C31062930&oid=2&pvsid=1524349640945159&pem=439&tmod=358896810&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e70f7bbb8ce9d972630293d519507f94d8cf810ce7ae9810996cf33a832cc3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 06 Dec 2021 08:26:49 GMT
server
cafe
content-length
4517
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 06 Dec 2021 08:26:49 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
311093efd0ba2490e53ae62092336585f088f5ed6cfce59de6a8abf06cdc118d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 08:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8562
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8542562999199332&plah=geosetter.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 06 Dec 2021 08:26:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7DB9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 06 Dec 2021 03:49:22 GMT
expires
Tue, 06 Dec 2022 03:49:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16648
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 300A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5942f230952088c6de70a9f0244f47fd050a54759d55800c6419bf2d8f94dcc0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hAtr/+Z+8WBem37VAfihog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 06 Dec 2021 08:26:50 GMT
date
Mon, 06 Dec 2021 08:26:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-hAtr/+Z+8WBem37VAfihog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame 7DB9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 21:35:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
39091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 21:35:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 300A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=1524349640945159&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7DB9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7upKKQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 08:26:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=1524349640945159&bg=!vL-lv_vNAAaQHwIOkB87ACkAdvg8WqB4qqs7aOP9r-SjJFJCokdG6QPV_9wt9jSiBIXgl3JE6FnoZwIAAABxUgAAABRoAQcKAKR7q1EOr-k8jsmzUK_quxADibQMJw-HRCiN0ftTHE_BISO8Lk1fMK_583fDw2E4Fd66_jNjy7vHSebfCvWxg6fkLtBhzHqQbaoOZyM4hOdEsiQnErHvLoJoATrPz21Git0BiErnSe9nV7SDLJZbk2UW_pIaz7CgFTvucmrWH0sLqj_J8tdY4zMyToof15D6Rty3tzMoNfyaTK7wR6pMd31RP8Pch5kC1Mz3e5A31c9bE167FoSxerHpffZraZ1AFd4hjd4_sMRyNbcic3XOb6RubGYFdXgIlOGzVpySp_uTH_wq7i9yWRDAyBZEatuhTSIRjhmIvedJ_2kTTRICB8QO47m57nR28v262z4zHz4bWSz_4QhPGkTo_HuLOIoUkmXWuUTk2hEh0uNUPnC9_2YMJGNwVfqpxLRJ28aQeqsafH3xBu1r-abdR9SSFOm_dlh25bvy-tBVcNq5CNW05DyqBmlWnuIYjXajX2o2jCAyQSl5iFHDpnx3E_9fhqReRmJ89EzgRg05Fc878Aj_p_7sBZW3OJb6hbwaDwuLuRt4jV99CaqkLM4lsAyMVD237l2VIUEo_mOU40dirBmimTtXDVcCLNdAsmVGOx07YSFn7xjqalu_0OHmyqVSMCrsf6VFas_rE6yBkQzE3K-N92q9r7qAcXn6SIZ4t6AVzhFSPKe5kt68H8mueqlQhIzj_3CmaX2HVWknt_Xyl2WqD03Vp0PE31puZSA0_Xwcid97OpUIPww6XmTA0to7polimhIez4Bp4iVjg3i_CXWj2jMeJygKSM8efvWMaGGR_dlXGAZ8-bdu5pR4x-xnu5v3fq_Y4H3LWKfojXdYV9zQ-b4Q-A7-SzUfkDmVxmuZrvFojKZyWZlyC1BY-GldfUYw7h11zkj23mJok0wEHNmqgiPpukftknEnMf2DRK8CInRoArupEjFcCIt_u4rUdirPHpozpuoHiMoOQIo8YhWTmKwfrMKH_Veq3vZb9XFf4f2B3aHNTTlgjyzKnBCVlFi-PKzMUpPLe5jz6l189P6b95r8INQLYay1zwQg86devVxlyn7jEg6eoueFFLVCOZ8ZBw6dw5DOCoxK3CRyF-hO5MsVLO_sGFrwOVZGDw2NXvv3kSERZgzgjfPKk9Fhj4t3TdhLMT6JU2hp6KinlopRS-_F3-rMyr1wWndinYE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://geosetter.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 08:26:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery boolean| pp_alreadyInitialized function| _ function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| rlArgs object| tortuga_slider_params object| cnArgs object| adsbygoogle string| sbiajaxurl function| fjgwppDisableContextMenu object| tortugaScreenReaderText object| wp object| twemoji function| rl_view_image function| rl_hide_image boolean| doresize object| scroll_pos boolean| hashtag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.www.paypal.com/ Name: akavpau_ppsd
Value: 1638779809~id=82ed7676962aa2c16242c5e15525436a
geosetter.de/ Name: pll_language
Value: en
.geosetter.de/ Name: __gads
Value: ID=540c4d2380897b3b-22276d8a3ccc009b:T=1638779209:RT=1638779209:S=ALNI_Maq1efYdBgSK3CgPLfCFXjUJSKQYA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://geosetter.de/en/download-en/geosetter_setup.exe
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
geosetter.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
185.30.32.197
216.58.212.130
2a00:1450:4001:801::2004
2a00:1450:4001:809::2002
2a00:1450:4001:810::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
058fe596ae9ce4568e962253915f7ea191354abf82178ba58700f5a5040c1591
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
10a0b293d1d46ce9853549ea0dbecb22208e19c9a78ac6a024e7b2642a657e82
10e6757aea040c151ff0a13df30ce87893e827f99b2ef00ee40e065eb756dd65
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
22cc88ba1b04743117a705c32d3f9680ec5dfd60f560dace2754063fbcea2d55
275c1a570c8ea7c5e8d5e4099fbfb33dbbd9e601a4d8d879a26088553c8af28f
2bde3296218a2975cfe2c9e4ed31cd4d240f43ac8fbdb0522f9e9a963715cc28
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
2e43283ca1dede2de51c21a968c0e26321c619bdde59e8f46fa81b89422ad5a5
311093efd0ba2490e53ae62092336585f088f5ed6cfce59de6a8abf06cdc118d
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
3463f4691b2de3304210ef18234a374f79d963771385984f3cbf3c69b930dd2b
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a
3df56cf5e9b367ce3a1f69c52fe68655893e7443d0b9df0a8a094606775657c0
412852648ec49c8e3adf15d8c8746321cff80ce35e642e73da98bf892b689c4c
4332f0e11a87046359426bc04132575b49f8681463ce19982334cbed19743fc4
4aef5deb25565ec2445ec74c5cedf70b41158f0cb7f106532a9401a905ab872c
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5942f230952088c6de70a9f0244f47fd050a54759d55800c6419bf2d8f94dcc0
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d
63526dfb58967a171a4aad843f41e251f4aba5ee83c8bacc451a180da88f6376
6658eeefaf0ae8ac1a771fa317fc8767442a901f17bbf09bed8806b202eb62eb
6b16d96d7374c84e44234b7f901aec48131ad13a2df3fd4c6a1113a4590a98e9
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
7213837405a71f7beb4f15cbbfb217995e5b25daed87b347770eaa6e889f9db5
736aa667730a783030d66102116abddc3d4d11d308ad4c0feb9d35bb369af06c
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd
91517f1b80406f60ff973f40c216ae3c8e92c0e5772fddae886242d675351f13
991b09452bd24378368d62cc9cf07f454d0c4ae611f1f5ffdfdce9c698c4c7b6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b071c8eedb09399ce51fd05c71ba92369fcab4eae7a7af4e72bc36e14c106bc5
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356
ba0504cfd673e9fbf0bab2b70a67ac1bbea97891e12fc8cd3f94070f0c4898f8
c181bbfad26d37185ce421f901df11b7a9f9d43b26182949a8525421531b854c
c5313f13ffe3f06ab735c56ef2bef329419f70327b67468277cdfc71e0cf09c3
cda40e018f08dd9c9c4dd19d0222f72497294fabc0182eb26de919cc0dd54a1d
d3cb43791ed64ad592868586d474c7bafcf5da9a0c79c683e37708dc24838abd
d8bd0cf569d9e34a7ce707907f38194869300c1ae935ff3575ed148c4985b4ed
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595
e70f7bbb8ce9d972630293d519507f94d8cf810ce7ae9810996cf33a832cc3d4
f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37