www.xn--billigflge-heb.de Open in urlscan Pro Puny
www.billigflüge.de IDN
2a01:4f8:1c0c:81e4::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ibe.xn--billigflge-heb.de/
Effective URL:
https://www.xn--billigflge-heb.de/
Submission: On March 25 via automatic, source certstream-suspicious (March 25th 2021, 11:43:14 am UTC)

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 70 HTTP transactions. The main IP is 2a01:4f8:1c0c:81e4::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.xn--billigflge-heb.de.
TLS certificate: Issued by R3 on March 8th 2021. Valid for: 3 months.

This is the only time www.xn--billigflge-heb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	136.243.106.203 136.243.106.203	24940 (HETZNER-AS) (HETZNER-AS)
1 42	2a01:4f8:1c0c... 2a01:4f8:1c0c:81e4::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:218... 2600:9000:2182:b000:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3033::ac43:944f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1 2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
70	19

1 136.243.106.203 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.203.106.243.136.clients.your-server.de

ibe.xn--billigflge-heb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a01:4f8:1c0c:81e4::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

www.xn--billigflge-heb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:b000:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:944f (United States)

ASN13335 (CLOUDFLARENET, US)

www.ad4mat.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.235 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	xn--billigflge-heb.de 2 redirects ibe.xn--billigflge-heb.de www.xn--billigflge-heb.de	6 MB
4	adform.net 2 redirects track.adform.net s2.adform.net	30 KB
4	mathtag.com pixel.mathtag.com	3 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 5994599.fls.doubleclick.net	3 KB
4	google-analytics.com www.google-analytics.com	21 KB
3	google.com www.google.com adservice.google.com	363 B
2	google.de www.google.de	215 B
2	facebook.com www.facebook.com	410 B
2	redintelligence.net 1 redirects hal9000.redintelligence.net	2 KB
2	facebook.net connect.facebook.net	92 KB
2	bing.com bat.bing.com	9 KB
1	ad4mat.de www.ad4mat.de	1012 B
1	dwin1.com www.dwin1.com	6 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
70	15

	Domain	Requested by
42	www.xn--billigflge-heb.de	1 redirects www.xn--billigflge-heb.de
4	pixel.mathtag.com	hal9000.redintelligence.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.xn--billigflge-heb.de
3	track.adform.net	2 redirects hal9000.redintelligence.net
2	5994599.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	www.google.de	www.xn--billigflge-heb.de
2	www.google.com	www.xn--billigflge-heb.de
2	www.facebook.com	www.xn--billigflge-heb.de
2	hal9000.redintelligence.net	1 redirects www.dwin1.com
2	connect.facebook.net	www.xn--billigflge-heb.de connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.xn--billigflge-heb.de
1	adservice.google.com	5994599.fls.doubleclick.net
1	s2.adform.net	hal9000.redintelligence.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.ad4mat.de	www.dwin1.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.dwin1.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.xn--billigflge-heb.de
1	ibe.xn--billigflge-heb.de	1 redirects
70	20

This site contains no links.

Subject Issuer	Validity	Valid
xn--billigflge-heb.de R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
redintelligence.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-17` - `2022-02-16`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.xn--billigflge-heb.de/
Frame ID: 7C4C258E87A16E9E95F883F92E500AFA
Requests: 61 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Frame ID: A59FD96D6C3555A2684FBAD1E41F4D0E
Requests: 7 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541
Frame ID: 547B7CD34F463CE031C684069B4B67AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ibe.xn--billigflge-heb.de/ HTTP 302
http://www.xn--billigflge-heb.de/ HTTP 301
https://www.xn--billigflge-heb.de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

70
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

5872 kB
Transfer

7117 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ibe.xn--billigflge-heb.de/ HTTP 302
http://www.xn--billigflge-heb.de/ HTTP 301
https://www.xn--billigflge-heb.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://hal9000.redintelligence.net/retarget?a=49586&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

Request Chain 62

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 63

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541

Request Chain 65

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=426037408664&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=426037408664&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xn--billigflge-heb.de/
Redirect Chain

https://ibe.xn--billigflge-heb.de/
http://www.xn--billigflge-heb.de/
https://www.xn--billigflge-heb.de/

91 KB
20 KB

44ms
32ms

Document
text/html

2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0130ea8a08dd3bcab2017fc61d4f1322424f34e66e63ff22d65a9010713bc3ec

Request headers

:method: GET
:authority: www.xn--billigflge-heb.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.16.1
date: Thu, 25 Mar 2021 11:42:55 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 25 Mar 2021 11:35:19 GMT
expires: Thu, 25 Mar 2021 14:35:19 GMT
pragma: public
cache-control: max-age=10344, public
x-duration: D=11753 us
access-control-allow-origin: *
link: <//cdn.fluxgrid.net>; rel="preconnect"
x-origin-duration: D=14816
x-origin-cache-control: max-age=10344, public
age: 0
x-cache: MISS
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
vary: Origin,Accept
content-encoding: gzip

Redirect headers

Server: nginx/1.16.1
Date: Thu, 25 Mar 2021 11:42:55 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.xn--billigflge-heb.de/

GET
H2 200 5c64a.css
www.xn--billigflge-heb.de/wp-content/cache/minify/7/ 281 KB
39 KB 220ms
219ms Stylesheet
text/css 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/5c64a.css
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9de14c4b9de2ebe3e3b98cb6868d504841a0f27c3404a5c43f8dafb41ac801c6

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=193675
x-cache: MISS
last-modified: Tue, 09 Mar 2021 07:11:39 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin,Accept
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=189596 us
expires: Thu, 25 Mar 2021 17:42:55 GMT

GET
H2 200 4e1a2.js Show response
www.xn--billigflge-heb.de/wp-content/cache/minify/7/ 162 KB
51 KB 256ms
255ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/4e1a2.js
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 31d2f864f7a6ea1f518e3aedb2bc4d2965dfc99fac44e5ef6cf1369300401a48

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=220723
x-cache: MISS
last-modified: Wed, 24 Mar 2021 07:03:39 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=215853 us
expires: Thu, 25 Mar 2021 17:42:55 GMT

GET
H2 200 516dd.js Show response
www.xn--billigflge-heb.de/wp-content/cache/minify/7/ 453 KB
98 KB 331ms
330ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/516dd.js
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4fd34de3c5b6d782942eb801786c4618e2268f308ef38d6bb6399c677cf69f10

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=225595
x-cache: MISS
last-modified: Tue, 09 Mar 2021 07:11:40 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=221104 us
expires: Thu, 25 Mar 2021 17:42:55 GMT

GET
H2 200 61add.js Show response
www.xn--billigflge-heb.de/wp-content/cache/minify/7/ 866 B
852 B 220ms
220ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/61add.js
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f90677a87eef94484c52fd888e1a8f744c18c459752412c30cefe3a5dc94f85c

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=204301
x-cache: MISS
last-modified: Tue, 09 Mar 2021 07:11:11 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=201032 us
expires: Thu, 25 Mar 2021 17:42:55 GMT

GET
H2 200 cloud-bg.jpg
www.xn--billigflge-heb.de/wp-content/themes/fluege-master/images/ 47 KB
48 KB 214ms
207ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/themes/fluege-master/images/cloud-bg.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 97836b27768d0e3723ae5b18a26387e6b5b9697a66d224c4787f4a34921306b0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=20812
x-cache: MISS
last-modified: Fri, 08 Mar 2019 14:42:09 GMT
content-length: 48370
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=19559 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 paypal-logo.png
www.xn--billigflge-heb.de/wp-content/uploads/sites/10/ 8 KB
8 KB 179ms
173ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/10/paypal-logo.png
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d89faebb1d969f7b296ba93164a203165491ce967dd42ba351c14f43013efe7f

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=20102
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:38 GMT
content-length: 7940
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=18513 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 visa-logo.png
www.xn--billigflge-heb.de/wp-content/uploads/sites/10/ 8 KB
8 KB 205ms
198ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/10/visa-logo.png
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bd78975408b4db8440f8dab32512930e91b27fa1f4fa1c66462da84becfdb59d

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=18111
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:29 GMT
content-length: 7848
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14588 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 american-express-logo.png
www.xn--billigflge-heb.de/wp-content/uploads/sites/10/ 8 KB
8 KB 160ms
153ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/10/american-express-logo.png
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4a3bc550e2976fb00630f6aa1876e2a5333db5429e819995898a82eeb4d81afd

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=9357
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:11 GMT
content-length: 7903
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=5569 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 mastercard-logo.png
www.xn--billigflge-heb.de/wp-content/uploads/sites/10/ 6 KB
6 KB 220ms
214ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/10/mastercard-logo.png
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: edec770ab0b7ed3376fb6878c4802b7fdb138528822404483f094cd078c1e4bf

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=17805
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:16 GMT
content-length: 5872
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=11189 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 giropay-logo.png
www.xn--billigflge-heb.de/wp-content/uploads/sites/10/ 4 KB
4 KB 158ms
152ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/10/giropay-logo.png
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 06a8f5a691f57985581257ce78bb23acfd133857ffd3af0d790285f3e89c9dd8

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=13403
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:20 GMT
content-length: 3986
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=8353 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 sofortueberweisung-logo.png
www.xn--billigflge-heb.de/wp-content/uploads/sites/10/ 13 KB
13 KB 209ms
203ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/10/sofortueberweisung-logo.png
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d36f88639070d02081f7934671d25407c9e52c0e9ac2652720486c3635ef64ad

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=13339
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:33 GMT
content-length: 12815
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=11585 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Koeln.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 126 KB
127 KB 189ms
183ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Koeln.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 648a4695cde3b231a7dc10e39c606e118337f32bc976f7d9b2a135c8c23b8f17

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=10584
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:05:23 GMT
content-length: 129434
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=8771 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Berlin-.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 366 KB
366 KB 195ms
189ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Berlin-.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7425b1783b2b0c6b8ea5527b2248f84cb397be7eade6177b282a17c2edc9149a

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=10875
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:10:14 GMT
content-length: 374367
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=9041 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Hamburg.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 325 KB
326 KB 172ms
166ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Hamburg.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 6981fd093e7218b1b936e42c7b7a8ebc18426e33d4f7e103d5740a2cbe8837df

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=11296
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:06:40 GMT
content-length: 332626
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=8587 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Frankfurt.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 371 KB
372 KB 168ms
163ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Frankfurt.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 32e827ff87732f7914103d94e2b55ee79ce31d4dea6d0f812443dee4118415b8

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=13477
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:07:38 GMT
content-length: 379788
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=10455 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Dresden.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 341 KB
342 KB 114ms
108ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Dresden.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d1da5b16e5ce5faccaa252e155d7e67489d1efb96f38019ad3b42255692c9127

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=31754
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:09:05 GMT
content-length: 348994
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=29698 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Muenchen.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 272 KB
272 KB 81ms
76ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Muenchen.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 48b4ff55e67848bc59fc6b877206d2759ef9aa9c0ed8ddb5d6b79e8526f46a99

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=16383
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:03:46 GMT
content-length: 278318
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14073 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Paris-.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 275 KB
276 KB 135ms
130ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Paris-.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 07f86f5cb2ba26f19ff108c5d344e0d7f432ced9678353a7dff0ff9846a26ba3

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=35441
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:23:43 GMT
content-length: 281851
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=20617 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 billigfluege-madrid-1-480x270.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 31 KB
31 KB 91ms
86ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/billigfluege-madrid-1-480x270.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 10a33855fac9480e13e709abb67b5a05ceed2388aca9f936eac4817ef64e7f11

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=25659
x-cache: MISS
last-modified: Thu, 03 May 2018 10:13:54 GMT
content-length: 31359
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=6529 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Amsterdam.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 308 KB
309 KB 152ms
148ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Amsterdam.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7b578dde0dd25d3c66da3b941efedbfac278f65a8a36b705f5da9debf44012e0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=8243
x-cache: MISS
last-modified: Fri, 27 Apr 2018 14:53:21 GMT
content-length: 315339
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=6826 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Lissabon.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 275 KB
275 KB 105ms
100ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Lissabon.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a08cefcdee32e9776b146ef69e614682004352a21c37fc4ddae936580db27973

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=11769
x-cache: MISS
last-modified: Fri, 27 Apr 2018 15:20:49 GMT
content-length: 281333
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=5965 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 billigfluege-istanbul-1-480x270.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 29 KB
29 KB 77ms
72ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/billigfluege-istanbul-1-480x270.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8d2c09b24f29d3b10a7e036722d349e2a44d9529fb46993bd041d0340b59fff8

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=13992
x-cache: MISS
last-modified: Wed, 02 May 2018 16:44:12 GMT
content-length: 29348
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=11313 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-London.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 296 KB
296 KB 181ms
176ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-London.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7a3dbef470bf0e1369cbe291a9c1218eaae3a2a3938084e362bf91c796605cd4

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=8060
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:44:26 GMT
content-length: 302676
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=6812 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Sylt.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 388 KB
389 KB 140ms
136ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Sylt.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2a9e85565ab6e66ceeee929245b2e2a36aba7f3950f1bc68cf60b3cec853d616

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=18135
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:01:17 GMT
content-length: 397244
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14335 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Kreta-.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 142 KB
143 KB 125ms
122ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Kreta-.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c9d961151e24b5ef8fbdc50e2518417bdc71b1789f74bc11f8b58d33b95d2a59

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=17154
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:31:04 GMT
content-length: 145545
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=12844 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 billigfluege-fuerteventura-480x270.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 23 KB
23 KB 174ms
170ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/billigfluege-fuerteventura-480x270.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 125bb06e93ac769ab012e3136f0afe4da548bbf1061f2746c129ff65730640f0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=16700
x-cache: MISS
last-modified: Thu, 03 May 2018 09:57:33 GMT
content-length: 23215
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14144 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Sardinien.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 205 KB
206 KB 68ms
64ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Sardinien.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 81bb545b9cc4846d0df8ff63a9f516fa0478bad5522919963ac0d9bf97f7c603

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=10895
x-cache: MISS
last-modified: Fri, 27 Apr 2018 14:33:18 GMT
content-length: 209973
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=9165 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 billigfluege-gran-canaria-480x270.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 29 KB
29 KB 155ms
151ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/billigfluege-gran-canaria-480x270.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b2b7f2b3d459287f887b0dea11b6423cb0b40d98ee5e5b9a0f41d788185d8889

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=16002
x-cache: MISS
last-modified: Thu, 03 May 2018 09:59:39 GMT
content-length: 29424
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=13262 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 billigfluege-mallorca-1-480x270.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 28 KB
29 KB 185ms
181ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/billigfluege-mallorca-1-480x270.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 843707667a6ac5ce2ba44514f9298ee01002f72aa64d4b59fd4d068499c69ea6

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=11145
x-cache: MISS
last-modified: Thu, 03 May 2018 10:17:22 GMT
content-length: 29012
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=9491 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 billigfluege-suedafrika-480x270.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 31 KB
32 KB 120ms
117ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/billigfluege-suedafrika-480x270.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4ab6939a9d9895efb4e58ab2de8a59c45fb5fa49eaa416b70a7ecc2328727c06

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=35462
x-cache: MISS
last-modified: Thu, 03 May 2018 10:31:47 GMT
content-length: 31932
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=21116 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Brasilien-.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 453 KB
454 KB 146ms
143ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Brasilien-.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b54260f45b1efe4c588407f22a13af93d7f88b797541541f4731753dbdd97f3f

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=27131
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:13:33 GMT
content-length: 463567
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=21715 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Dubai-.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 187 KB
187 KB 128ms
125ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Dubai-.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b1de2195d7e1233fd81918f8e39cc0da8b9bf16ca75813a9befe871bbe8361cf

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=9604
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:16:53 GMT
content-length: 191083
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=6115 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Neuseeland.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 193 KB
194 KB 197ms
194ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Neuseeland.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 50c80894ba5ef0210fbbdb0359a1f58eb521d72a2660bae40e6272f9f002676e

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=10010
x-cache: MISS
last-modified: Fri, 27 Apr 2018 14:44:52 GMT
content-length: 197567
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=5664 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 Billigfluege-Australien-.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 144 KB
145 KB 196ms
193ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/Billigfluege-Australien-.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 25c9f9eb9e7a82c5f65ed7697ec1a23b7fbc518937c1dd36805128756ed0e3df

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=14552
x-cache: MISS
last-modified: Fri, 27 Apr 2018 13:14:02 GMT
content-length: 147715
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=9172 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 billigfluege-usa-480x270.jpg
www.xn--billigflge-heb.de/wp-content/uploads/sites/7/ 28 KB
28 KB 212ms
210ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/uploads/sites/7/billigfluege-usa-480x270.jpg
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7ff14c3d217cc2205c38d7ec40c21c27d7241a4fd2a92292911d4bdee65991e2

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=19811
x-cache: MISS
last-modified: Wed, 02 May 2018 16:34:02 GMT
content-length: 28254
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=10579 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 cookieconsent.css
www.xn--billigflge-heb.de/cookieconsent/ 3 KB
1 KB 17ms
15ms Stylesheet
text/css 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/cookieconsent/cookieconsent.css
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7499b56dc242b94ec613a4b326861d054d75d1d0be497c6268302ad427970cff

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=8716
x-cache: MISS
last-modified: Sun, 08 Dec 2019 16:20:28 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public, public,max-age=86400
vary: Origin,Accept
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800, public, public, public,max-age=86400
x-duration: D=5926 us
expires: Thu, 25 Mar 2021 17:42:56 GMT

GET
H2 200 794d5.js Show response
www.xn--billigflge-heb.de/wp-content/cache/minify/7/ 5 KB
2 KB 199ms
199ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/794d5.js
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 63300a1738f39c98d282fdeff006358830ec7df05707c715099729d585a2b374

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=143442
x-cache: MISS
last-modified: Wed, 10 Feb 2021 07:50:55 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=140402 us
expires: Thu, 25 Mar 2021 17:42:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 154 KB
47 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TC7STVM

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cffb6b1c3384f31690fce3f8050f7325238b79b2ad6ce8ba82c879716d9f9c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47987
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Mar 2021 11:42:56 GMT

GET
H2 200 glyphicons-regular.woff2
www.xn--billigflge-heb.de/wp-content/plugins/glyphicons/fonts/ 94 KB
94 KB 212ms
211ms Font
application/font-woff2 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/wp-content/plugins/glyphicons/fonts/glyphicons-regular.woff2
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/5c64a.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: eedc7581ecfd9bb57b1af16ad7ad4428aa147de4f08e01f49a768c801a29de84

Request headers

Origin: https://www.xn--billigflge-heb.de
Referer: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/5c64a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=20158
x-cache: MISS
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800, public, public
x-duration: D=16997 us
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 206 clouds_1080p.webm
www.xn--billigflge-heb.de/wp-content/themes/fluege-master/images/ 361 KB
362 KB 145ms
145ms Media
video/webm 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--billigflge-heb.de/wp-content/themes/fluege-master/images/clouds_1080p.webm
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 92ffd641f88372e406522acb7fd2360279848c3fbcf6bd5b90c0c13b062f4437

Request headers

Referer: https://www.xn--billigflge-heb.de/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=7112
x-cache: MISS
Content-Range: bytes 0-370116/370117
Content-Length: 370117
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public
vary: Origin
content-type: video/webm
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
x-duration: D=5114 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 cloud.png
www.xn--billigflge-heb.de/wp-content/themes/fluege-master/images/ 2 KB
3 KB 145ms
144ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--billigflge-heb.de/wp-content/themes/fluege-master/images/cloud.png
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/5c64a.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7815f1d38d1b5e4fae67d3fcf835aa78df6e48245ef7e3d235aa8845a9b32f19

Request headers

Referer: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/5c64a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
age: 0
x-origin-duration: D=7866
x-cache: MISS
last-modified: Tue, 10 Apr 2018 17:40:45 GMT
content-length: 2410
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=5727 us
expires: Thu, 01 Apr 2021 11:42:56 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 54ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7STVM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:55 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: 56410026F1A1477B863FA5BE44751A7F Ref B: FRAEDGE1511 Ref C: 2021-03-25T11:42:56Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 56ms
52ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7STVM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13738
x-xss-protection: 0
server: cafe
etag: 10420051169657019655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 11:42:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: PrdkGpukOmiIj68YGaayp8xBjkFMOuvGV+slKdWjvi3oLgeVY0nwU47GYLz+umpmIPrlYJJmHDDX/XziCzW0Ww==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 25 Mar 2021 11:42:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 15320.js Show response
www.dwin1.com/ 21 KB
6 KB 35ms
11ms Script
application/javascript 2600:9000:2182:b000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/15320.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7STVM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a3b1d68b2d515da2d3512486a7650abc9f39297fe4b54db6cc25d3f9d97bdaf

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xktYNhD7t8mrBpceTDZS2dxwDipNlabc
content-encoding: gzip
etag: W/"dc975107cc289ea635d0a2d64f25180f"
age: 153
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 09 Mar 2021 16:20:49 GMT
server: AmazonS3
date: Thu, 25 Mar 2021 11:40:33 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: oOR6c6K3sEC8zjxYf7i2Fbu_3ZkoFfxzt2W5f2-MROM_dq5p4eDhXg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TC7STVM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 871
date: Thu, 25 Mar 2021 11:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Mar 2021 13:28:25 GMT

GET
H2 200 1300660796615588 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1300660796615588?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08173f1a8e3b0cddbf9e07e3ae512eccb6a7cfd3067f4663dbd6738e8f9d65a8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Cx6r2NDWZSMTimlix+Ktk2LXwzWDqiN2Oen7kNNddgH1ia1JKY6jcD8vOM9FWj54HBJpWsVNRKNRVtnBekcGhg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Mar 2021 11:42:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 857
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 25 Mar 2021 12:28:39 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 275
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Thu, 25 Mar 2021 12:38:21 GMT

GET
H2 204 0
bat.bing.com/action/ 0
172 B 31ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5477372&tm=gtm001&Ver=2&mid=752573fe-b823-4e82-93f6-503c74a51fc8&sid=3e1910608d5f11eb9be651a5a33b5d0b&vid=3e1a04908d5f11ebbd3a6f1d025e8128&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Billigfl%C3%BCge%20online%20suchen%20und%20buchen%20bei%20Billigfl%C3%BCge.de&p=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&r=&lt=960&evt=pageLoad&msclkid=N&sv=1&rn=194921
Requested by: Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 25 Mar 2021 11:42:56 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: B5C853DC30904F3CBBD847B59CCCBB60 Ref B: FRAEDGE1511 Ref C: 2021-03-25T11:42:56Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/879786597/ 2 KB
1 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879786597/?random=1616672576826&cv=9&fst=1616672576826&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&tiba=Billigfl%C3%BCge%20online%20suchen%20und%20buchen%20bei%20Billigfl%C3%BCge.de&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eed458bb02effed201a74a662984476f8e2576b5904bbb927d53cde4d7eaddb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set retarget Show response
hal9000.redintelligence.net/ Frame A59F
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=49586&version=1
https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

2 KB
1 KB

116ms
47ms

Document
text/html

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/15320.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bae4683863642084a60bc1fb6c944db63e358acf809bdf2b1c3486dbcbdf6351

Request headers

Host: hal9000.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.xn--billigflge-heb.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=5ac2b37d4cdf3578
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.xn--billigflge-heb.de/

Response headers

Date: Thu, 25 Mar 2021 11:42:57 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=5ac2b37d4cdf3578; expires=Wed, 23-Jun-2021 11:42:57 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 774
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 25 Mar 2021 11:42:56 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=5ac2b37d4cdf3578; expires=Wed, 23-Jun-2021 11:42:56 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=49586&version=1&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 ck_tracker.php Show response
www.ad4mat.de/ads/js/ 714 B
1012 B 49ms
22ms Script
text/javascript 2606:4700:3033::ac43:944f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ad4mat.de/ads/js/ck_tracker.php?adspaceId=16015320&mt=1&country=www.ad4mat.de&sprd=false&catId=home
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/15320.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:944f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca77dde54c1e1ad860a110847a8e22622c9e7ad96eb51127fc6f9b3070916836

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6357e0f5697d4eaa-FRA
x-cache: HIT
p3p: CP="NOI CUR OUR STP", policyref="/w3c/p3p.ad4mat.xml"
content-type: text/javascript
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uw7sMzsaUBtjAu320kTQbSRgQbEbmbYEmYiPGBx0VCAUumVyVeWc%2BAw5QaGehXZ4qiJxGrGBj8aj7lAxud3RjI94%2FnrJyUUEnmm9lGmdmcryGZ5J0OoyzL8y"}],"group":"cf-nel"}
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090acaed6400004eaa2f36e000000001

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-4756585-4&cid=103569291.1616672577&jid=322575359&gjid=326820281&_gid=402388039.1616672577&_u=aGBAgUArCAAAAE~&z=1016143993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Mar 2021 11:42:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.xn--billigflge-heb.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
190 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=702429808&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&ul=en-us&de=UTF-8&dt=Billigfl%C3%BCge%20online%20suchen%20und%20buchen%20bei%20Billigfl%C3%BCge.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUArC~&jid=322575359&gjid=326820281&cid=103569291.1616672577&tid=UA-4756585-4&_gid=402388039.1616672577&gtm=2wg3h0TC7STVM&cd1=B&z=803611999

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 17:03:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67186
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
261 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1300660796615588&ev=PageView&dl=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&rl=&if=false&ts=1616672576906&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616672576898.767912319&it=1616672576789&coo=false&rqm=GET

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Mar 2021 11:42:56 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/879786597/ 42 B
138 B 21ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/879786597/?random=1616672576826&cv=9&fst=1616670000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&tiba=Billigfl%C3%BCge%20online%20suchen%20und%20buchen%20bei%20Billigfl%C3%BCge.de&async=1&fmt=3&is_vtc=1&random=1251621632&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/879786597/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/879786597/?random=1616672576826&cv=9&fst=1616670000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&tiba=Billigfl%C3%BCge%20online%20suchen%20und%20buchen%20bei%20Billigfl%C3%BCge.de&async=1&fmt=3&is_vtc=1&random=1251621632&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-4756585-4&cid=103569291.1616672577&jid=322575359&_u=aGBAgUArCAAAAE~&z=1820365190

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-4756585-4&cid=103569291.1616672577&jid=322575359&_u=aGBAgUArCAAAAE~&z=1820365190

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame A59F 597 B
1 KB 117ms
48ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master cdg-pixel-x27 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 11:42:57 GMT
Server: MT3 3611 f10363c master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Thu, 25 Mar 2021 11:42:55 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame A59F 597 B
1 KB 123ms
54ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master cdg-pixel-x24 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 11:42:57 GMT
Server: MT3 3611 f10363c master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Thu, 25 Mar 2021 11:43:51 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame A59F
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

62ms
20ms

Script
application/x-javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:57 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 14:31:38 GMT
server: nginx
etag: W/"605b4d4a-13e1b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Thu, 25 Mar 2021 11:42:57 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3-Q050

200

activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541 Show response
5994599.fls.doubleclick.net/ Frame 547B
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541?

391 B
1022 B

230ms
181ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

c3b47db4d1d8706fa3ef95574344ea6b127db9f27e9bff74525f266b3abb780f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Mar 2021 11:42:57 GMT
expires: Thu, 25 Mar 2021 11:42:57 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
set-cookie: IDE=AHWqTUlsVPEK7pAiaSTrydC4Tj10LjTH2NPX4hOHkp-LkU8Dzl0S2LGrFjL3RVTN; expires=Tue, 19-Apr-2022 11:42:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Mar 2021 11:42:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame A59F 43 B
480 B 45ms
44ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master cdg-pixel-x27 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 11:42:57 GMT
Server: MT3 3611 f10363c master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Mar 2021 11:42:55 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame A59F
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=426037408664&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--billigflge-heb.de%...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=426037408664&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--billigflge-he...

111 B
593 B

20ms
20ms

Script
text/javascript

37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=426037408664&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:57 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=426037408664&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
149 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1300660796615588&ev=Microdata&dl=https%3A%2F%2Fwww.xn--billigflge-heb.de%2F&rl=&if=false&ts=1616672577409&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Billigfl%C3%BCge%20online%20suchen%20und%20buchen%20bei%20Billigfl%C3%BCge.de%22%2C%22meta%3Adescription%22%3A%22llll%E2%9E%A4%20Hier%20finden%20Sie%20g%C3%BCnstige%20%E2%9C%88%20Billigfl%C3%BCge%20%E2%9C%88%20Jetzt%20Fl%C3%BCge%20im%20Flugpreisvergleich%20vergleichen%20und%20sparen%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Billigfl%C3%BCge%22%2C%22og%3Adescription%22%3A%22llll%E2%9E%A4%20Hier%20finden%20Sie%20g%C3%BCnstige%20%E2%9C%88%20Billigfl%C3%BCge%20%E2%9C%88%20Jetzt%20Fl%C3%BCge%20im%20Flugpreisvergleich%20vergleichen%20und%20sparen%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.xn--billigflge-heb.de%2F%22%2C%22article%3Apublished_time%22%3A%222015-02-04%22%2C%22article%3Amodified_time%22%3A%222018-05-03%22%2C%22og%3Asite_name%22%3A%22Billigfl%C3%BCge.de%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616672576898.767912319&it=1616672576789&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.xn--billigflge-heb.de
URL: https://www.xn--billigflge-heb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.xn--billigflge-heb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:42:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Mar 2021 11:42:57 GMT

GET
H2 200 dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541
adservice.google.com/ddm/fls/z/ Frame 547B 42 B
118 B 41ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKjdu9Wuy-8CFapmFQgdS7sEdQ;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6915331185270.541?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 11:42:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame A59F 43 B
635 B 43ms
43ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3611 f10363c master zrh-pixel-x29 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 11:43:07 GMT
Server: MT3 3611 f10363c master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Mar 2021 11:43:06 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xn--billigflge-heb.de/	1970-01-19 19:14:08	Name: _fbp Value: fb.1.1616672576898.767912319
.xn--billigflge-heb.de/	1970-01-19 17:04:32	Name: _dc_gtm_UA-4756585-4 Value: 1
.redintelligence.net/	1970-01-19 19:14:08	Name: 8lcfmzhxc8d6_uid Value: 5ac2b37d4cdf3578
.xn--billigflge-heb.de/	1970-01-19 19:14:08	Name: _gcl_au Value: 1.1.1706081142.1616672577
.xn--billigflge-heb.de/	1970-01-19 17:27:56	Name: _uetvid Value: 3e1a04908d5f11ebbd3a6f1d025e8128
.xn--billigflge-heb.de/	1970-01-19 17:05:58	Name: _uetsid Value: 3e1910608d5f11eb9be651a5a33b5d0b
.xn--billigflge-heb.de/	1970-01-19 17:05:58	Name: _gid Value: GA1.2.402388039.1616672577
.doubleclick.net/	1970-01-20 02:26:08	Name: IDE Value: AHWqTUlsVPEK7pAiaSTrydC4Tj10LjTH2NPX4hOHkp-LkU8Dzl0S2LGrFjL3RVTN
.xn--billigflge-heb.de/	1970-01-20 10:35:44	Name: _ga Value: GA1.2.103569291.1616672577

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.xn--billigflge-heb.de/wp-content/cache/minify/7/4e1a2.js(Line 5) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
adservice.google.com
bat.bing.com
connect.facebook.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
ibe.xn--billigflge-heb.de
pixel.mathtag.com
s2.adform.net
stats.g.doubleclick.net
track.adform.net
www.ad4mat.de
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.xn--billigflge-heb.de
136.243.106.203
138.201.220.30
172.217.16.134
172.217.23.98
184.30.20.207
2600:9000:2182:b000:f:8ce2:fb80:93a1
2606:4700:3033::ac43:944f
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a01:4f8:1c0c:81e4::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.157.2.235
37.157.5.72
0130ea8a08dd3bcab2017fc61d4f1322424f34e66e63ff22d65a9010713bc3ec
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a8f5a691f57985581257ce78bb23acfd133857ffd3af0d790285f3e89c9dd8
07f86f5cb2ba26f19ff108c5d344e0d7f432ced9678353a7dff0ff9846a26ba3
08173f1a8e3b0cddbf9e07e3ae512eccb6a7cfd3067f4663dbd6738e8f9d65a8
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10a33855fac9480e13e709abb67b5a05ceed2388aca9f936eac4817ef64e7f11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125bb06e93ac769ab012e3136f0afe4da548bbf1061f2746c129ff65730640f0
25c9f9eb9e7a82c5f65ed7697ec1a23b7fbc518937c1dd36805128756ed0e3df
2a9e85565ab6e66ceeee929245b2e2a36aba7f3950f1bc68cf60b3cec853d616
31d2f864f7a6ea1f518e3aedb2bc4d2965dfc99fac44e5ef6cf1369300401a48
32e827ff87732f7914103d94e2b55ee79ce31d4dea6d0f812443dee4118415b8
48b4ff55e67848bc59fc6b877206d2759ef9aa9c0ed8ddb5d6b79e8526f46a99
4a3bc550e2976fb00630f6aa1876e2a5333db5429e819995898a82eeb4d81afd
4ab6939a9d9895efb4e58ab2de8a59c45fb5fa49eaa416b70a7ecc2328727c06
4fd34de3c5b6d782942eb801786c4618e2268f308ef38d6bb6399c677cf69f10
50c80894ba5ef0210fbbdb0359a1f58eb521d72a2660bae40e6272f9f002676e
63300a1738f39c98d282fdeff006358830ec7df05707c715099729d585a2b374
648a4695cde3b231a7dc10e39c606e118337f32bc976f7d9b2a135c8c23b8f17
6981fd093e7218b1b936e42c7b7a8ebc18426e33d4f7e103d5740a2cbe8837df
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
7425b1783b2b0c6b8ea5527b2248f84cb397be7eade6177b282a17c2edc9149a
7499b56dc242b94ec613a4b326861d054d75d1d0be497c6268302ad427970cff
7815f1d38d1b5e4fae67d3fcf835aa78df6e48245ef7e3d235aa8845a9b32f19
7a3dbef470bf0e1369cbe291a9c1218eaae3a2a3938084e362bf91c796605cd4
7b578dde0dd25d3c66da3b941efedbfac278f65a8a36b705f5da9debf44012e0
7ff14c3d217cc2205c38d7ec40c21c27d7241a4fd2a92292911d4bdee65991e2
81bb545b9cc4846d0df8ff63a9f516fa0478bad5522919963ac0d9bf97f7c603
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843707667a6ac5ce2ba44514f9298ee01002f72aa64d4b59fd4d068499c69ea6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d2c09b24f29d3b10a7e036722d349e2a44d9529fb46993bd041d0340b59fff8
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
92ffd641f88372e406522acb7fd2360279848c3fbcf6bd5b90c0c13b062f4437
97836b27768d0e3723ae5b18a26387e6b5b9697a66d224c4787f4a34921306b0
9a3b1d68b2d515da2d3512486a7650abc9f39297fe4b54db6cc25d3f9d97bdaf
9de14c4b9de2ebe3e3b98cb6868d504841a0f27c3404a5c43f8dafb41ac801c6
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a08cefcdee32e9776b146ef69e614682004352a21c37fc4ddae936580db27973
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1de2195d7e1233fd81918f8e39cc0da8b9bf16ca75813a9befe871bbe8361cf
b2b7f2b3d459287f887b0dea11b6423cb0b40d98ee5e5b9a0f41d788185d8889
b54260f45b1efe4c588407f22a13af93d7f88b797541541f4731753dbdd97f3f
bae4683863642084a60bc1fb6c944db63e358acf809bdf2b1c3486dbcbdf6351
bbff0182d1a1f1af97f7a7d94badc0a4df084f50c09a6213f59fa5305dc120d9
bd78975408b4db8440f8dab32512930e91b27fa1f4fa1c66462da84becfdb59d
bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412
c3b47db4d1d8706fa3ef95574344ea6b127db9f27e9bff74525f266b3abb780f
c9d961151e24b5ef8fbdc50e2518417bdc71b1789f74bc11f8b58d33b95d2a59
ca77dde54c1e1ad860a110847a8e22622c9e7ad96eb51127fc6f9b3070916836
cffb6b1c3384f31690fce3f8050f7325238b79b2ad6ce8ba82c879716d9f9c3b
d1da5b16e5ce5faccaa252e155d7e67489d1efb96f38019ad3b42255692c9127
d36f88639070d02081f7934671d25407c9e52c0e9ac2652720486c3635ef64ad
d89faebb1d969f7b296ba93164a203165491ce967dd42ba351c14f43013efe7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edec770ab0b7ed3376fb6878c4802b7fdb138528822404483f094cd078c1e4bf
eed458bb02effed201a74a662984476f8e2576b5904bbb927d53cde4d7eaddb4
eedc7581ecfd9bb57b1af16ad7ad4428aa147de4f08e01f49a768c801a29de84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f90677a87eef94484c52fd888e1a8f744c18c459752412c30cefe3a5dc94f85c

www.xn--billigflge-heb.de Open in urlscan Pro Puny www.billigflüge.de IDN 2a01:4f8:1c0c:81e4::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

65 %IPv6

15 Domains

20 Subdomains

19 IPs

4 Countries

5872 kBTransfer

7117 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xn--billigflge-heb.de Open in urlscan Pro Puny
www.billigflüge.de IDN
2a01:4f8:1c0c:81e4::2 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

5872 kB
Transfer

7117 kB
Size

9
Cookies

70 HTTP transactions
0 data transactions