www.k-bettel.de Open in urlscan Pro
195.201.125.43  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

• https://www.traffic-master.de/traffic.php HTTP 302
• https://www.dondino.de/?ref=83238 HTTP 302
• https://www.dondino.de/

Request Chain 147

• https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cudjJsb2FkLmRlL3IyY29tLmh0bWw/djI9YXV0bw== HTTP 301
• https://www.v2load.de/r2com.html?v2=auto

Request Chain 148

• https://bk.adcocktail.com/bk_rota_v.php?tan=MzMzNzd8ODc5MTJ8MTk5OTE0fDE2NjA0Mzg5Mzg= HTTP 302
• https://www.spiele.links2000.de/links2000.gif

Request Chain 209

• https://www.lcmmedia.de/kamp/b_inad_view.php?uid=1&bid=6&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= HTTP 302
• https://www.onlineflat24.de/img/werbebanner/onlineflat24_468_3.gif

Request Chain 210

• https://lcmmedia.de/assets/ico/werbung.png HTTP 301
• https://www.lcmmedia.de/assets/ico/werbung.png

Request Chain 222

• https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1023&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= HTTP 302
• https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144

Request Chain 223

• https://lcmmedia.de/assets/ico/werbung.png HTTP 301
• https://www.lcmmedia.de/assets/ico/werbung.png

Request Chain 224

• https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1023&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= HTTP 302
• https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144

Request Chain 225

• https://lcmmedia.de/assets/ico/werbung.png HTTP 301
• https://www.lcmmedia.de/assets/ico/werbung.png

Request Chain 236

• https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlL3Nob3AvZW1haWx3ZXJidW5nLmh0bWw/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1sY21tZWRpYTZuJnV0bV90ZXJtPW9ubGluZWZsYXQyNCZ1dG1fY29udGVudD1iYW5uZXItYWQ= HTTP 301
• https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad

Request Chain 237

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 315

• https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1025&sid=15&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== HTTP 302
• https://h.premiumsim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=3388

Request Chain 316

• https://lcmmedia.de/assets/ico/werbung.png HTTP 301
• https://www.lcmmedia.de/assets/ico/werbung.png

Request Chain 318

• https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1002&sid=15&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== HTTP 302
• https://h.sim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=6637

Request Chain 319

• https://lcmmedia.de/assets/ico/werbung.png HTTP 301
• https://www.lcmmedia.de/assets/ico/werbung.png

336 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
17 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response www.k-bettel.de/	11 KB 4 KB	126ms 44ms	Document text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash b327ca76d8e44571932b8bcca27068b3d3ed409fb572158db582e0622e1d031f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Content-Encoding gzip Content-Length 3690 Content-Type text/html; charset=UTF-8 Date Sun, 14 Aug 2022 01:02:16 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	main.css www.k-bettel.de/css/	7 KB 2 KB	31ms 30ms	Stylesheet text/css	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/css/main.css Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 9a3430ee32938603e921cf7c2450a61850dc584382d417d771dbf2bbbbf2d64c Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:16 GMT Content-Encoding gzip Last-Modified Fri, 03 Apr 2020 11:15:05 GMT Server Apache ETag "1aa8-5a26107816040-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1361
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	81ms 22ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 13:14:12 GMT content-encoding gzip x-content-type-options nosniff age 42484 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Aug 2023 13:14:12 GMT
GET H2	200	jquery.modal.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/	5 KB 2 KB	83ms 33ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2249031 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1399 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-1359" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN3vm%2BpUOJKg3WDUVFCw3DiwPoUULefwIqaavG7rxJM%2BqFqqOllrQZ2HgzELarbMfbLdcBbS9kxvT3DzCoXvelS7dYwFnqa0IVFUok9xCmABHPLbdCmz8shJz7RhJmRoxk1oBbVWJkzQTz%2BKQ6Ew5TN1"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 73a5c39bad4d692b-FRA expires Fri, 04 Aug 2023 01:02:16 GMT
GET H2	200	jquery.modal.min.css cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/	3 KB 2 KB	82ms 31ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 880119 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1541 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-c81" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrXJTOg2mYexb5SCVqLg%2BVgIHInZ7QDApwBUVp44%2FfrJnSHUqym8%2FHG3LJbHKAYJm2NuDLV777JU%2FH%2BfOmdxP1dHL4YTWOh9CBNDFRw3wkkH5qA4rOe7PZ%2BjOe8wpLSDas6VDABCvJ43LMG3tdEbDSVO"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 73a5c39bad4a692b-FRA expires Fri, 04 Aug 2023 01:02:16 GMT
GET H/1.1	200 OK	script.js Show response s3.amazonaws.com/valao-cloud/cookie-hinweis/	4 KB 5 KB	479ms 130ms	Script application/x-javascript	54.231.137.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.137.168 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 1005c8fedd97888320a06c0fff6bd454c0256e9b021f367fd40e00d4c5d05a90 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:18 GMT Last-Modified Fri, 25 Nov 2016 10:04:09 GMT Server AmazonS3 x-amz-request-id KXEJEHNE6GDB1FG0 ETag "9f90654a8f604d63de9dd294259e6eff" Content-Type application/x-javascript Accept-Ranges bytes Content-Length 4605 x-amz-id-2 N0xNvULp0p6ZLxqNz6swEvOorHgbvzRpZux1KC/N/wETcWxpL0BkskAyx/aysqhs9HQrv7bER6w=
GET H2	200	TmFvVWxmQXhhbTA9.js Show response cdn.adsfcdn.com/js/	3 KB 2 KB	104ms 33ms	Script application/javascript	2606:4700:3035::6815:2c75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adsfcdn.com/js/TmFvVWxmQXhhbTA9.js Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2c75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90d6a585982bddd8eb45578ec3c3e160e799b70d1f1403eb854113d713bcffb2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 25679 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 09 Jul 2022 04:29:32 GMT server cloudflare etag W/"62c9042c-d7b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiC2sEs9H%2F9yJdqCBJ3WtPIhBss0bu%2FUyTYJ3DKvb%2Fp6GYLBXlx3bbVxu1EhrLdSKiV1Asf%2FJbJa32Vly6BT47AuC38yxCC%2FvjcIjPhhOXi68kzSh3zOQxW4TiXxi%2F5dVgTQaKcwE%2FmfZJm%2BCtQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 73a5c39c880592b3-FRA expires Sun, 14 Aug 2022 05:54:18 GMT
GET H2	200	1663200 Show response ad.a-ads.com/ Frame 9386	12 KB 5 KB	128ms 40ms	Document text/html	148.251.13.139 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1663200?size=160x600 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.139.13.251.148.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash f0f6bd3dbe15fcfaeae197fd921b57ac75faa24d5a1e9188fbcd561c2f4d2403 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.k-bettel.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html;charset=utf-8 date Sun, 14 Aug 2022 01:02:17 GMT server nginx status 200 OK vary Accept-Encoding Accept-Encoding x-content-type-options nosniff x-original-referer https://www.k-bettel.de/ x-powered-by Phusion Passenger(R) x-robots-tag noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
GET H/1.1	200 OK	bg.png www.k-bettel.de/images/	288 B 556 B	28ms 27ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/bg.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 8ab9651d86fabc7afb2a8cabc53f7405fa5f76429f18f1e130d55299cf49a3e0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:16 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "120-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 288
GET H/1.1	200 OK	header.png www.k-bettel.de/images/	35 KB 36 KB	112ms 27ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/header.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 6dfdcf0eb87568f6932cf08416883f068da0d0aea43f2145c84c19fef3875fac Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 25 May 2020 11:36:45 GMT Server Apache ETag "8d1b-5a67764bd4d40" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 36123
GET H/1.1	200 OK	topLoginBg.png www.k-bettel.de/images/	704 B 972 B	115ms 27ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/topLoginBg.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 8b0af1e9c36b25fc9fcce648791ea2733cc6993def386bc43f8010b8b3361f7e Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "2c0-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 704
GET H/1.1	200 OK	topButton.png www.k-bettel.de/images/	215 B 483 B	111ms 28ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/topButton.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash dea4747dc69f7e1119b6f74a6dea0d005cba3a629b3dd1d2f027bc181080ed02 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "d7-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 215
GET H/1.1	200 OK	mainBg.gif www.k-bettel.de/images/	98 B 365 B	113ms 27ms	Image image/gif	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/mainBg.gif Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 355c7345608f3f18f08822ebc9fd202de5f0acc98bf4f0c38b7d9f155406e546 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "62-4ca767b64d500" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 98
GET H/1.1	200 OK	navTop.png www.k-bettel.de/images/	208 B 475 B	128ms 23ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/navTop.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 58156352388e882df8698362691be19546360706d7b8469e375e6bd419ed216a Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "d0-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 208
GET H/1.1	200 OK	navMid.png www.k-bettel.de/images/	192 B 459 B	42ms 28ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/navMid.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 4d8c7e063a3280ec8b2ef850a878741b1bdfab56301198493203b252d4885d47 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "c0-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 192
GET H/1.1	200 OK	navFoot.png www.k-bettel.de/images/	236 B 504 B	66ms 27ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/navFoot.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 112e3a5de62417009e7744581cd39b6a8a3b1a4d23dfca29b2791ac9150d97e4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "ec-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 236
GET H2	200	623c55576a92bc002503d00b.js Show response cdn.bmcdn3.com/js/	7 KB 4 KB	176ms 114ms	Script application/javascript	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn3.com/js/623c55576a92bc002503d00b.js Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cd229102934fb22e8a785f49487ed7ff169db4cc10707a554204fad207dcd0b Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding br accept-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC access-control-allow-methods * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLKodfhefWGp9M7pXKVdHjWC75hzZIKXU%2B5efn7PUDvs6u%2F4bbk8Ez%2F9c0Gl78MaL2plo%2FPae9x7au7T78IP9jXrj1L6CRu7Nyhqe3y5EabkcsaSZLRafNM3qdtdcfYe0GUsrxV%2BSPayhN0U"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=1800, public cf-ray 73a5c39c9e7b9191-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Sun, 14 Aug 2022 01:32:17 GMT
GET H2	200	/ Show response www.dondino.de/ Frame 3752 Redirect Chain https://www.traffic-master.de/traffic.php https://www.dondino.de/?ref=83238 https://www.dondino.de/	141 KB 19 KB	74ms 74ms	Document text/html	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/ Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 06cc5f75903dcc0cd1edbe8bea580774e536bf70c9507d12f6e280182a2703c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.k-bettel.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, private max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:17 GMT expires Sun, 14 Aug 2022 01:02:17 GMT server Apache vary Accept-Encoding x-content-type-options nosniff x-ua-compatible IE=edge Redirect headers cache-control no-cache, private max-age=0 content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:17 GMT expires Sun, 14 Aug 2022 01:02:17 GMT location https://www.dondino.de server Apache x-content-type-options nosniff x-ua-compatible IE=edge
GET H2	200	ptp-1-1675-30-48-sh Show response www.shimly.net/public/ Frame 1A46	65 KB 25 KB	363ms 38ms	Document text/html	157.90.5.183 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.shimly.net/public/ptp-1-1675-30-48-sh Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.90.5.183 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mnode1000.your-node.de Software Apache / Resource Hash c4473ee44e6003e499f175dbeafd273d084431735943e38ac47699ea2a38b6db Request headers Referer https://www.k-bettel.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 25674 content-type text/html; charset=utf-8 date Sun, 14 Aug 2022 01:02:17 GMT server Apache vary Accept-Encoding
GET		pop.php www.k-bettel.de/popup/	0 0
GET H2	200	623c565afdbfc7001a590989.js Show response cdn.bmcdn3.com/js/	7 KB 4 KB	181ms 121ms	Script application/javascript	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn3.com/js/623c565afdbfc7001a590989.js Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93429c8509efb7422dc951c9dfe63f720d35740dc666921ca15819cf3288c76b Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding br accept-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC access-control-allow-methods * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBWAUq6g9o%2BbZHsTyFJC8TlBYzwU%2FRez8vLVmCMLTWhgfm3CTgasJ11uyoMdywUB6B%2FMB3imdzawVJtY2D7gJXO0asE2Tfq3V344GTw%2FbSPdc5pYknOK4KPgg3O8NebfM9JUUAwx1h87Fw6L"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=1800, public cf-ray 73a5c39c9e7d9191-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Sun, 14 Aug 2022 01:32:17 GMT
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	152ms 26ms	Script application/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 00:57:36 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.120.0/27 etag "-375139978" x-cacheable Matched cache content-type application/javascript; charset=UTF-8 x-cdn-pop sbg accept-ranges bytes content-length 4364 x-request-id 666042412
GET H/1.1	200 OK	contentTop.png www.k-bettel.de/images/	237 B 504 B	86ms 27ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/contentTop.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 2f058ccfb327a7cf0dde901af6d91c6b1746a8d1973cdf0ea0ad3f20c79a953a Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "ed-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 237
GET H/1.1	200 OK	contentMid.gif www.k-bettel.de/images/	81 B 347 B	63ms 29ms	Image image/gif	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/contentMid.gif Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 3ac732713cf8fc2da12ba94466c376da1bc1e8a578dcea4bea07002fc4b5c9a0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "51-4ca767b64d500" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 81
GET H/1.1	200 OK	contentFoot.png www.k-bettel.de/images/	101 B 369 B	58ms 27ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/contentFoot.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 527ed4d3ebd6f355eb419dc4938f830f5c879f79056f321987206fcfdb2f1fd4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "65-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 101
GET H/1.1	200 OK	countmid.png www.k-bettel.de/images/	94 B 360 B	86ms 28ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/countmid.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash cae403eab5a179ee8b09a9b2c7e42916c54614c2cd1f49395090327f30e008a3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "5e-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 94
GET H/1.1	200 OK	footer.png www.k-bettel.de/images/	467 B 735 B	24ms 24ms	Image image/png	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.k-bettel.de/images/footer.png Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash 1822b7ed8626dee6c169e5b07b8db2d673c1ffa51fb108d4ecbfeda89d784979 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Last-Modified Mon, 24 Sep 2012 18:08:52 GMT Server Apache ETag "1d3-4ca767b64d500" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 467
GET H2	200	160x600 static.a-ads.com/a-ads-banners/393781/ Frame 9386	663 KB 664 KB	57ms 30ms	Image image/gif	148.251.13.139 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/393781/160x600?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1663200?size=160x600 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.139.13.251.148.clients.your-server.de Software nginx / Resource Hash 657af98b6829d7b412a5c5b69f5f86fdcf98aca10ed8e7f0b5a6b9558071ee3e Request headers accept-language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT last-modified Tue, 31 May 2022 13:36:40 GMT server nginx x-amz-request-id S4N91XNH20TF4F0M etag "be74ac110e715286295dca6083c0d2a7" content-type image/gif cache-control max-age=315360000 x-amz-replication-status COMPLETED content-length 679079 accept-ranges bytes x-amz-version-id IqF_AcCFiT4rzay4H.z3QpoKMh_R2ZHV x-amz-id-2 ULfbWRaHiKgOqveAjgNkEKFPO8bQDv7iYmGGvePOJnMXtGGpkAjLDStiFtt2Qd1Uswzcyipytps= expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated / Frame 9386	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	4631295.php Show response s4.histats.com/stats/	95 B 229 B	405ms 111ms	Script text/html	192.99.13.63 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/4631295.php?4631295&@f16&@g1&@h1&@i1&@j1660438937138&@k0&@l1&@mK-Bettel.de%20-%20Bettel%20dich%20reich!&@n0&@o1000&@q0&@r0&@s328&@ten-US&@u1600&@b1:3264316&@b3:1660438937&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.13.63 , Canada, ASN16276 (OVH, FR), Reverse DNS ns504751.ip-192-99-13.net Software / Resource Hash b98032b1dc833b09926ee1bcfcb9bbb841d3d7fae7c7a43c5fb59535b450db87 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:17 GMT Connection close Content-Length 95 Content-Type text/html;charset=UTF-8
GET H2	200	gtm.js Show response www.googletagmanager.com/	128 KB 48 KB	89ms 33ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TVL985 Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 912b3e744bdea53a5ca1e478a8f9960328813c24540d487bb458e8557850a2d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48171 x-xss-protection 0 last-modified Sun, 14 Aug 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 14 Aug 2022 01:02:17 GMT
GET H2	200	901405584196.js Show response cdn.bmcdn3.com/js/source/	50 KB 17 KB	202ms 202ms	Script application/javascript	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn3.com/js/source/901405584196.js?v=1.0.2 Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/js/623c565afdbfc7001a590989.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b6f4084e9e0587e95e25d42850922ddf7c84ff9eebb629a3a05cba82282c177 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding br accept-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC access-control-allow-methods * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UC9txqp0O4kwydkU8cQnHRzDL%2FfIR1QNNaBqB4bks80%2FPM6Wj7PRMb%2FvjwZCkiXoEnujkuKlF4h0n5E68WzgZ3Uz9i0K6bRhgXSNyttTgfd%2F7lTUj%2Bl0raXq2TJ1bRbO6syqKC8b6uXxOvS7"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=1800, public cf-ray 73a5c39e5fce9191-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Sun, 14 Aug 2022 01:32:17 GMT
GET H2	200	frontend.css www.dondino.de/css/ Frame 3752	167 KB 33 KB	38ms 37ms	Stylesheet text/css	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/css/frontend.css Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash e85c8b6551cbb49e7b116401accfa42cf26ee54f52ae8ba776b08182698f026b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:16 GMT server Apache vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 33490 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	dondino-style.css www.dondino.de/css/ Frame 3752	100 KB 18 KB	36ms 35ms	Stylesheet text/css	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/css/dondino-style.css Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash f5ca2e345e8a8959b02f20919b447cc6a4cd0a3e7963fc33affce34f8b06c734 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:16 GMT server Apache vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 18580 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	owl.carousel.min.css www.dondino.de/assets/vendors/owl-carousel/ Frame 3752	3 KB 1 KB	33ms 32ms	Stylesheet text/css	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/assets/vendors/owl-carousel/owl.carousel.min.css Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash cf009f0ae38853ad020e29ff21e0d751a5bd167b1614c1aa691984e5692dc9c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 923 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	owl.theme.min.css www.dondino.de/assets/vendors/owl-carousel/ Frame 3752	1003 B 513 B	34ms 33ms	Stylesheet text/css	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/assets/vendors/owl-carousel/owl.theme.min.css Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 39e44fd143cb0119d24c21d94036649bb153017eb6e7c94e70c4b132ef2f535f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 478 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	jquery-eu-cookie-law-popup.css www.dondino.de/assets/vendors/ Frame 3752	2 KB 649 B	34ms 34ms	Stylesheet text/css	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/assets/vendors/jquery-eu-cookie-law-popup.css Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 2581ed2d4bc43877fbd2f16ea5da6db6a3e798f40f79facf61d93d9ced68fb19 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 614 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	logo.jpg www.dondino.de/assets/images/ Frame 3752	6 KB 6 KB	61ms 44ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/assets/images/logo.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 2e21921465ec67a7bf4afa2504a7cdd32828aead71e92a76bb0728067ccbc7e3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 6488 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	dondino-mitlgieder-werden.png dondino.de/images/ Frame 3752	14 KB 14 KB	131ms 30ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dondino.de/images/dondino-mitlgieder-werden.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 68f69cabce8d8d443433b8ea4bbd3ddbc1466b98008918867140b2a95417228f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 14266 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	tablet.png www.dondino.de/assets/images/icons/ Frame 3752	9 KB 9 KB	60ms 44ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/assets/images/icons/tablet.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash aea0806b6468f8327d5fabc41b73524f04746db9bccdc2a143b56de088a462db Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 9350 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	online-shop-6.png www.dondino.de/assets/images/icons/ Frame 3752	10 KB 10 KB	61ms 45ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/assets/images/icons/online-shop-6.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 7197f19bcb6b9be93e068872c3782bc0512295f15f69f0f64c78017d88f86d9a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 10080 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	money.png www.dondino.de/assets/images/icons/ Frame 3752	10 KB 10 KB	62ms 46ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/assets/images/icons/money.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 6173f4b9e562485ab5d53cde3b83b6c497b832d2bfd1ead2a76ae7e27fa26141 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 10429 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16497898691943735418.png www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	62ms 46ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16497898691943735418.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 6d0fe9b8afca061ee6eaf6e70a4db6b5f10bb041b0ba470152bc0f13a0ef2cdd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Tue, 12 Apr 2022 18:57:49 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5525 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1561970603823758258.png www.dondino.de/images/shops/ Frame 3752	7 KB 7 KB	66ms 49ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1561970603823758258.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 445c76c929748dc5a7651cf799ae47b4e434eaf9d3a5b8fb2d8a20c907fe4321 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 7030 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16465589181406989902.png www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	65ms 49ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16465589181406989902.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 6c756537f0f31c219d34fbb97d8c18a1f54ddb1c321aafe5cc9b359202be1228 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sun, 06 Mar 2022 09:28:38 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3172 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1643738137907944278.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	66ms 50ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1643738137907944278.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 0e72b1690d32c3843c52a43ed101cd2c740c84c77ade8db3f7c39ac679b5ffe6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Tue, 01 Feb 2022 17:55:37 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3888 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16504400662138175751.png www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	67ms 51ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16504400662138175751.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 95c7494292bcce885cb323d88801e6719b3edd7e7c7a55324731c5a384ca96ca Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Wed, 20 Apr 2022 07:34:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4881 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1644920587233124596.png www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	67ms 52ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1644920587233124596.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 9bc2f5cacd9c3107245d0eb4e5f8dbc78ff6c71a81c56401f8b22b51343ebabe Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Tue, 15 Feb 2022 10:23:07 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5370 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1646558158875569792.png www.dondino.de/images/shops/ Frame 3752	1 KB 1 KB	68ms 52ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1646558158875569792.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 656cc6f647989fcac1cd25f2f1fac17af0bf99e796df23c890e399b214e453fe Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sun, 06 Mar 2022 09:15:58 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1357 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15510308081432168809.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	68ms 52ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15510308081432168809.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 98a22562017e434138e769929f444d0be6d7be087cd129cb69d6581e5bed014f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4170 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16450413291023097879.png www.dondino.de/images/shops/ Frame 3752	2 KB 2 KB	68ms 53ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16450413291023097879.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash a61412f9dce65d78b4cc243be98cb0daca492e3f3ed002c389ac09ea9c41ce3b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Wed, 16 Feb 2022 19:55:29 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1890 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1505154278959481867.jpg www.dondino.de/images/shops/ Frame 3752	15 KB 15 KB	68ms 52ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1505154278959481867.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 4ad5d802d6f42f30e798ee2e22d376ae16db1d49f6417777605b5516133a916f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 14874 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1505154697179222129.png www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	72ms 57ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1505154697179222129.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash ce39a5dc694ee1cdb382e390f62eaa8ea0eb511aff7f868b25ea08b059c5e3c2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3381 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16450122221547564016.png www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	68ms 54ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16450122221547564016.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash b38cb47d3feab566bcdd278597408865bca93f7a1c2aecc9c25bcacda0158ba2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Wed, 16 Feb 2022 11:50:21 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3304 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16454440682096514857.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	67ms 53ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16454440682096514857.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 75c04168da7df7e26ce32c0241d4bcd1cdc1d51ab1cbb16122336315a2901fc4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Mon, 21 Feb 2022 11:47:48 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3592 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1643739778554921611.png www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	72ms 58ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1643739778554921611.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash ffb048393bfc717578a5b19c4b5f7c456254d0c2c00bf39c4088d0be8c64e80e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Tue, 01 Feb 2022 18:22:58 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4857 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16120918711165045585.png www.dondino.de/images/shops/ Frame 3752	7 KB 7 KB	68ms 53ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16120918711165045585.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash f7ecfeda2faf7656d2c766010a399875ebbd1526cf6e756fa084053a5e8dec54 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 7022 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1596451238613029120.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	74ms 60ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1596451238613029120.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash dd00734f9327bbf8804e56e0a36cac18b007f2d510754a3b54cf33bfc73f3b30 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4400 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	156967867280621545.png www.dondino.de/images/shops/ Frame 3752	7 KB 7 KB	68ms 54ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/156967867280621545.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 82880755a00f7b1d65aaea7a22cd7f826180754804e19d6aac57065d7e7927cc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6971 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15878183831273763885.png www.dondino.de/images/shops/ Frame 3752	6 KB 6 KB	70ms 56ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15878183831273763885.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 7137930dd295ddcc3d2319e1f2fd81d32501aeda6963b62849db3b54749e60d6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6393 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1614244558106700378.png www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	71ms 57ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1614244558106700378.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 06b6ab1a4f1dc065ce99c0957ea65c9f1ff9260d7ead5b9c03c2502278228337 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2736 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15696872132106878571.png www.dondino.de/images/shops/ Frame 3752	3 KB 4 KB	71ms 57ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15696872132106878571.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash bfa86fc9014155817c6484ad05d2d998a758cb100fa5f45e0ac1a5d85c8b1f88 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3556 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1585048020707342588.png www.dondino.de/images/shops/ Frame 3752	11 KB 11 KB	71ms 58ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1585048020707342588.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 02e7916b0e56f0f56821a7250faa4bef7b20aa2cdc96de2fa419cbb292589abc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 11594 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1582480788652486275.png www.dondino.de/images/shops/ Frame 3752	10 KB 10 KB	72ms 58ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1582480788652486275.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 19990a0eb9472ab89d4796f7b29679c54e6baf9d8a17bebe294df55da58a18ea Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 10535 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1583074721865223732.png www.dondino.de/images/shops/ Frame 3752	2 KB 2 KB	72ms 59ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1583074721865223732.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash c483d674ce97193e4d624688e1f17e9771c142b7ec22f86b4346fea382360fba Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1918 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15766679811218723427.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	72ms 59ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15766679811218723427.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 0db8219ef9bbc6e0437d24db349c081d5b68ea9f3159d913afb6b918fd5a3c77 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3735 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15797955641812474823.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	72ms 59ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15797955641812474823.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash a5241d37dd031782d4de2ff20e799a994345d14168ab607061c500a0dd3a32c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4449 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1579167844138119021.png www.dondino.de/images/shops/ Frame 3752	4 KB 5 KB	72ms 60ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1579167844138119021.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash d90287757a4e7da550cdb4223419249e4c01a7e792207250a04f3b48aa922101 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4561 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15699214062071344293.jpg www.dondino.de/images/shops/ Frame 3752	2 KB 2 KB	74ms 62ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15699214062071344293.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash f7fb964938924b89c412f9adb3f7b5f6c78df42df957090f013007e83a4208e7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 2164 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	16450413812143620755.png www.dondino.de/images/shops/ Frame 3752	2 KB 2 KB	79ms 67ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/16450413812143620755.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash a61412f9dce65d78b4cc243be98cb0daca492e3f3ed002c389ac09ea9c41ce3b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Wed, 16 Feb 2022 19:56:21 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1890 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1571140852793799322.png www.dondino.de/images/shops/ Frame 3752	7 KB 7 KB	72ms 60ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1571140852793799322.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 5dd78f388824725e56bdebf519592abde18336c73bed7e69464a7a178b68f42b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 7149 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1570270977351731257.png www.dondino.de/images/shops/ Frame 3752	2 KB 2 KB	72ms 60ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1570270977351731257.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash b125ed79de8303aab1c888c350570c4733a0e4d8748e53acb9c34808bb63ef8f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2088 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15699205241243902041.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	73ms 61ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15699205241243902041.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 0e503f001d2cc72a7a25dc52ae361ba4e990f59e23b1687712a1bea55df0e97f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3646 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15685541711906865185.png www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	82ms 70ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15685541711906865185.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash f52bd84902b46f71682f20d71fc55975ad4f827ac9f931a4e48efd264f12141d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2966 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15642224751276207492.png www.dondino.de/images/shops/ Frame 3752	12 KB 12 KB	73ms 61ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15642224751276207492.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 4a53367bcbdeda789785f0f99a989462b7179afd11ca705b36e97b4f2d0bbc98 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 11913 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15642098511226664622.png www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	73ms 61ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15642098511226664622.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash afbc6aa607874d8ad353628f585647532070f36f68f70fbf2112e01ac40e28ce Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4932 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1561017831847854718.png www.dondino.de/images/shops/ Frame 3752	2 KB 2 KB	73ms 62ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1561017831847854718.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 7296cd57b97a3239ec0496e31945bb44d6ce0569bfd624893e6136e66fa46bea Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2322 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1558254906222597986.png www.dondino.de/images/shops/ Frame 3752	2 KB 2 KB	73ms 62ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1558254906222597986.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash b2ab1cfd1d4bf2f1d483f91e606896323ed3740bec3c91b29d19e77f8da7d3f1 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1931 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1547744994154984575.png www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	74ms 63ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1547744994154984575.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 679c487f5b4061981ae390d82cafbd17dcb60026334ebc4223cd71b808b51d9a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2581 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15451385041975747126.png www.dondino.de/images/shops/ Frame 3752	7 KB 7 KB	74ms 63ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15451385041975747126.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 059d77c5fcce3c7d51fbae0b50825d4a86c1b1efa7c55584e4a86982673389e3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 7525 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1557820117289105234.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	74ms 63ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1557820117289105234.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 5532e83cdab88d5df67844d735ca084a284c83ac9fac1c34c04d561d1dd3c8ee Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3958 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15425411701263248665.png www.dondino.de/images/shops/ Frame 3752	7 KB 7 KB	74ms 64ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15425411701263248665.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 8e5ee8112ca1eb75a7b41ca3c160bdadf7cc066dc91feb6970d5124700cc4b36 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6873 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1517836911433225413.png www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	75ms 64ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1517836911433225413.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 99e74f3e43b644660238cd3f67a5f083e9701ed38a2c622717f9abce0fb70450 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4882 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15283751251390013208.png www.dondino.de/images/shops/ Frame 3752	6 KB 6 KB	74ms 64ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15283751251390013208.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash f91d3ae70a8d0fe3fd65bf37ad8fdea29b0372f7a682a0b948591e9061650ddc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5977 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1505155066324491820.gif www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	75ms 65ms	Image image/gif	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1505155066324491820.gif Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 44c87af5c1ca0df271dba9b8b7ced3a0bb52e52ed2ee22acb4b24e7e67218fcc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 3228 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	ziel.php Show response www.lcmmedia.de/kamp/ Frame 57A4	1 KB 926 B	115ms 42ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 29fab2cda3641ff0bef3b41ea3ce07c6b4466f851e9cdd9077ac99c289e2fdc1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.shimly.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 686 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:17 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET DATA	200 OK	truncated / Frame 1A46	35 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eaa27f6a15e3c7abdea0bf66d493852cf1a850bdf98435e59c85964ff0179983 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/png
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 1A46	95 KB 95 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 06:57:23 GMT x-content-type-options nosniff age 65094 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97163 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Aug 2023 06:57:23 GMT
GET H2	200	lay.php Show response l.adcocktail.com/ Frame 1A46	262 B 516 B	125ms 53ms	Script text/html	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l.adcocktail.com/lay.php?uid=87912&wsid=199914 Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ff40f1e4c6c35503fc63ac2d4a7b6a0b38fe1151f30a68f7ba942f4003fb525 Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sun, 14 Aug 2022 01:02:17 GMT server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 note CACHING IS DISABLED cf-ray 73a5c39f28cf5c2c-FRA content-length 174 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	1513856776590987938.png www.dondino.de/images/shops/ Frame 3752	1 KB 1 KB	81ms 71ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1513856776590987938.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 53a4646dc9c3893668f945bc2f35f904d6ecd1dde0b7f4a0e77c71bbffb296f2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1353 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15059173691012554789.jpg www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	75ms 65ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15059173691012554789.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 1ea9bff82e9e967cc30b2ca9be4fc57812029d20ba862bfdb21e133f47b36bd1 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 2766 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15161118202016466655.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	75ms 65ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15161118202016466655.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash b4322eabbb758ea26a99415812e8705c70f0994dcc6ef1f8f6972e0ddb0f1c79 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4309 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15169924399174928.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	79ms 69ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15169924399174928.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash f6c792e53d60042240a1a62ef65c0b88ed41cec6850bf1fc914bf3f69797485a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4264 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1511446054961893485.png www.dondino.de/images/shops/ Frame 3752	6 KB 6 KB	75ms 66ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1511446054961893485.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 1db7306968a54553d57cb367da09a21361571c2c3b0fcd73d71dbf38cbaf9c71 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5760 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	150515525065620218.png www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	75ms 66ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/150515525065620218.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 49e6687176cbc6efee29fe99ee2b9b7439dfdb4fd99c408b495884ca2dee0cf7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 3591 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1548067634409702428.png www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	75ms 66ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1548067634409702428.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 6366dc0470c7c2e3687018920123dcc8cab6444fc3a693b60f20dfc7aab1dcaf Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5402 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15051537521918215119.png www.dondino.de/images/shops/ Frame 3752	4 KB 5 KB	75ms 66ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15051537521918215119.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash eb9207b20f31b71b0e19df05193d2a2835abfcdf3702455f9c83a00febaa87d2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4569 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1505917686232213989.jpg www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	75ms 67ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1505917686232213989.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 4c974d7aa3366631f7e9f60b7426de5028765bbe2c1a9fae1743458a1c9d89ef Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 2623 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1505153964513423914.png www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	79ms 70ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1505153964513423914.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash df39559b8759150e899a68846ef602fea104b79fd2839628565d6a647693b265 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2701 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1505918839254670431.jpg www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	77ms 68ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1505918839254670431.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 453466163caea242127417007691f318932626c5051251a9a54ab24d6abda681 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 4842 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15059180481556463441.jpg www.dondino.de/images/shops/ Frame 3752	4 KB 4 KB	75ms 67ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15059180481556463441.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 93673de462ffd582777ca93698d516455fb3da0175253e0d6b7e22960fc8dcd9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3915 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	150591816316612592.jpg www.dondino.de/images/shops/ Frame 3752	7 KB 7 KB	76ms 68ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/150591816316612592.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash e60be2cd63b508c24a81381bbf2cb9c9522444403276f127cc970cc86daeb321 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 6740 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	1513857175458460625.png www.dondino.de/images/shops/ Frame 3752	8 KB 8 KB	76ms 68ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/1513857175458460625.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 920d52766eaa54a1468573a7e175cf41fba0f145e32d9d746d2fdbd6750ba0d2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 7831 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15059183311726302727.jpg www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	76ms 68ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15059183311726302727.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 4eac85aa307d2c49f84c005504989f94dda7659642729615babeed4be3bf18c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 5210 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15493104791261711414.png www.dondino.de/images/shops/ Frame 3752	6 KB 6 KB	76ms 69ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15493104791261711414.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 18f868d525d213fdc68861fb991069bb577116e73c072989ac9c2e1ab361f8cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6330 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15059198581977617971.jpg www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	77ms 70ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15059198581977617971.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash e4888de145d65cec5a2f784b5769bb73c3bc15af6840fb484d60e75a95dcc664 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3146 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15059197141636871485.jpg www.dondino.de/images/shops/ Frame 3752	6 KB 6 KB	76ms 69ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15059197141636871485.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 3e08b2a799da5d8cabb9b1803afb2a87a17e68fe2f616e717bc975536424cf29 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 6019 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15059205281868246740.jpg www.dondino.de/images/shops/ Frame 3752	5 KB 5 KB	77ms 70ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15059205281868246740.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 7a89196bcd248415c30dc958af130e904b46be8ee79e70225a9ac88fc6e0fd84 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 4962 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	15065482391799152330.jpg www.dondino.de/images/shops/ Frame 3752	3 KB 3 KB	76ms 69ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/shops/15065482391799152330.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash b72d7b23cc449afa2f66e9fff072cf13c69f6a5e6c7c959028d72973b42dae48 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 3071 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	a.png www.dondino.de/assets/images/ Frame 3752	16 KB 16 KB	78ms 71ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/assets/images/a.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash c151c1445142836ced52df4b5e40aab63bc02c08368f43ac3f20df39e82da436 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 15909 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	b.png www.dondino.de/assets/images/ Frame 3752	12 KB 12 KB	79ms 72ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/assets/images/b.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 158dec95c129c33e19764ce5c9e59af8dc0083483aa7eeca775e09d4d768e1d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 12516 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	c.png www.dondino.de/assets/images/ Frame 3752	12 KB 12 KB	79ms 72ms	Image image/png	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/assets/images/c.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 05591e1bcb7df2b3fba086fc22c6e1db3a8b678ab275d47c047f0f1a22489650 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 11940 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	dondino-de-bewertung-round-220.png www.webwiki.de/etc/rating/widget/39775130/ Frame 3752	30 KB 30 KB	125ms 33ms	Image image/png	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.webwiki.de/etc/rating/widget/39775130/dondino-de-bewertung-round-220.png Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55848986ef0fc3abc62385e394e62e7789f00c53a5bd48f97ff9e6a55dff0a19 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT cf-cache-status HIT last-modified Sat, 13 Aug 2022 20:46:22 GMT server cloudflare age 13850 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TlvCpx1tcyWkUka6mEzmNSJca3oZCaViDNsuz0lvO1TF4N3REOAFhlLTobeGC0SnEcSR%2Ffkze6g809vi4%2F1Yg2gCoiTW2g6qKl8BloBGafK9UYmLWfd0a%2BoICnf0EnvHNkNtHnozcWrx4JS%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73a5c3a04d519186-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sun, 14 Aug 2022 09:11:27 GMT
GET H2	200	toprecommend.js Show response www.provenexpert.com/badge/ Frame 3752	24 B 644 B	157ms 63ms	Script application/javascript	34.102.149.160 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.provenexpert.com/badge/toprecommend.js?id=1NKA0pmA28TA0xQAmLGZ2tQZ1NQp2pwZ&w=180&key=wdmuvjxw Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 160.149.102.34.bc.googleusercontent.com Software nginx / Resource Hash 96aaade2b659dd73e62dd946670ee319d1ea1d769d3dc79626bafe7161379a8d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-origin * strict-transport-security max-age=2592000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block pragma cache referrer-policy strict-origin-when-cross-origin server nginx access-control-max-age 60 access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,PATCH content-type application/javascript via 1.1 google, 1.1 google cache-control max-age=86400 access-control-allow-credentials true access-control-allow-headers Accept,Content-Type,Authorization expires Mon, 15 Aug 2022 03:02:17 GMT
GET H2	200	jquery-1.11.2.min.js Show response code.jquery.com/ Frame 3752	94 KB 33 KB	95ms 25ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.11.2.min.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-176bb" vary Accept-Encoding x-hw 1660438937.dop103.fr8.t,1660438937.cds281.fr8.hn,1660438937.cds286.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33262
GET H2	200	dondino.js Show response www.dondino.de/js/ Frame 3752	379 KB 106 KB	39ms 38ms	Script application/javascript	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/js/dondino.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 3e27450de9fca23469d55878af8a9a0ce0a55d0f4b5419e5577b88a179b3129a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:55 GMT server Apache vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	modernizr-2.6.2.min.js Show response www.dondino.de/assets/vendors/modernizr/ Frame 3752	8 KB 4 KB	31ms 31ms	Script application/javascript	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/assets/vendors/modernizr/modernizr-2.6.2.min.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 73700dd9945ac0c617b55ca5ac81623cdaaca91c6585833d9429c454e039d849 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 3718 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	owl.carousel.min.js Show response www.dondino.de/assets/vendors/owl-carousel/ Frame 3752	39 KB 10 KB	60ms 47ms	Script application/javascript	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/assets/vendors/owl-carousel/owl.carousel.min.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 10522 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	jquery-eu-cookie-law-popup.js Show response www.dondino.de/assets/vendors/ Frame 3752	9 KB 3 KB	64ms 47ms	Script application/javascript	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/assets/vendors/jquery-eu-cookie-law-popup.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash e3f344181ebe05154128034f049a792286e36572cccd32845108000bf4c2d361 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 2533 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/ Frame 3752	850 B 968 B	122ms 32ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0bf673925163224f78fec48c5b1f5126c4ab6605a98ed1dcdf87d82ba9c3bd91 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Sun, 14 Aug 2022 01:02:17 GMT
GET H2	200	jQuerySimpleCounter.js Show response www.dondino.de/assets/js/ Frame 3752	564 B 323 B	62ms 45ms	Script application/javascript	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/assets/js/jQuerySimpleCounter.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 9bcd35e80bce223f93e8bbafd78c36c89ea760d36a4c7837ee76d8cdcc8b73a9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:01 GMT server Apache vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes content-length 288 expires Mon, 14 Aug 2023 01:02:17 GMT
GET H2	200	firebase.js Show response www.gstatic.com/firebasejs/8.10.0/ Frame 3752	875 KB 252 KB	125ms 24ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.10.0/firebase.js Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 90f50a50d46f94e4f87fabfc2ac758f7cfa096420280eef62901e4f111edec9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 09:42:48 GMT content-encoding gzip x-content-type-options nosniff age 55169 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 257229 x-xss-protection 0 last-modified Thu, 19 Aug 2021 20:25:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 13 Aug 2023 09:42:48 GMT
GET H2	200	css fonts.googleapis.com/ Frame 3752	5 KB 1 KB	94ms 38ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,500,600 Requested by Host: www.dondino.de URL: https://www.dondino.de/css/dondino-style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 77b4f9d1a5758a771fd617bb21c247f85b7642a71dc061c35309a2606d82e7c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 14 Aug 2022 01:02:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 14 Aug 2022 01:02:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Aug 2022 01:02:17 GMT
GET H2	200	css fonts.googleapis.com/ Frame 3752	5 KB 647 B	67ms 41ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:300,400,600 Requested by Host: www.dondino.de URL: https://www.dondino.de/css/frontend.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c3e991866326d8dbc0284f67bda193a979970b6b46e39ea572a648ef5dc8eee1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 14 Aug 2022 00:44:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 14 Aug 2022 01:02:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Aug 2022 01:02:17 GMT
GET H2	200	frame_forced.php Show response www.lcmmedia.de/kamp/ Frame BD1C	369 B 566 B	40ms 40ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD0xNTgmc2lkPTg4JnYxPWVhZmRiZWFkMzBkM2YzYmFlYmYwMDE2YzUzZGE5MWMwZjc5ZGFjNmE4N2JhNDFhMjlmZjExYWU0Yzg4M2YwNzMxZjhiMWMzNjE5ZjFjMmJlNzYyNTRmMzdiMDAwZDg1MmExYTFlMWI1NDk2NTJmZTliYTZjYjQ2ZWYzZmNlZjgzJnYyPXAycCZyZWZlcmVyPWh0dHBzOi8vd3d3LnNoaW1seS5uZXQv Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 36e7ee781870178fffc2db5b06ee09e83a93f2c86b9fedbf7ea4f1aca776e5ec Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 327 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:17 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H2	200	go.php Show response www.croxy.de/ Frame 774F	607 B 494 B	164ms 39ms	Document text/html	89.163.148.251 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.croxy.de/go.php?id=158&sid=aHR0cHM6Ly93d3cudjJsb2FkLmRlL3IyY29tLmh0bWw/djI9YXV0bw== Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 89.163.148.251 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.croxy.de Software nginx / PHP/7.3.20 PleskLin Resource Hash 584a2bb6f6ae32b4c0093a9c130125129d3974029c6d18d2cafd35a055ee3668 Request headers Referer https://www.lcmmedia.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 330 content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:17 GMT ms-author-via DAV server nginx vary Accept-Encoding x-powered-by PHP/7.3.20 PleskLin
GET H2	200	kamp_m_lcm.php Show response www.lcmmedia.de/kamp/ Frame 5DFE	1 KB 800 B	37ms 37ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=158&sid=88 Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash c39eddce55282d4bf78a2566c132467a884a106c16a4c9f938262de5ddb7ca6c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 561 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:17 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H2	200	layer.css l.adcocktail.com/ Frame 1A46	2 KB 702 B	52ms 50ms	Stylesheet text/css	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l.adcocktail.com/layer.css?id=2 Requested by Host: l.adcocktail.com URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 13 Feb 2018 13:34:28 GMT server cloudflare etag "684-565180dcd5f3b-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css accept-ranges bytes cf-ray 73a5c39fa9385c2c-FRA content-length 586
GET H2	200	layerhead.js Show response l.adcocktail.com/ Frame 1A46	3 KB 1 KB	53ms 51ms	Script application/javascript	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l.adcocktail.com/layerhead.js?id=2 Requested by Host: l.adcocktail.com URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 13 Feb 2018 09:26:46 GMT server cloudflare etag "d67-5651497f64282-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript accept-ranges bytes cf-ray 73a5c39fa9395c2c-FRA content-length 1300
GET H2	200	l_rota_v.php Show response l.adcocktail.com/ Frame 1A46	2 KB 782 B	47ms 46ms	Script text/html	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid= Requested by Host: l.adcocktail.com URL: https://l.adcocktail.com/lay.php?uid=87912&wsid=199914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64c2c70f29e4c7bda0e64703c374ff5cd3c1ca866cfce2c7cf8482b311b888ed Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:17 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sun, 14 Aug 2022 01:02:17 GMT server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 note CACHING IS DISABLED cf-ray 73a5c39fa93a5c2c-FRA content-length 719 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	16141658811645619938.jpg www.dondino.de/images/slider/ Frame 3752	208 KB 210 KB	61ms 61ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/slider/16141658811645619938.jpg Requested by Host: www.dondino.de URL: https://www.dondino.de/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash e5c38396253f98026a0f86963a476a43d9ef29d49052971fc31d78eb7c332020 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 213157 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	fontawesome-webfont.woff2 www.dondino.de/fonts/vendor/font-awesome/ Frame 3752	75 KB 76 KB	71ms 71ms	Font application/font-woff2	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Requested by Host: www.dondino.de URL: https://www.dondino.de/css/frontend.css Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.dondino.de/css/frontend.css Origin https://www.dondino.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:17 GMT x-content-type-options nosniff last-modified Fri, 08 Oct 2021 10:16:30 GMT server Apache content-type application/font-woff2 access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes content-length 77160 expires Tue, 13 Sep 2022 01:02:17 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/ Frame 3752	30 KB 31 KB	94ms 23ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.dondino.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 03:24:20 GMT x-content-type-options nosniff age 250677 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Aug 2023 03:24:20 GMT
GET DATA	200 OK	truncated / Frame 3752	2 KB 2 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b Request headers Referer Origin https://www.dondino.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET H2	200	/ Show response cdn.adsfirm.com/iframe/ Frame C43D	42 KB 17 KB	97ms 37ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adsfirm.com/iframe/ Requested by Host: cdn.adsfcdn.com URL: https://cdn.adsfcdn.com/js/TmFvVWxmQXhhbTA9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 246e8b0bbc5119f4d67faf2c6d2f9624a7be89d555e05281e1709a98097f03a5 Request headers Referer https://www.k-bettel.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 73a5c3a20bcd916b-FRA content-encoding br content-type text/html date Sun, 14 Aug 2022 01:02:17 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Mon, 13 Jun 2022 08:58:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeNLbYCXWA09LSsuKHX7DonD6r3rN8Ko%2BJL0zc5CkrBmo2BdhZAkFwtl7QVo1bJ8n3TVWGhpInaYLAegggBGRF8jAYxMcPrQhZrQGjWxVgRVZNaQFfcr%2FL58eeNCzPMedI2NA4mjCdHAneyUe7M%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.css www.lcmmedia.de/kamp/ Frame 5DFE	486 B 565 B	34ms 33ms	Stylesheet text/css	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/style.css Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=158&sid=88 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PleskLin Resource Hash f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=158&sid=88 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; content-encoding gzip last-modified Thu, 03 Jun 2021 16:02:32 GMT server nginx x-powered-by PleskLin etag "1e6-5c3deb3e84805-gzip" vary Accept-Encoding content-type text/css; charset=utf-8 x-accel-version 0.01 date Sun, 14 Aug 2022 01:02:17 GMT accept-ranges bytes content-length 255
GET H2	200	cc_328.js Show response s10.histats.com/counters/	18 KB 7 KB	30ms 30ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/counters/cc_328.js Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash c280115a1bb138d4019b3e021e8eb2f5a9028e213622c5fe4b496f91658351b7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 00:55:54 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:45:32 GMT x-cdn-pop-ip 137.74.120.0/27 etag "853387749" x-cacheable Matched cache content-type text/javascript x-cdn-pop sbg accept-ranges bytes content-length 7129 x-request-id 229117997
GET H2	200	bk_rota.php Show response bk.adcocktail.com/ Frame 1A46	279 B 262 B	67ms 52ms	Script text/html	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bk.adcocktail.com/bk_rota.php?format=468x60&uid=87912&wsid=199914 Requested by Host: l.adcocktail.com URL: https://l.adcocktail.com/l_rota_v.php?uid=87912&wsid=199914&wid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97e27fe41580cf171b4ef09a9884519c06c66ca55d85a4625a604c33c194bf37 Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:18 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 note CACHING IS DISABLED cf-ray 73a5c3a36c815c2c-FRA content-length 201 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	adc_layer_logo.png l.adcocktail.com/images/ Frame 1A46	5 KB 5 KB	32ms 31ms	Image image/png	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://l.adcocktail.com/images/adc_layer_logo.png Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT cf-cache-status HIT last-modified Mon, 12 Feb 2018 11:16:13 GMT server cloudflare age 3138 etag "1448-56502018ce55d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png accept-ranges bytes cf-ray 73a5c3a35c695c2c-FRA content-length 5192
GET H2	200	adc_layer_fav.png l.adcocktail.com/images/ Frame 1A46	2 KB 2 KB	39ms 38ms	Image image/png	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://l.adcocktail.com/images/adc_layer_fav.png Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT cf-cache-status HIT last-modified Mon, 12 Feb 2018 11:16:13 GMT server cloudflare age 321 etag "68b-56502018c397b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png accept-ranges bytes cf-ray 73a5c3a35c6b5c2c-FRA content-length 1675
GET H2	200	adc_layer_new.png l.adcocktail.com/images/ Frame 1A46	1 KB 1 KB	32ms 31ms	Image image/png	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://l.adcocktail.com/images/adc_layer_new.png Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT cf-cache-status HIT last-modified Mon, 12 Feb 2018 11:16:14 GMT server cloudflare age 321 etag "54c-56502018e6c02" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png accept-ranges bytes cf-ray 73a5c3a35c6c5c2c-FRA content-length 1356
GET H2	200	adc_layer_stop.png l.adcocktail.com/images/ Frame 1A46	1 KB 1 KB	32ms 32ms	Image image/png	104.20.46.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://l.adcocktail.com/images/adc_layer_stop.png Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.46.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT cf-cache-status HIT last-modified Mon, 12 Feb 2018 11:16:14 GMT server cloudflare age 5482 etag "4ea-56502018f0844" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png accept-ranges bytes cf-ray 73a5c3a35c6e5c2c-FRA content-length 1258
GET H/1.1	200 OK	allklick.php Show response www.k-bettel.de/	5 B 284 B	31ms 30ms	XHR text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/allklick.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash e06d29ded1182ff6245852a02975c85c92837d586f568e769f910e1f0a621293 Request headers Accept text/html, */*; q=0.01 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:18 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-control no-cache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 25
GET H2	200	/ Show response cdn.bmcdn3.com/p/623c565afdbfc7001a590989/ Frame 669A	1 KB 1 KB	131ms 131ms	Document text/html	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=c306eeda-f5b9-4213-b51b-232da91ae183&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0 Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/js/source/901405584196.js?v=1.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5340379dc2383116890d80e40572d77b61f9a0f7ac95a16e5410a7f935bec852 Request headers Referer https://www.k-bettel.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-encoding gzip access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 73a5c3a3bb889191-FRA content-encoding br content-type text/html date Sun, 14 Aug 2022 01:02:18 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyoTijtJo0DinqLLHo0tvn9JBZ5RJshy2beCcGncICDgJcHO7z1x7qtlqkBtnYjDErmcgFYDCM2qw96Fvuts2OGWy0pDaAdgoiWnkcQMdtnoTEPO39iRq%2FS5Va3IQcJ0F8JRuHswJ%2F7BO4V6"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	/ cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/	35 B 347 B	121ms 121ms	Image image/gif	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bmcdn3.com/pv/5f02c4f228238c0013166f58/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=c306eeda-f5b9-4213-b51b-232da91ae183 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT accept-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zok%2FRDbuXPhOoD9lbaGk7xR6MU%2FdzzsN92lLAV%2BtXq8Q%2FiBn1ghtWOI7BtwG0wDgR0H%2FLe86cpMfFQa%2Feu7zI7%2FO3enOtm8cUGDlCrcwG4GVhxO%2FkaxcK4fLlUNtFS3SyfhnwTcDlM9ElIIh"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cf-ray 73a5c3a3bb869191-FRA cf-cache-status DYNAMIC
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 3752	386 KB 154 KB	74ms 23ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dondino.de/ Origin https://www.dondino.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 23:52:46 GMT content-encoding gzip x-content-type-options nosniff age 4172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 157356 x-xss-protection 0 last-modified Mon, 08 Aug 2022 08:12:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 13 Aug 2023 23:52:46 GMT
GET H2	200	/ Show response cdn.bmcdn3.com/p/623c55576a92bc002503d00b/ Frame BBF0	3 KB 1 KB	124ms 123ms	Document text/html	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=c306eeda-f5b9-4213-b51b-232da91ae183&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0 Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/js/source/901405584196.js?v=1.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6a82033dde8f283e59b9544f2147b49fc81044c2f0f65ad7601860adeeaa562 Request headers Referer https://www.k-bettel.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-encoding gzip access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 73a5c3a42be69191-FRA content-encoding br content-type text/html date Sun, 14 Aug 2022 01:02:18 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Za0ezS3c4THxbOOP0K%2BtjG36%2BWkE1ubob6rzKuhNKudvcQR7OQyf1xPLpi92O4HncoZGT4bNyZObzKWIzJFbkWo1ZK3AG1ScXp45npJDVuMIMDJBQLWHB9Gu4BMgacMB0gFr3HkaR07vNHhc"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	frame_forced.php Show response www.lcmmedia.de/kamp/ Frame BD1C	32 B 277 B	158ms 158ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTk4JmJpZD0xNTgmc2lkPTg4JnYxPWVhZmRiZWFkMzBkM2YzYmFlYmYwMDE2YzUzZGE5MWMwZjc5ZGFjNmE4N2JhNDFhMjlmZjExYWU0Yzg4M2YwNzMxZjhiMWMzNjE5ZjFjMmJlNzYyNTRmMzdiMDAwZDg1MmExYTFlMWI1NDk2NTJmZTliYTZjYjQ2ZWYzZmNlZjgzJnYyPXAycCZyZWZlcmVyPWh0dHBzOi8vd3d3LnNoaW1seS5uZXQv Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTk4JmJpZD0xNTgmc2lkPTg4JnYxPWVhZmRiZWFkMzBkM2YzYmFlYmYwMDE2YzUzZGE5MWMwZjc5ZGFjNmE4N2JhNDFhMjlmZjExYWU0Yzg4M2YwNzMxZjhiMWMzNjE5ZjFjMmJlNzYyNTRmMzdiMDAwZDg1MmExYTFlMWI1NDk2NTJmZTliYTZjYjQ2ZWYzZmNlZjgzJnYyPXAycCZyZWZlcmVyPWh0dHBzOi8vd3d3LnNoaW1seS5uZXQv Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 39 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:18 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H2	200	r2com.html Show response www.v2load.de/ Frame 774F Redirect Chain https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cudjJsb2FkLmRlL3IyY29tLmh0bWw/djI9YXV0bw== https://www.v2load.de/r2com.html?v2=auto	295 B 374 B	166ms 41ms	Document text/html	5.104.107.192 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.de/r2com.html?v2=auto Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=98&bid=158&sid=88&v1=eafdbead30d3f3baebf0016c53da91c0f79dac6a87ba41a29ff11ae4c883f0731f8b1c3619f1c2be76254f37b000d852a1a1e1b549652fe9ba6cb46ef3fcef83&v2=p2p Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.104.107.192 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.de Software nginx / PHP/7.3.20 PleskLin Resource Hash 6b339c04fe49b72c1beeb550c253c3f0100c83dd3e829bf66e564f5fd24a717d Request headers Content-Type application/x-www-form-urlencoded Origin https://www.croxy.de Referer https://www.croxy.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 226 content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:18 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.3.20 PleskLin Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:18 GMT location https://www.v2load.de/r2com.html?v2=auto ms-author-via DAV server nginx x-powered-by PHP/7.3.20 PleskLin
GET H2	200	links2000.gif www.spiele.links2000.de/ Frame 1A46 Redirect Chain https://bk.adcocktail.com/bk_rota_v.php?tan=MzMzNzd8ODc5MTJ8MTk5OTE0fDE2NjA0Mzg5Mzg= https://www.spiele.links2000.de/links2000.gif	18 KB 19 KB	122ms 36ms	Image image/gif	212.53.214.163 ARTFILES-AS Artfi...
General Check archive.org Show headers Download Go to Show image Full URL https://www.spiele.links2000.de/links2000.gif Requested by Host: www.shimly.net URL: https://www.shimly.net/public/ptp-1-1675-30-48-sh Protocol H2 Server 212.53.214.163 Flensburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE), Reverse DNS Software Apache / Resource Hash 608c6f10838f82cab43378458f60f0b295cb7351950531f34b6d65ade1d0c7e5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.shimly.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Sat, 17 Aug 2019 06:53:04 GMT server Apache accept-ranges bytes etag "4997-5904a8f0006b6" content-length 18839 content-type image/gif Redirect headers pragma no-cache date Sun, 14 Aug 2022 01:02:18 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sun, 14 Aug 2022 01:02:18 GMT server cloudflare cache-control max-age=0, no-cache, no-store, must-revalidate expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 location https://www.spiele.links2000.de/links2000.gif note CACHING IS DISABLED cf-ray 73a5c3a44d0f5c2c-FRA content-length 20 expires Wed, 11 Jan 1984 05:00:00 GMT
GET DATA	200 OK	truncated / Frame C43D	505 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6c42dd792f7ea62abcb52e60fe3627394cc5c27d5dfbea9a99dbb5ca815638d8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63277152f6eb74890ba35dddd3060e937f9222d8fe6341c9e9fa189776c30171 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/png
GET H2	200	img.css static.bmcdn3.com/css/ Frame 669A	10 KB 4 KB	66ms 51ms	Stylesheet text/css	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.bmcdn3.com/css/img.css?v=v1.25.11 Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=c306eeda-f5b9-4213-b51b-232da91ae183&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0b5321876158751e32376f288432d101ce4991523bff3d278ed6613801a3351 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.bmcdn3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 932 cf-polished origSize=10164 last-modified Tue, 28 Jun 2022 17:05:39 GMT server cloudflare etag W/"62bb34e3-27b4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgdbuexdaOIV0hSpz4LBmA%2B7mGu6ievhrYA9LOaQMAsFBUUoDH6IFOWb2Dxr0a3qX%2Bu53AuEjVMEg9dCGEAo8H7%2BOYEEQjC%2B0Sf4ga8%2BqUwPtm6t%2BjPUOVcLRRdmORKd3WLU2a4PHS%2FW4k2rap4W"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=16070400 cf-ray 73a5c3a53c869191-FRA cf-bgj minify
GET H2	200	b9be0d52-13d7-11ed-b790-557578900a97cc2c79e7-ec1c-4f32-8128-6b7f87702efd.jpeg media.bmcdn3.com/static/ Frame 669A	101 KB 101 KB	44ms 29ms	Image image/jpeg	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.bmcdn3.com/static/b9be0d52-13d7-11ed-b790-557578900a97cc2c79e7-ec1c-4f32-8128-6b7f87702efd.jpeg Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/p/623c565afdbfc7001a590989/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=c306eeda-f5b9-4213-b51b-232da91ae183&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ad345c4fcfdfca43ae10cd9eeb5eca586bdfc145a2994a84adaf83b4cf34ce7 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.bmcdn3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2456 cf-polished origSize=104986 content-length 103063 last-modified Thu, 04 Aug 2022 09:27:57 GMT server cloudflare etag "62eb911d-19a1a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3S13xEgVWpMqSHmnwFHs5BGVHkdWDFQ4y6iThcIPE7Xp9NtAv1MC7HccZkLdqgAEXzOxtrz7Xpv0qJtZyw0YplhFD0git5XoMg8nOMu4LFfcM2iELm262Vr2uQjOpX90ft03WqSWELDwkjFRZI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 73a5c3a53c859191-FRA cf-bgj imgq:100,h2pri
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 9985	42 KB 22 KB	104ms 52ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0&co=aHR0cHM6Ly93d3cuZG9uZGluby5kZTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=3cbmyti3osw1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a41766a92333e44840d731ce1246e0363fb8536b57c7b0569a7c13184c4e9d04 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eSTdT8j2gmyHKmU9_YH4pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.dondino.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22629 content-security-policy script-src 'report-sample' 'nonce-eSTdT8j2gmyHKmU9_YH4pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 14 Aug 2022 01:02:18 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	46860.css static.bmcdn3.com/css/responsive/ Frame BBF0	13 KB 5 KB	27ms 27ms	Stylesheet text/css	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.bmcdn3.com/css/responsive/46860.css?v=v1.25.11 Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=c306eeda-f5b9-4213-b51b-232da91ae183&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0110b1de4175425925e305c0ddc3cd6b8b7f14701ae29a27d804c054b9cb5e37 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.bmcdn3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3211 cf-polished origSize=13083 last-modified Tue, 28 Jun 2022 17:05:23 GMT server cloudflare etag W/"62bb34d3-331b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpYtMTX48AqA8qE0mLZu1ENlDTbRC8XVwKNRVeFYey%2Fx4kfTsqIynpWaFdiF4aNZ6022rneDUKw8uQxLHgzd1%2B8wFOWUUwNPiCtIwhSnqVf2JOmSrL80VS5myc9HNlPO%2BbOepfp39WIpfgEiBB7i"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=16070400 cf-ray 73a5c3a56c9d9191-FRA cf-bgj minify
GET H2	200	fb53f300-13d8-11ed-b790-557578900a97a7301b3f-48ca-4111-9c2d-71bf0de9c4f2.jpeg media.bmcdn3.com/static/ Frame BBF0	71 KB 71 KB	28ms 28ms	Image image/jpeg	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.bmcdn3.com/static/fb53f300-13d8-11ed-b790-557578900a97a7301b3f-48ca-4111-9c2d-71bf0de9c4f2.jpeg?v=v1.25.11 Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=c306eeda-f5b9-4213-b51b-232da91ae183&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b92507cb90c584787c1a7637cb5ab389f1bb5708b0a8fc963bd90cfd30b6410 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.bmcdn3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4325 cf-polished origSize=73938 content-length 72484 last-modified Thu, 04 Aug 2022 09:36:56 GMT server cloudflare etag "62eb9338-120d2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7hA6KWmGfrCJxJhWWtGjT8Gjdl9%2BSwgX48XWbzh8DsW13toQu1oKQxoA2ITGaT9168i5DiOhrvksbxNPWW%2FE1qKsAPdNCygOlh6gI1uWgBXub1wh1A42zgvaiKx5a6k0ej3MWaUeC7PWFcssiE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 73a5c3a56c9e9191-FRA cf-bgj imgq:100,h2pri
GET H2	200	fb53cbf0-13d8-11ed-b790-557578900a9776d16632-0f4e-4608-825c-aa1a895d4a1c.png media.bmcdn3.com/static/ Frame BBF0	4 KB 5 KB	29ms 29ms	Image image/png	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.bmcdn3.com/static/fb53cbf0-13d8-11ed-b790-557578900a9776d16632-0f4e-4608-825c-aa1a895d4a1c.png?v=v1.25.11 Requested by Host: cdn.bmcdn3.com URL: https://cdn.bmcdn3.com/p/623c55576a92bc002503d00b/?source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok&sourceid=901405584196&ent=&we=0&fid=919c290309429183cb82f944f6e7e2a3&fidnoua=a3578ca829930dd0cb8de8218e4bff9f&impid=c306eeda-f5b9-4213-b51b-232da91ae183&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&sig=0x00000&blocksubid=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 405f1464048857e4dc299966df1808a287fee63a3f8936277935542f383285c8 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.bmcdn3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4325 cf-polished origSize=6937 content-length 4593 last-modified Thu, 04 Aug 2022 09:36:56 GMT server cloudflare etag "62eb9338-1b19" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9kg0I1UDkJHydmdlZxAvhD71hQotSoqbSd2f9QzLKCBSppeFfPj0o8xOa%2BcBUCd0MKxWlaW7fqe%2FJKYrCe6oZCIJ3dzsfxXWI%2Fa%2FakNn7UQemrNBidjYQAO4dYh5ZrUwJMEaRSY0Zz0yQQcGcU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=16070400 accept-ranges bytes cf-ray 73a5c3a5acc49191-FRA cf-bgj imgq:100,h2pri
GET H3	200	imp Show response cdn.adsfirm.com/ad/ Frame C43D	247 B 707 B	71ms 41ms	Fetch application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adsfirm.com/ad/imp?c=eyJzaWQiOiJia2htZDFWWk56TktZVEE5IiwiYmlkIjoiVG1GdlZXeG1RWGhoYlRBOSIsInNpemUiOiI0Njh4NjAiLCJmIjoiMCIsIm4iOiIwIiwiZmlkIjoiMjc5OTA0MWEzNTE1ZmI0OGIxNzJjMTQxZjgwYzBmZGMiLCJ1dWlkIjoiNGJjNGVhYzgtMzQ3Ny00YTM2LWI4NGItNjY1NDY1NWExNzMyIiwic291cmNlIjoiaHR0cHM6Ly93d3cuay1iZXR0ZWwuZGUvaW5kZXgucGhwP2NvbnRlbnQ9L25vcmVsb2FkJnJlZj00NDE0ODQmdGFuPTdhYzVlMmQ1YWFjYTE5ZTA1NDhmZDA4MjQ3ZDMyMDRkJnN0ZXAyPW9rIiwicmVmIjoiaHR0cHM6Ly93d3cuay1iZXR0ZWwuZGUvaW5kZXgucGhwP2NvbnRlbnQ9L25vcmVsb2FkJnJlZj00NDE0ODQmdGFuPTdhYzVlMmQ1YWFjYTE5ZTA1NDhmZDA4MjQ3ZDMyMDRkJnN0ZXAyPW9rIiwidGltZXpvbmUiOjAsImxhbmciOiJlbi1VUyIsInBsYXRmb3JtIjoiV2luMzIiLCJzY3JlZW4iOiIxNjAweDEyMDAifQ== Requested by Host: cdn.adsfirm.com URL: https://cdn.adsfirm.com/iframe/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a6652db1ee0236c1fc8a8a99391fbfe52a4142db726ff5eea848aed0f0c90bd Request headers Referer https://cdn.adsfirm.com/iframe/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 content-type application/json Response headers date Sun, 14 Aug 2022 01:02:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWVBoeVhGPmza%2BnIRwKIARnN9PZru5c1WzPj8xUWPHUqQZ8G0%2Fwrdx1Zz9kDC1VgvCkYdgg3e3bOMXf8%2B%2BXCbrX%2FCl2OmOSh8Z%2BOzHQ8axIRApwf%2BTF06za3ohW1tiPInTjJ90HBJ7IMTUSKru4%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 73a5c3a5dc049b74-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ Show response www.v2load.com/videos/4tDpYxNYqPg/ Frame 774F	18 KB 4 KB	204ms 38ms	Document text/html	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Requested by Host: www.v2load.de URL: https://www.v2load.de/r2com.html?v2=auto Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PHP/7.3.20 PleskLin Resource Hash 6fba4c2c83bcc6ffa691d8f9b779774e772cb708d15556f33d89cf50aed3841a Request headers Referer https://www.v2load.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 4326 content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:18 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.3.20 PleskLin
GET DATA	200 OK	truncated / Frame 669A	292 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9231074c4a13ea732a6e9a47bc90560dfea16ab6a7496c24354732c0cb714537 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 669A	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 755fc0caec1e189bec125a7f0dd5143ce200946bc789abdfa7030fd3bb97a814 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 669A	589 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6491ff7db9d295432c0c21c6383470abf21d53fd3b7cfffdbe46fe4b0fb656d5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 669A	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4aeed5d1ea1b94c22c1a5fb1b40152a90d554fb92690a1f89664288bfd907702 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame BBF0	292 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9231074c4a13ea732a6e9a47bc90560dfea16ab6a7496c24354732c0cb714537 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame BBF0	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 755fc0caec1e189bec125a7f0dd5143ce200946bc789abdfa7030fd3bb97a814 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame BBF0	589 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6491ff7db9d295432c0c21c6383470abf21d53fd3b7cfffdbe46fe4b0fb656d5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame BBF0	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4aeed5d1ea1b94c22c1a5fb1b40152a90d554fb92690a1f89664288bfd907702 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 9985	52 KB 24 KB	76ms 25ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0&co=aHR0cHM6Ly93d3cuZG9uZGluby5kZTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=3cbmyti3osw1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 18:18:03 GMT content-encoding gzip x-content-type-options nosniff age 24255 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24251 x-xss-protection 0 last-modified Mon, 08 Aug 2022 08:12:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 13 Aug 2023 18:18:03 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 9985	386 KB 154 KB	87ms 36ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0&co=aHR0cHM6Ly93d3cuZG9uZGluby5kZTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=3cbmyti3osw1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 23:52:46 GMT content-encoding gzip x-content-type-options nosniff age 4172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 157356 x-xss-protection 0 last-modified Mon, 08 Aug 2022 08:12:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 13 Aug 2023 23:52:46 GMT
GET H3	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 774F	89 KB 32 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 05:45:48 GMT content-encoding gzip x-content-type-options nosniff age 155790 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32245 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Aug 2023 05:45:48 GMT
GET H3	200	css fonts.googleapis.com/ Frame 774F	1020 B 416 B	87ms 34ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Questrial Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 14 Aug 2022 00:16:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 14 Aug 2022 01:02:18 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Aug 2022 01:02:18 GMT
GET H2	200	normalize.css www.v2load.com/xcss/ Frame 774F	8 KB 8 KB	48ms 42ms	Stylesheet text/css	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xcss/normalize.css Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 4a71f6b0c45b4b74a69f09c1668d283f901632ba89e5855058690b0a1f0d75ec Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-1e3e" content-type text/css accept-ranges bytes content-length 7742
GET H2	200	foundation.min.css www.v2load.com/xcss/ Frame 774F	65 KB 14 KB	104ms 100ms	Stylesheet text/css	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xcss/foundation.min.css Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 1a1eca69c3dc849442a8d6108cca499586c2648981d80f157c286b1c6af00211 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT content-encoding gzip etag W/"5dd71789-10488" last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	app.css www.v2load.com/xcss/ Frame 774F	9 KB 9 KB	105ms 101ms	Stylesheet text/css	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xcss/app.css Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 69fc11c0fefa11058ed6a9f680fdd9f9bf888a19b4914e125ab6cf4d1b3f9d2f Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-2553" content-type text/css accept-ranges bytes content-length 9555
GET H2	200	app2.css www.v2load.com/xcss/ Frame 774F	6 KB 6 KB	104ms 100ms	Stylesheet text/css	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xcss/app2.css Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 4e3ac19eac8884260ff503cd9e889614ddacce238fad14e637feacbe97ded8e5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-193a" content-type text/css accept-ranges bytes content-length 6458
GET H2	200	custom.modernizr.js Show response www.v2load.com/xjs/ Frame 774F	9 KB 9 KB	105ms 101ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/custom.modernizr.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash ea3486e875b7633dbdf97ba3f7fec6ebdf5ed2fb3a647320c2ae1ca5c75d42e4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-244a" content-type application/javascript accept-ranges bytes content-length 9290
GET H2	200	advertissler.js Show response www.v2load.com/xjs/ Frame 774F	2 KB 2 KB	104ms 100ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/advertissler.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 8f8bcbd1f2839c14f8c0e1ab9dca98a41b3073e918d479c67e2976f3f3965136 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-6b1" content-type application/javascript accept-ranges bytes content-length 1713
GET H2	200	js9.js Show response s10.histats.com/ Frame 774F	11 KB 4 KB	32ms 28ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js9.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash d8337dd03ebcf37b12dd23775b6a14e8ce023b3da954c41acb22e633ad34a3c0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 00:52:32 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:17 GMT x-cdn-pop-ip 137.74.120.0/27 etag "421254336" x-cacheable Matched cache content-type text/javascript x-cdn-pop sbg accept-ranges bytes content-length 4265 x-request-id 295308078
GET H2	200	jquery.js Show response www.v2load.com/xjs/ Frame 774F	293 KB 293 KB	75ms 71ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/jquery.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 727162487876a371fb0f726eb2d5d8d641715c9cd144efbae97699403b67f94f Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-49391" content-type application/javascript accept-ranges bytes content-length 299921
GET H2	200	foundation.min.js Show response www.v2load.com/xjs/ Frame 774F	56 KB 57 KB	104ms 101ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/foundation.min.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 35cb750aee47549cabdc31ab17b315002ce85697f62b3af56357f479ddb5132f Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-e1fc" content-type application/javascript accept-ranges bytes content-length 57852
GET H2	200	jquery.masonry.min.js Show response www.v2load.com/xjs/ Frame 774F	5 KB 6 KB	105ms 101ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/jquery.masonry.min.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 304ac609991860c734b4d47d489c9d8ee4d943c4b249e3c7ca6adb71bbf1a9e2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-1574" content-type application/javascript accept-ranges bytes content-length 5492
GET H2	200	jquery.infinitescroll.min.js Show response www.v2load.com/xjs/ Frame 774F	21 KB 21 KB	105ms 102ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/jquery.infinitescroll.min.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash fded0bd09f076102d1d2d4ab75e18a20c758a6d63a71458918d937d4fda10e09 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-528c" content-type application/javascript accept-ranges bytes content-length 21132
GET H2	200	jquery.stickyfloat.js Show response www.v2load.com/xjs/ Frame 774F	2 KB 2 KB	106ms 103ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/jquery.stickyfloat.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 56a852d0088d1c2053222b0b7de83fa987de0655b370c5dd4d3fb4601d65101e Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-8cc" content-type application/javascript accept-ranges bytes content-length 2252
GET H2	200	mousetrap.min.js Show response www.v2load.com/xjs/ Frame 774F	3 KB 3 KB	105ms 103ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/mousetrap.min.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash f83e7bb93eb8ae5b983eff1717e3ce5cf59eec9557eac2d5efb648c3e5884f93 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-d63" content-type application/javascript accept-ranges bytes content-length 3427
GET H2	200	app1.js Show response www.v2load.com/xjs/ Frame 774F	3 KB 4 KB	104ms 102ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/app1.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 2182d5d8a419aac1ed50561ecc8dfefc9f251f74f9afc68c61d8d533ad521457 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-de4" content-type application/javascript accept-ranges bytes content-length 3556
GET H2	200	app2.js Show response www.v2load.com/xjs/ Frame 774F	424 B 460 B	105ms 103ms	Script application/javascript	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.v2load.com/xjs/app2.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 658f363429d11dbd10407b205880e0d31848e74aa4328d0e01bf783babbff213 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT content-encoding gzip etag "1a8-597e34aebf436-gzip" last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type application/javascript x-accel-version 0.01 accept-ranges bytes content-length 243
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 9985	2 KB 2 KB	25ms 24ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 19:40:09 GMT x-content-type-options nosniff age 192129 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 18 Aug 2022 19:40:09 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9985	15 KB 15 KB	76ms 24ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0&co=aHR0cHM6Ly93d3cuZG9uZGluby5kZTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=3cbmyti3osw1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 09 Aug 2022 17:06:41 GMT x-content-type-options nosniff age 374137 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 09 Aug 2023 17:06:41 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9985	15 KB 15 KB	77ms 26ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0&co=aHR0cHM6Ly93d3cuZG9uZGluby5kZTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=3cbmyti3osw1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 08 Aug 2022 22:21:19 GMT x-content-type-options nosniff age 441659 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 08 Aug 2023 22:21:19 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 9985	102 B 134 B	38ms 37ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0&co=aHR0cHM6Ly93d3cuZG9uZGluby5kZTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=3cbmyti3osw1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0&co=aHR0cHM6Ly93d3cuZG9uZGluby5kZTo0NDM.&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&cb=3cbmyti3osw1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Sun, 14 Aug 2022 01:02:18 GMT
GET H2	200	flexslider-icon.woff www.dondino.de/fonts/ Frame 3752	1 KB 1 KB	30ms 30ms	Font application/font-woff	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.dondino.de/fonts/flexslider-icon.woff?f8b92f66539473eea649c8514eb836a0 Requested by Host: www.dondino.de URL: https://www.dondino.de/css/dondino-style.css Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.dondino.de/css/dondino-style.css Origin https://www.dondino.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT x-content-type-options nosniff last-modified Fri, 08 Oct 2021 10:16:25 GMT server Apache content-type application/font-woff access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes content-length 1268 expires Tue, 13 Sep 2022 01:02:18 GMT
GET H2	200	bg.png www.v2load.com/ximages/ Frame 774F	90 KB 90 KB	36ms 35ms	Image image/png	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.v2load.com/ximages/bg.png Requested by Host: www.v2load.com URL: https://www.v2load.com/xcss/app.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 624b4d4ac84f380835a85d464420582470c2c7b8ef48f3a005e9fa665daf47e4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/xcss/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-16629" content-type image/png accept-ranges bytes content-length 91689
GET H3	200	QdVUSTchPBm7nuUeVf70viFl.woff2 fonts.gstatic.com/s/questrial/v18/ Frame 774F	19 KB 19 KB	25ms 25ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Questrial Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.v2load.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 08 Aug 2022 19:01:43 GMT x-content-type-options nosniff age 453635 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19292 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:12:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 08 Aug 2023 19:01:43 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 7382	7 KB 1 KB	36ms 35ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 89477f0196d53d3a4756be2566b93fd6d2d5ab79a0c1a5f8d25e6d4e6c43656b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-o6jHXocNYOrOV6fJHmwmZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.dondino.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1112 content-security-policy script-src 'report-sample' 'nonce-o6jHXocNYOrOV6fJHmwmZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 14 Aug 2022 01:02:19 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	nav_bg.png www.v2load.com/ximages/ Frame 774F	2 KB 2 KB	34ms 34ms	Image image/png	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.v2load.com/ximages/nav_bg.png Requested by Host: www.v2load.com URL: https://www.v2load.com/xcss/app.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash 0df16407cc6a6a35b86ef7f9d58220ce2c7e0f1bf28c0f4c1d258416bca9328c Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/xcss/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-96c" content-type image/png accept-ranges bytes content-length 2412
GET H2	200	sprite.png www.v2load.com/ximages/ Frame 774F	21 KB 21 KB	35ms 35ms	Image image/png	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.v2load.com/ximages/sprite.png Requested by Host: www.v2load.com URL: https://www.v2load.com/xcss/app.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash ae1b5b07cc8035373c1a2c4a160939a37fb5e5048a7cb98b6e62901fc5d629a8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/xcss/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-5378" content-type image/png accept-ranges bytes content-length 21368
GET H2	200	fb.png www.v2load.com/ximages/ Frame 774F	1 KB 1 KB	35ms 35ms	Image image/png	5.199.130.173 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.v2load.com/ximages/fb.png Requested by Host: www.v2load.com URL: https://www.v2load.com/xcss/app.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.199.130.173 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.v2load.com Software nginx / PleskLin Resource Hash c73f73f2518aec6f1507fd8fa975264ba16e41c493aa6c989b6f3849adb86d00 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/xcss/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT last-modified Thu, 21 Nov 2019 23:02:33 GMT server nginx x-powered-by PleskLin etag "5dd71789-564" content-type image/png accept-ranges bytes content-length 1380
GET H2	200	4tDpYxNYqPg Show response www.youtube.com/embed/ Frame D59B	63 KB 27 KB	126ms 72ms	Document text/html	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ffa061893ddc1c0a6fa8121ea0733be1ffed9593c16e72d52f70aa363cafc1e8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.v2load.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 critical-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" date Sun, 14 Aug 2022 01:02:19 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	rot.php Show response www.lcmmedia.de/kamp/ Frame 774F	286 B 468 B	66ms 66ms	Script text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/rot.php?art=fullsizebanner&uid=1&sid=11 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30, PleskLin Resource Hash 76b47de847b8ab49f8cab4414fc4d3926ea13c68a85f16fcb5a4c2a0697abe47 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; content-encoding gzip server nginx x-powered-by PHP/7.4.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT content-length 229
GET H/1.1	200 OK	allklick.php Show response www.k-bettel.de/	5 B 284 B	32ms 31ms	XHR text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/allklick.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash e06d29ded1182ff6245852a02975c85c92837d586f568e769f910e1f0a621293 Request headers Accept text/html, */*; q=0.01 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:18 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-control no-cache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 25
GET H2	200	16489770051568906659.jpg www.dondino.de/images/slider/ Frame 3752	111 KB 111 KB	35ms 34ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/slider/16489770051568906659.jpg Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash c771f0496214f8464c09f4af8603db784e55cc0d049e35df19f118a4cfb2d29c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT x-content-type-options nosniff last-modified Sun, 03 Apr 2022 09:10:05 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 113161 expires Tue, 13 Sep 2022 01:02:18 GMT
GET H2	200	15051271272121598915.jpg www.dondino.de/images/slider/ Frame 3752	109 KB 109 KB	35ms 34ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/slider/15051271272121598915.jpg Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 26dfe44c7554d8b98a27442f05076d84f4f58c4438651c7a5a853d286fd95a8c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 111523 expires Tue, 13 Sep 2022 01:02:18 GMT
GET H2	200	15051271211828432099.jpg www.dondino.de/images/slider/ Frame 3752	110 KB 110 KB	34ms 34ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/slider/15051271211828432099.jpg Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 9d96039e2bb196626d0e6c0c9ae0d0974aa766045495104c5b9c8de643062ca3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 112990 expires Tue, 13 Sep 2022 01:02:18 GMT
GET H2	200	15051272171965819018.jpg www.dondino.de/images/slider/ Frame 3752	103 KB 103 KB	34ms 33ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/slider/15051272171965819018.jpg Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 5dd879142aa02e8ec99804de377d8aa8688dd89f7557e5cf1de353bc37e541b7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 105181 expires Tue, 13 Sep 2022 01:02:18 GMT
GET H2	200	15051272241913020847.jpg www.dondino.de/images/slider/ Frame 3752	93 KB 93 KB	35ms 35ms	Image image/jpeg	78.46.10.59 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.dondino.de/images/slider/15051272241913020847.jpg Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.10.59 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi1859.your-server.de Software Apache / Resource Hash 1d4395d509993cd22cbe6b2a1572e7a19d0381e8dfe20b5acc5b5efff6ae8286 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.dondino.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:18 GMT x-content-type-options nosniff last-modified Sat, 06 Nov 2021 09:36:26 GMT server Apache content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 94921 expires Tue, 13 Sep 2022 01:02:18 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 7382	52 KB 24 KB	25ms 25ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 18:18:03 GMT content-encoding gzip x-content-type-options nosniff age 24256 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24251 x-xss-protection 0 last-modified Mon, 08 Aug 2022 08:12:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 13 Aug 2023 18:18:03 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 7382	386 KB 154 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 23:52:46 GMT content-encoding gzip x-content-type-options nosniff age 4173 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 157356 x-xss-protection 0 last-modified Mon, 08 Aug 2022 08:12:45 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 13 Aug 2023 23:52:46 GMT
GET H2	200	sc_frame_content.php Show response www.lcmmedia.de/kamp/ Frame 4908	3 KB 1 KB	39ms 38ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=6&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/rot.php?art=fullsizebanner&uid=1&sid=11 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 12ac33c2f9dfeda81f5820a7f1922cfb4e9bdb80912017ea224734a5dfb4b5c2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.v2load.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1211 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H2	200	rot.php Show response www.lcmmedia.de/kamp/ Frame 774F	290 B 471 B	65ms 65ms	Script text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/rot.php?art=mediumrectangle&uid=1&sid=11 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30, PleskLin Resource Hash 64c2dce712975b8ddb03a821818d6cfb222f269fb0e28ef3ee1f425f02639586 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; content-encoding gzip server nginx x-powered-by PHP/7.4.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT content-length 232
GET H2	200	onlineflat24_468_3.gif www.onlineflat24.de/img/werbebanner/ Frame 4908 Redirect Chain https://www.lcmmedia.de/kamp/b_inad_view.php?uid=1&bid=6&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= https://www.onlineflat24.de/img/werbebanner/onlineflat24_468_3.gif	100 KB 101 KB	122ms 51ms	Image image/gif	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/werbebanner/onlineflat24_468_3.gif Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=6&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 9ef8a4e4b8fec351e4e247f09d5f42678ed47bfedf9eafc28da0b07a370d0229 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Wed, 03 Feb 2021 06:46:28 GMT server Apache etag "190f6-5ba68f256f2a2" strict-transport-security max-age=31536000 content-type image/gif accept-ranges bytes content-length 102646 Redirect headers location https://www.onlineflat24.de/img/werbebanner/onlineflat24_468_3.gif content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; server nginx x-powered-by PHP/7.4.30, PleskLin date Sun, 14 Aug 2022 01:02:19 GMT content-length 0 content-type text/html; charset=UTF-8
GET H2	200	werbung.png www.lcmmedia.de/assets/ico/ Frame 4908 Redirect Chain https://lcmmedia.de/assets/ico/werbung.png https://www.lcmmedia.de/assets/ico/werbung.png	2 KB 2 KB	40ms 39ms	Image image/png	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.lcmmedia.de/assets/ico/werbung.png Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=6&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PleskLin Resource Hash 8601a94dccb7ac5a7b55df00ada6dd85b731d13d2a4c2368ea9eea6f14f0e491 Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Thu, 03 Jun 2021 16:00:29 GMT server nginx x-powered-by PleskLin etag "60b8fc9d-84a" content-type image/png accept-ranges bytes content-length 2122 Redirect headers location https://www.lcmmedia.de/assets/ico/werbung.png date Sun, 14 Aug 2022 01:02:19 GMT server nginx content-length 162 content-type text/html
GET H2	200	b_inad_click.php Show response www.lcmmedia.de/kamp/ Frame A17B	3 KB 1 KB	104ms 104ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/b_inad_click.php?uid=1&bid=6&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=6&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 8d2d7aca2125b744dda1256c01f1e630d56871ec3111e72ce87a26c19917e75c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=6&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1153 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H2	200	sc_frame_content.php Show response www.lcmmedia.de/kamp/ Frame 6169	2 KB 1 KB	41ms 39ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1023&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/rot.php?art=mediumrectangle&uid=1&sid=11 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 0c479bad909757e929cdf6c72f23891afbd30e0ec364a137f3feee78442fe1c4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.v2load.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 894 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H3	200	www-player.css www.youtube.com/s/player/4c3f79c5/ Frame D59B	340 KB 47 KB	81ms 28ms	Stylesheet text/css	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d5c579c4399f4f1965ce7f220ebf16d30cbf3a5ef7ab68c7267babbc2aa11386 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 10:17:38 GMT content-encoding br x-content-type-options nosniff age 53081 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47868 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 13 Aug 2023 10:17:38 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/4c3f79c5/www-embed-player.vflset/ Frame D59B	308 KB 95 KB	137ms 84ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash abf57ea67f7629b73908217088a76cce06ad5c34a61bc91600df76b8ef882ee7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 18:00:03 GMT content-encoding br x-content-type-options nosniff age 111736 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97296 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 12 Aug 2023 18:00:03 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/ Frame D59B	2 MB 570 KB	80ms 28ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 00f0ff60335c6dddae5ce3bf94ab2f4c2094abb8dec58bf9c7e36fdb6e7b0eac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 00:26:20 GMT content-encoding br x-content-type-options nosniff age 174959 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 583172 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 12 Aug 2023 00:26:20 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/4c3f79c5/fetch-polyfill.vflset/ Frame D59B	9 KB 3 KB	78ms 26ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 00:17:47 GMT content-encoding br x-content-type-options nosniff age 175472 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 12 Aug 2023 00:17:47 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 7382	38 KB 23 KB	67ms 67ms	XHR application/json	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5b5d10a64de9712e68ff3dec4f365b88bfef84e7bd26f0089567ba56e31c615c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/x-protobuffer Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23504 x-xss-protection 1; mode=block expires Sun, 14 Aug 2022 01:02:19 GMT
GET H2	200	small.js Show response widgets.amung.us/ Frame 774F	8 KB 4 KB	101ms 34ms	Script application/x-javascript	2606:4700:10::ac43:88d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widgets.amung.us/small.js Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eee6ef188662ab76c29c720cab899af19bad8153a9c86d548d90b3fa46886fc9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 08 Aug 2022 16:40:00 GMT server cloudflare age 3261 etag W/"62f13c60-2142" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 73a5c3aa38109b9a-FRA expires Mon, 15 Aug 2022 00:07:58 GMT
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/ Frame 774F	47 B 181 B	357ms 122ms	Script text/html	192.99.13.63 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?777059&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m%3A%20v2Load%20%3A%204tDpYxNYqPg&@n0&@ohttps%3A%2F%2Fwww.v2load.de%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-15662755&@b3:1660438939&@b4:js9.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.v2load.com%2Fvideos%2F4tDpYxNYqPg%2F%3Fs%3D1&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.13.63 , Canada, ASN16276 (OVH, FR), Reverse DNS ns504751.ip-192-99-13.net Software / Resource Hash a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:19 GMT Connection close Content-Length 47 Content-Type text/html;charset=UTF-8
GET H2	200	sc_frame_content.php Show response www.lcmmedia.de/kamp/ Frame 9B36	2 KB 1 KB	41ms 41ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1023&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/rot.php?art=mediumrectangle&uid=1&sid=11 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 0c479bad909757e929cdf6c72f23891afbd30e0ec364a137f3feee78442fe1c4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.v2load.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 894 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D59B	15 KB 15 KB	27ms 27ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 09 Aug 2022 17:06:41 GMT x-content-type-options nosniff age 374138 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 09 Aug 2023 17:06:41 GMT
GET H2	200	banner.jpeg h.premiumsim.de/ Frame 6169 Redirect Chain https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1023&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144	161 KB 162 KB	145ms 51ms	Image image/png	193.227.195.217 TELIKO-AS
General Check archive.org Show headers Download Go to Show image Full URL https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144 Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1023&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Server 193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE), Reverse DNS h.deutschlandsim.de Software nginx / Resource Hash 7ca5a94cddb3e4f93a5d885dcb5f126eeb222994f342a51ff2d9f3d1ddf6284d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:19 GMT last-modified Sun, 14 Aug 2022 01:02:19 GMT server nginx x-location wildcard x-served-by My Servlet Handler strict-transport-security max-age=31536000; includeSubDomains content-type image/png cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Tue, 13 Sep 2022 03:02:19 +0200 Redirect headers location https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144 content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; server nginx x-powered-by PHP/7.4.30, PleskLin date Sun, 14 Aug 2022 01:02:19 GMT content-length 0 content-type text/html; charset=UTF-8
GET H2	200	werbung.png www.lcmmedia.de/assets/ico/ Frame 6169 Redirect Chain https://lcmmedia.de/assets/ico/werbung.png https://www.lcmmedia.de/assets/ico/werbung.png	2 KB 2 KB	47ms 46ms	Image image/png	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.lcmmedia.de/assets/ico/werbung.png Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1023&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PleskLin Resource Hash 8601a94dccb7ac5a7b55df00ada6dd85b731d13d2a4c2368ea9eea6f14f0e491 Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Thu, 03 Jun 2021 16:00:29 GMT server nginx x-powered-by PleskLin etag "60b8fc9d-84a" content-type image/png accept-ranges bytes content-length 2122 Redirect headers location https://www.lcmmedia.de/assets/ico/werbung.png date Sun, 14 Aug 2022 01:02:19 GMT server nginx content-length 162 content-type text/html
GET H2	200	banner.jpeg h.premiumsim.de/ Frame 9B36 Redirect Chain https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1023&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144	161 KB 162 KB	190ms 102ms	Image image/png	193.227.195.217 TELIKO-AS
General Check archive.org Show headers Download Go to Show image Full URL https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144 Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1023&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Server 193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE), Reverse DNS h.deutschlandsim.de Software nginx / Resource Hash 7ca5a94cddb3e4f93a5d885dcb5f126eeb222994f342a51ff2d9f3d1ddf6284d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:19 GMT last-modified Sun, 14 Aug 2022 01:02:19 GMT server nginx x-location wildcard x-served-by My Servlet Handler strict-transport-security max-age=31536000; includeSubDomains content-type image/png cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Tue, 13 Sep 2022 03:02:19 +0200 Redirect headers location https://h.premiumsim.de/banner.jpeg?promotion_partner_id=13476&promotion_product_id=19144 content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; server nginx x-powered-by PHP/7.4.30, PleskLin date Sun, 14 Aug 2022 01:02:19 GMT content-length 0 content-type text/html; charset=UTF-8
GET H2	200	werbung.png www.lcmmedia.de/assets/ico/ Frame 9B36 Redirect Chain https://lcmmedia.de/assets/ico/werbung.png https://www.lcmmedia.de/assets/ico/werbung.png	2 KB 2 KB	40ms 37ms	Image image/png	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.lcmmedia.de/assets/ico/werbung.png Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1023&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PleskLin Resource Hash 8601a94dccb7ac5a7b55df00ada6dd85b731d13d2a4c2368ea9eea6f14f0e491 Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Thu, 03 Jun 2021 16:00:29 GMT server nginx x-powered-by PleskLin etag "60b8fc9d-84a" content-type image/png accept-ranges bytes content-length 2122 Redirect headers location https://www.lcmmedia.de/assets/ico/werbung.png date Sun, 14 Aug 2022 01:02:19 GMT server nginx content-length 162 content-type text/html
GET H2	200	go.php Show response www.croxy.de/ Frame A4FE	911 B 613 B	40ms 40ms	Document text/html	89.163.148.251 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.croxy.de/go.php?id=6&sid=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlL3Nob3AvZW1haWx3ZXJidW5nLmh0bWw/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1sY21tZWRpYTZuJnV0bV90ZXJtPW9ubGluZWZsYXQyNCZ1dG1fY29udGVudD1iYW5uZXItYWQ= Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/b_inad_click.php?uid=1&bid=6&sid=11&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 89.163.148.251 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.croxy.de Software nginx / PHP/7.3.20 PleskLin Resource Hash b6f94101dc2fe60f282c74874be3a015465765035605736402ab48096712c3e4 Request headers Referer https://www.lcmmedia.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 450 content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT ms-author-via DAV server nginx vary Accept-Encoding x-powered-by PHP/7.3.20 PleskLin
GET H3	200	refresh_2x.png www.gstatic.com/recaptcha/api2/ Frame 7382	600 B 624 B	32ms 30ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/refresh_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 09:45:36 GMT x-content-type-options nosniff age 314203 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 600 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 17 Aug 2022 09:45:36 GMT
GET H3	200	audio_2x.png www.gstatic.com/recaptcha/api2/ Frame 7382	530 B 554 B	33ms 31ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/audio_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 08 Aug 2022 21:24:07 GMT x-content-type-options nosniff age 445092 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 530 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Mon, 15 Aug 2022 21:24:07 GMT
GET H3	200	info_2x.png www.gstatic.com/recaptcha/api2/ Frame 7382	665 B 689 B	34ms 33ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/info_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 18:58:22 GMT x-content-type-options nosniff age 281037 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 665 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 17 Aug 2022 18:58:22 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 7382	15 KB 15 KB	29ms 28ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Tue, 09 Aug 2022 17:06:41 GMT x-content-type-options nosniff age 374138 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 09 Aug 2023 17:06:41 GMT
GET H3	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 7382	15 KB 15 KB	40ms 40ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 08 Aug 2022 21:19:14 GMT x-content-type-options nosniff age 445385 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15340 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:16 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 08 Aug 2023 21:19:14 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 7382	15 KB 15 KB	35ms 34ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Mon, 08 Aug 2022 22:21:19 GMT x-content-type-options nosniff age 441660 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 08 Aug 2023 22:21:19 GMT
GET H3	200	payload www.google.com/recaptcha/api2/ Frame 7382	31 KB 31 KB	45ms 45ms	Image image/jpeg	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/recaptcha/api2/payload?p=06ANYolqsYY-sADVXLxC7f4cEOE7kvYVpFv5PFX6noQunkkdx5WzmZbDbZ8oI5u3vFniI7FZhNuW3YB_k2Fh3-ZNbOKYLMHock_jLAX1juy3BdbnMwZfQuV0lpLw4jOnTLT6MC6gK3aaPi27WSGuIgORW6NQL1iCespsAc234_kfkJjOe8nfhBTt0EYAp42xohfR9JO8Lb6u0kjXyUhZ3yrvvoOj2q2F7IZw&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0 Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f688bcca965770a7e31fba71b3174475a0f0100e05725d8eead88a822b19cea3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLv_cUAAAAAAn3xJe-susug7GrxFcJAQpW2vl0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type image/jpeg cache-control private, max-age=30 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31632 x-xss-protection 1; mode=block expires Sun, 14 Aug 2022 01:02:19 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/ Frame 774F	2 KB 3 KB	382ms 124ms	Script application/javascript	167.114.209.61 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.v2load.com%2Fvideos%2F4tDpYxNYqPg%2F%3Fs%3D1&j=https%3A%2F%2Fwww.v2load.de%2F Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns515688.ip-167-114-209.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:19 GMT X-T 0.766 Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl1 Expires Sun, 14 Aug 2022 01:02:18 GMT
GET H2	200	/ Show response whos.amung.us/pingjs/ Frame 774F	30 B 147 B	419ms 137ms	Script text/javascript	67.202.94.94 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=videov2load&t=%3A%20v2Load%20%3A%204tDpYxNYqPg&c=s&x=https%3A%2F%2Fwww.v2load.com%2Fvideos%2F4tDpYxNYqPg%2F%3Fs%3D1&y=https%3A%2F%2Fwww.v2load.de%2F&a=0&d=0.718&v=27&r=8747 Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash 8a18a4cf1039a96c5c367c8483d05565b08b5f1d46c4272e9e0b6beb719399c1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET H2	200	emailwerbung.html Show response www.onlineflat24.de/shop/ Frame A4FE Redirect Chain https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlL3Nob3AvZW1haWx3ZXJidW5nLmh0bWw/dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1vcmdhbmljJnV0bV9jYW1wYWlnbj1sY21tZWRpYTZuJnV0bV90ZXJtPW9ub... https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad	60 KB 11 KB	65ms 64ms	Document text/html	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=6&sid=11&ns=1&rc=aHR0cHM6Ly93d3cudjJsb2FkLmNvbS8= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / PHP/5.3.29 Resource Hash 4c3451db8986f523d9e12e81d0edcdd17aea47cc685cec4f6344df51769f324a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Content-Type application/x-www-form-urlencoded Origin https://www.croxy.de Referer https://www.croxy.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 11155 content-type text/html date Sun, 14 Aug 2022 01:02:19 GMT server Apache strict-transport-security max-age=31536000 vary Accept-Encoding x-powered-by PHP/5.3.29 Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT location https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad ms-author-via DAV server nginx x-powered-by PHP/7.3.20 PleskLin
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame D59B Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	103ms 41ms	XHR application/json	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H3 Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821a321752e05e68582807117a43b35996726711062fa7a7b37314dc8f27f60b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 14 Aug 2022 01:02:19 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame D59B	29 B 588 B	85ms 23ms	Script text/javascript	2a00:1450:4001:806::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 00:54:28 GMT x-content-type-options nosniff age 471 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 14 Aug 2022 01:09:28 GMT
GET H3	200	css fonts.googleapis.com/ Frame A4FE	24 KB 1 KB	36ms 35ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,300,400,500,600,700,900%7COpen+Sans:300,400,600,700,800 Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7301c531cf529e78db98a4c1826411c290167c7954bc1d4888b2aa78c4dbe0dd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 14 Aug 2022 01:02:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 14 Aug 2022 01:02:19 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Aug 2022 01:02:19 GMT
GET H2	200	bootstrap.min.css www.onlineflat24.de/vendor/bootstrap/css/ Frame A4FE	138 KB 21 KB	59ms 54ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/bootstrap/css/bootstrap.min.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:35 GMT server Apache etag "22688-5bc09ef177a26-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 21091
GET H2	200	fontawesome-all.min.css www.onlineflat24.de/vendor/font-awesome/css/ Frame A4FE	36 KB 8 KB	50ms 45ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/font-awesome/css/fontawesome-all.min.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:38 GMT server Apache etag "8ef7-5bc09ef42c01e-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 8083
GET H2	200	animate.min.css www.onlineflat24.de/vendor/animate/ Frame A4FE	52 KB 4 KB	42ms 38ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/animate/animate.min.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:20 GMT server Apache etag "ce35-5bc09ee30c47e-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 3954
GET H2	200	linear-icons.min.css www.onlineflat24.de/vendor/linear-icons/css/ Frame A4FE	7 KB 2 KB	46ms 42ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/linear-icons/css/linear-icons.min.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 8d9f4894d2eafb7ed9e7f10179f917e7279579d8fcc0b19eb5812a592ec89597 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:43 GMT server Apache etag "1b86-5bc09ef8b80da-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 1578
GET H2	200	owl.carousel.min.css www.onlineflat24.de/vendor/owl.carousel/assets/ Frame A4FE	3 KB 1 KB	35ms 32ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/owl.carousel/assets/owl.carousel.min.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 813f1398bf1531b20c365414d810e75f2ae867a70391794ca28eb57e18117c66 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:44 GMT server Apache etag "cb0-5bc09ef9e3da9-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 1034
GET H2	200	owl.theme.default.min.css www.onlineflat24.de/vendor/owl.carousel/assets/ Frame A4FE	1013 B 535 B	45ms 41ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/owl.carousel/assets/owl.theme.default.min.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 5ef3dcab3e61bdfaedeaf4457db9052ad300ac18b5660d6f737f29342e46cba9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:44 GMT server Apache etag "3f5-5bc09ef9f85c7-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 480
GET H2	200	magnific-popup.min.css www.onlineflat24.de/vendor/magnific-popup/ Frame A4FE	5 KB 2 KB	40ms 37ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/magnific-popup/magnific-popup.min.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 7092b870a61c2019b0ce2547febd17b21d397ec3e699d938d56df9304f07c1a1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:32 GMT server Apache etag "1454-5bc09eeebf5af-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 1583
GET H2	200	theme.css www.onlineflat24.de/css/ Frame A4FE	133 KB 16 KB	51ms 48ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/css/theme.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 3ac91f3102e7c53f3b043e0132cb2d1e226cf93a3216254261aff2b4f28e1766 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:11:33 GMT server Apache etag "2133b-5bc09e0a47e85-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 15928
GET H2	200	theme-elements.css www.onlineflat24.de/css/ Frame A4FE	242 KB 33 KB	77ms 74ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/css/theme-elements.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 5f978d9b493cdce081cc489e80956fb61577e9c232fc1377e229654f88fa8a00 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:11:35 GMT server Apache etag "3c973-5bc09e0ce6cbd-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 33709
GET H2	200	settings.css www.onlineflat24.de/vendor/rs-plugin/css/ Frame A4FE	29 KB 7 KB	48ms 46ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/rs-plugin/css/settings.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 1691bf8d192a3cf529bbb808e76f772d37c9f43b5ea89f222e7c66d470ea9f65 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:48 GMT server Apache etag "7571-5bc09efd7ac93-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 7124
GET H2	200	layers.css www.onlineflat24.de/vendor/rs-plugin/css/ Frame A4FE	135 KB 10 KB	76ms 73ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/rs-plugin/css/layers.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 4d9f871fa5e93d63fb8d52f573ee5e3b5cab633b4bb5a11b71612b19a7fe1d82 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:47 GMT server Apache etag "21de6-5bc09efcfccfa-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 10509
GET H2	200	navigation.css www.onlineflat24.de/vendor/rs-plugin/css/ Frame A4FE	56 KB 8 KB	73ms 71ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/rs-plugin/css/navigation.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 29f55d4585bb0dc5f3bc5f479ddae2d65e1cb9f5f5bf100cf038c509d8bd9812 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:47 GMT server Apache etag "dfba-5bc09efd1d098-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 7800
GET H2	200	default.css www.onlineflat24.de/css/skins/ Frame A4FE	55 KB 5 KB	61ms 60ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/css/skins/default.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 809eb782d820d852f864fa9683cf1cb647a8616114495daca76e376a9efb1604 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:12:01 GMT server Apache etag "ddaf-5bc09e257f94e-gzip" vary Accept-Encoding content-type text/css strict-transport-security max-age=31536000 accept-ranges bytes content-length 4891
GET H2	200	custom.css www.onlineflat24.de/css/ Frame A4FE	43 B 113 B	62ms 60ms	Stylesheet text/css	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/css/custom.css Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash ed79538feb2e96922e726e2488ad383244f7a260e89699499e9e60994f3d89d1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Wed, 24 Feb 2021 00:11:34 GMT server Apache etag "2b-5bc09e0b40ed6" strict-transport-security max-age=31536000 content-type text/css accept-ranges bytes content-length 43
GET H2	200	modernizr.min.js Show response www.onlineflat24.de/vendor/modernizr/ Frame A4FE	9 KB 4 KB	61ms 59ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/modernizr/modernizr.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 5f5d37b9452f4c75195435d056427f5d77a476241d9e6e12d348ba8e522fcd08 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:33 GMT server Apache etag "244e-5bc09eef20089-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 3936
GET H2	200	logo-small.png www.onlineflat24.de/img/ Frame A4FE	5 KB 5 KB	280ms 272ms	Image image/png	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/logo-small.png Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash d73a959735a3cc8a0cc347b4445d1fa397c7feb2dbc1476b7c247da6f2b32248 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Mon, 07 Dec 2020 12:06:09 GMT server Apache etag "142b-5b5dea6d60dab" strict-transport-security max-age=31536000 content-type image/png accept-ranges bytes content-length 5163
GET H2	200	menu-featured-image-1.png www.onlineflat24.de/img/ Frame A4FE	6 KB 6 KB	190ms 183ms	Image image/png	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/menu-featured-image-1.png Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 6ddc25a1d4d996d33b884b5a3beb0169cd81b1dffba6d687cb909c3c8670113d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Mon, 18 Feb 2019 02:59:15 GMT server Apache etag "1730-582224f54a6c0" strict-transport-security max-age=31536000 content-type image/png accept-ranges bytes content-length 5936
GET H2	200	rot.php Show response www.lcmmedia.de/kamp/ Frame A4FE	298 B 478 B	72ms 72ms	Script text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/rot.php?art=wideskyscraper&uid=1&sid=15 Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30, PleskLin Resource Hash c2fe9d10a78d4dd09ba89c92843bc94a578b33cab5152534c67dbee8b4d9c16a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; content-encoding gzip server nginx x-powered-by PHP/7.4.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT content-length 239
GET H2	200	product-emailmarketing-1.jpg www.onlineflat24.de/img/products/ Frame A4FE	85 KB 86 KB	191ms 184ms	Image image/jpeg	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/products/product-emailmarketing-1.jpg Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash a069149e05fdb7f8f333db24746e0e48893be0e52364fc5db70b9ff6c8254196 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Fri, 08 Mar 2019 01:54:32 GMT server Apache etag "15504-5838b81078600" strict-transport-security max-age=31536000 content-type image/jpeg accept-ranges bytes content-length 87300
GET H2	200	product-emailmarketing-2.jpg www.onlineflat24.de/img/products/ Frame A4FE	86 KB 87 KB	191ms 184ms	Image image/jpeg	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/products/product-emailmarketing-2.jpg Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 4be6b838f5af49c9707f1dc88644a95610d10875ed57ff1c13cab657a4cc25b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Fri, 08 Mar 2019 01:56:05 GMT server Apache etag "158c8-5838b86929740" strict-transport-security max-age=31536000 content-type image/jpeg accept-ranges bytes content-length 88264
GET H2	200	product-emailmarketing-3.jpg www.onlineflat24.de/img/products/ Frame A4FE	83 KB 84 KB	189ms 182ms	Image image/jpeg	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/products/product-emailmarketing-3.jpg Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 18403bfbf1aa7c895931ce806ee66f03483e6058f786b2f3f9b80c54ffb4264c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Fri, 08 Mar 2019 01:57:02 GMT server Apache etag "14c37-5838b89f85780" strict-transport-security max-age=31536000 content-type image/jpeg accept-ranges bytes content-length 85047
GET H2	200	product-emailmarketing-4.jpg www.onlineflat24.de/img/products/ Frame A4FE	84 KB 85 KB	190ms 184ms	Image image/jpeg	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/products/product-emailmarketing-4.jpg Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 6f19552c763553a28a5531da423ffc4d50732922672007a42c3d6163d4c6eefd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Fri, 08 Mar 2019 01:57:41 GMT server Apache etag "15137-5838b8c4b6f40" strict-transport-security max-age=31536000 content-type image/jpeg accept-ranges bytes content-length 86327
GET H2	200	pixel.gif www.paypalobjects.com/en_US/i/scr/ Frame A4FE	43 B 392 B	882ms 32ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/en_US/i/scr/pixel.gif Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frd/E2AC) / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT x-content-type-options nosniff last-modified Fri, 16 Aug 2019 04:57:34 GMT server ECAcc (frd/E2AC) etag "5d5637be-2b" dc ccg11-origin-www-1.paypal.com strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT content-type image/gif paypal-debug-id d1c4cfe1ff620 cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com content-length 43 expires Sun, 14 Aug 2022 02:02:20 GMT
GET H2	200	rot.php Show response www.lcmmedia.de/kamp/ Frame A4FE	297 B 479 B	72ms 71ms	Script text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/rot.php?art=leaderboard&uid=1&sid=15 Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30, PleskLin Resource Hash 8527a5ccbb09d4f542386cb02d096cd3d7ae0af71b0a84bc7faa39a7b71aaa58 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; content-encoding gzip server nginx x-powered-by PHP/7.4.30, PleskLin vary Accept-Encoding content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:19 GMT content-length 240
GET H2	200	icon-1.svg www.onlineflat24.de/img/icons/ Frame A4FE	3 KB 3 KB	277ms 271ms	Image image/svg+xml	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/icons/icon-1.svg Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 8c4c2b7d8e26df66b7520058a860916e531b066a8741a3faa595f22ad25e4c48 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Wed, 14 Feb 2018 15:18:19 GMT server Apache etag "ade-5652d9eff04c0" strict-transport-security max-age=31536000 content-type image/svg+xml accept-ranges bytes content-length 2782
GET H2	200	icon-2.svg www.onlineflat24.de/img/icons/ Frame A4FE	2 KB 2 KB	278ms 272ms	Image image/svg+xml	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/icons/icon-2.svg Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash c204baa093af938062096a9701d580972dcb5fd61c15502db53762eda5d7e8fc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Wed, 14 Feb 2018 13:19:12 GMT server Apache etag "7c2-5652bf5007400" strict-transport-security max-age=31536000 content-type image/svg+xml accept-ranges bytes content-length 1986
GET H2	200	icon-3.svg www.onlineflat24.de/img/icons/ Frame A4FE	2 KB 2 KB	278ms 272ms	Image image/svg+xml	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/icons/icon-3.svg Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 09e0f16a38b4d66cd75441c1dff21bdfc9b8f980ff97db11efa1e27554b01306 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Wed, 14 Feb 2018 13:22:55 GMT server Apache etag "889-5652c024b29c0" strict-transport-security max-age=31536000 content-type image/svg+xml accept-ranges bytes content-length 2185
GET H2	200	logo-footer.png www.onlineflat24.de/img/ Frame A4FE	6 KB 6 KB	190ms 185ms	Image image/png	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlineflat24.de/img/logo-footer.png Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 952692fbbc5d54d1fbdae18b2df39ff8d5ca4129303b0bd07b4285e4b1ae5809 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Wed, 23 Jan 2019 06:10:47 GMT server Apache etag "164e-58019f46ee7c0" strict-transport-security max-age=31536000 content-type image/png accept-ranges bytes content-length 5710
GET H2	200	jquery.min.js Show response www.onlineflat24.de/vendor/jquery/ Frame A4FE	85 KB 30 KB	192ms 182ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery/jquery.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:21 GMT server Apache etag "15391-5bc09ee42d56d-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 30313
GET H2	200	jquery.appear.min.js Show response www.onlineflat24.de/vendor/jquery.appear/ Frame A4FE	2 KB 852 B	167ms 156ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery.appear/jquery.appear.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash ac41dfea3047fde72b9e9a1ac437dcd837119c06924150edd09ab3b7d09b261d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:22 GMT server Apache etag "639-5bc09ee4dd1e3-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 774
GET H2	200	jquery.easing.min.js Show response www.onlineflat24.de/vendor/jquery.easing/ Frame A4FE	5 KB 2 KB	191ms 180ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery.easing/jquery.easing.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash b56e44c3e842d3cd0d1fbb26339f66b914d9b2831d8e2822bb074bacc52cbcc7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:22 GMT server Apache etag "1418-5bc09ee53ec5d-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 1757
GET H2	200	jquery-cookie.min.js Show response www.onlineflat24.de/vendor/jquery-cookie/ Frame A4FE	1 KB 853 B	166ms 155ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery-cookie/jquery-cookie.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 1a9bd3c697279bf78c0ffadde4e5cb673182cf45fc24a6abd71e3575a04a5f0d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:21 GMT server Apache etag "586-5bc09ee47a7c8-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 775
GET H2	200	bootstrap.bundle.min.js Show response www.onlineflat24.de/vendor/bootstrap/js/ Frame A4FE	69 KB 20 KB	193ms 182ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/bootstrap/js/bootstrap.bundle.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 06147e458cd63785f841d0c92047baebedaf5cb50654f6e92e6bb9b34112a356 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:36 GMT server Apache etag "11420-5bc09ef2a65d5-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 20695
GET H2	200	common.min.js Show response www.onlineflat24.de/vendor/common/ Frame A4FE	18 KB 7 KB	192ms 182ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/common/common.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 8d73755d4036900f5c3bb434156e53d4489b00099c664755c2a0966aa3c41b2a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:20 GMT server Apache etag "487e-5bc09ee373cb8-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 7437
GET H2	200	jquery.validation.min.js Show response www.onlineflat24.de/vendor/jquery.validation/ Frame A4FE	23 KB 8 KB	191ms 181ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery.validation/jquery.validation.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 7044cc4a34d20a060e9a529949ad459f67ff193bbcbbaef1993ddcc5ba901b4a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:24 GMT server Apache etag "5bc7-5bc09ee6d7f25-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 7643
GET H2	200	jquery.easy-pie-chart.min.js Show response www.onlineflat24.de/vendor/jquery.easy-pie-chart/ Frame A4FE	4 KB 2 KB	193ms 183ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery.easy-pie-chart/jquery.easy-pie-chart.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash e389ea6738b885de1c381a4185f28764f5b91bbe825793572aea1b7f03139018 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:23 GMT server Apache etag "f82-5bc09ee5a54f7-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 1684
GET H2	200	jquery.gmap.min.js Show response www.onlineflat24.de/vendor/jquery.gmap/ Frame A4FE	4 KB 2 KB	167ms 156ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery.gmap/jquery.gmap.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 413b6f27a6f608f275c5c3f45346a9cab9b762ce1389bdc2dd89fd0981b343d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:23 GMT server Apache etag "f29-5bc09ee608eb1-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 1469
GET H2	200	jquery.lazyload.min.js Show response www.onlineflat24.de/vendor/jquery.lazyload/ Frame A4FE	4 KB 1 KB	166ms 156ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/jquery.lazyload/jquery.lazyload.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash e984bed86b794601c8f0fc5d4633e4fc4b2de0209a5aace7493bfaa6eae7d5da Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:24 GMT server Apache etag "e11-5bc09ee6706eb-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 1407
GET H2	200	jquery.isotope.min.js Show response www.onlineflat24.de/vendor/isotope/ Frame A4FE	35 KB 10 KB	191ms 182ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/isotope/jquery.isotope.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 4eea7c52c40101d7e0aa05d1601ec6d8318dae8a7aefe2ac303be5b9c24fd22b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:21 GMT server Apache etag "8aba-5bc09ee3d5732-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 9871
GET H2	200	owl.carousel.min.js Show response www.onlineflat24.de/vendor/owl.carousel/ Frame A4FE	43 KB 11 KB	190ms 181ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/owl.carousel/owl.carousel.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 4dd0937ab0a3e143c312ac6f66b57804fff04440d3ddb925ffc33370726fb730 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:33 GMT server Apache etag "acc3-5bc09eef3a668-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 11366
GET H2	200	jquery.magnific-popup.min.js Show response www.onlineflat24.de/vendor/magnific-popup/ Frame A4FE	20 KB 7 KB	192ms 183ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/magnific-popup/jquery.magnific-popup.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:32 GMT server Apache etag "4ef8-5bc09eeea4031-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 7346
GET H2	200	vide.min.js Show response www.onlineflat24.de/vendor/vide/ Frame A4FE	4 KB 2 KB	190ms 180ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/vide/vide.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 67089eab878ddd35ec67754d6fa9178258cfaeb157bde484469339a44d7ed933 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:33 GMT server Apache etag "1180-5bc09eefb66c1-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 1939
GET H2	200	vivus.min.js Show response www.onlineflat24.de/vendor/vivus/ Frame A4FE	11 KB 4 KB	190ms 181ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/vivus/vivus.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 18949282236c58479862223954873f216b247953aaa1fafd5f270cdd304c05e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:34 GMT server Apache etag "2de9-5bc09ef01a07b-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 3900
GET H2	200	theme.js Show response www.onlineflat24.de/js/ Frame A4FE	101 KB 17 KB	334ms 325ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/js/theme.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash bf34e1a903056cff5c2f1ee62d01c3d19facd63b920352a3b072d04c3250a30e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:14:31 GMT server Apache etag "19420-5bc09eb4bcfb2-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 17420
GET H2	200	jquery.themepunch.tools.min.js Show response www.onlineflat24.de/vendor/rs-plugin/js/ Frame A4FE	108 KB 38 KB	259ms 250ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/rs-plugin/js/jquery.themepunch.tools.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:49 GMT server Apache etag "1afe4-5bc09efea3a82-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 38337
GET H2	200	jquery.themepunch.revolution.min.js Show response www.onlineflat24.de/vendor/rs-plugin/js/ Frame A4FE	253 KB 58 KB	358ms 350ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/vendor/rs-plugin/js/jquery.themepunch.revolution.min.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash fcbdfd993e8e390748f4014e2050e5788e1c5894ee190dbc054b593d3108e3f7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:15:49 GMT server Apache etag "3f3a5-5bc09efeb7300-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 59319
GET H2	200	custom.js Show response www.onlineflat24.de/js/ Frame A4FE	0 68 B	188ms 179ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/js/custom.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT last-modified Wed, 24 Feb 2021 00:14:27 GMT server Apache etag "0-5bc09eb095850" strict-transport-security max-age=31536000 content-type application/javascript accept-ranges bytes content-length 0
GET H2	200	theme.init.js Show response www.onlineflat24.de/js/ Frame A4FE	12 KB 1 KB	193ms 184ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/js/theme.init.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 99518b3caf7b8e22dcc034a091d30f67dd1c900a49374eaea4d6164dc5801672 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:14:30 GMT server Apache etag "30db-5bc09eb347f07-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 1296
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame A4FE	106 KB 41 KB	101ms 43ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-185627359-1 Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 61173d598f1d251d36685dd44aea2c69ebf9d0979d700cabd836df191795235c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41916 x-xss-protection 0 last-modified Sun, 14 Aug 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 14 Aug 2022 01:02:19 GMT
GET H2	200	examples.gallery.js Show response www.onlineflat24.de/js/examples/ Frame A4FE	1 KB 576 B	193ms 185ms	Script application/javascript	178.254.0.76 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://www.onlineflat24.de/js/examples/examples.gallery.js Requested by Host: www.onlineflat24.de URL: https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.0.76 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS sh-76.1blu.de Software Apache / Resource Hash 7b6216dbc74e86c516c69868d142fd9eaf5970c038dfe0860c7a2286c5df6055 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/shop/emailwerbung.html?utm_source=google&utm_medium=organic&utm_campaign=lcmmedia6n&utm_term=onlineflat24&utm_content=banner-ad User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip last-modified Wed, 24 Feb 2021 00:13:19 GMT server Apache etag "4f0-5bc09e6ff8bd5-gzip" vary Accept-Encoding content-type application/javascript strict-transport-security max-age=31536000 accept-ranges bytes content-length 498
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	93ms 37ms	Preflight text/html	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Sun, 14 Aug 2022 01:02:19 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D59B	65 KB 30 KB	109ms 57ms	XHR application/json+protobuf	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 747ca37629cee7991c97891fbf3ed91b2ea59178e66630568fcbf61b36ed81b6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json+protobuf Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 30648 x-xss-protection 0
POST H3	200	player Show response www.youtube.com/youtubei/v1/ Frame D59B	83 KB 25 KB	127ms 126ms	XHR application/json	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 182dd3de665a0aaf331d43f8f1ea23f7b2583eb16ba1144ac203a9d0e416810a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220810.01.00 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D Content-Type application/json Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25600 x-xss-protection 0 expires Sun, 14 Aug 2022 01:02:19 GMT
GET H3	200	pzNraZUKhr-UiBbvD9DydnR0z5NOWIMxvijMGKf8sGo.js Show response www.google.com/js/th/ Frame D59B	36 KB 14 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/pzNraZUKhr-UiBbvD9DydnR0z5NOWIMxvijMGKf8sGo.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7336b69950a86bf948816ef0fd0f2767474cf934e588331be28cc18a7fcb06a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 08:24:27 GMT content-encoding br x-content-type-options nosniff age 59872 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14138 x-xss-protection 0 last-modified Fri, 29 Jul 2022 09:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 13 Aug 2023 08:24:27 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/ Frame D59B	27 KB 8 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94677be9b0d03251f6b7eb30f0b50c04166577b60a0a237053af4c8480c3a0a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 00:26:23 GMT content-encoding br x-content-type-options nosniff age 174956 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8130 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 12 Aug 2023 00:26:23 GMT
GET DATA	200 OK	truncated / Frame D59B	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/png
GET H2	200	HuZAqxFvgCO4LXH4pVtY6Jlf1Jx7LC3maEd4T7oJvHXWSpfGa099ydqYLwotg4K3466teGRWqbQ=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame D59B	3 KB 3 KB	93ms 24ms	Image image/jpeg	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/HuZAqxFvgCO4LXH4pVtY6Jlf1Jx7LC3maEd4T7oJvHXWSpfGa099ydqYLwotg4K3466teGRWqbQ=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 8c0b3b4b77efde7483079ad4e53b2a20aa9005b83baf42e3e0df54dd24939098 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 21:58:44 GMT x-content-type-options nosniff age 11015 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2686 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 14 Jun 2022 09:07:16 GMT
GET DATA	200 OK	truncated / Frame D59B	333 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 152f133691f65e8d2438c525023f644c8d0274743c79296fed6a96da9f8df4ea Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/png
GET H3	204	generate_204 www.youtube.com/ Frame D59B	0 10 B	27ms 27ms	Image text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?vgZmbA Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:19 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
POST H3	204	qoe Show response www.youtube.com/api/stats/ Frame D59B	0 19 B	36ms 34ms	XHR text/html	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=397&afmt=251&cpn=yZ2pss4KF79RpwT7&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24220089%2C24226335%2C24238983%2C24245746%2C24248385%2C24258655%2C24260441%2C24263054%2C39321934&cl=466802422&seq=1&docid=4tDpYxNYqPg&ei=m0n4Yvq4JOz57gPspqugAg&event=streamingstats&plid=AAXmKRErK8a5Rrs5&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4tDpYxNYqPg%3Fshowinfo%3D0%26autoplay%3D1%26mute%3D1%26enablejsapi%3D1%26loop%3D1%26controls%3D2%26modestbranding%3D1%26iv_load_policy%3D3%26theme%3Ddark%26rel%3D0&cbr=Chrome&cbrver=104.0.5112.79&c=WEB_EMBEDDED_PLAYER&cver=1.20220810.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.221:B,0.221:B&cmt=0.007:0.000,0.221:0.000&afs=0.221:251::i&vfs=0.221:397:397::r&view=0.221:728:410&bwe=0.221:130000&bat=0.221:1:1&vis=0.221:0&bh=0.221:0.000 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-YouTube-Client-Version 1.20220810.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D X-YouTube-Ad-Signals dt=1660438939481&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:19 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	videoplayback Show response rr1---sn-4g5lzned.googlevideo.com/ Frame D59B	155 KB 156 KB	711ms 27ms	Fetch video/mp4	2a00:1450:4001:13::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-4g5lzned.googlevideo.com/videoplayback?expire=1660460539&ei=m0n4Yvq4JOz57gPspqugAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ANcLFCgVZXymAnpaB662-azMrZLA2zYdF5l89mW_bcbL&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=K5&mm=31%2C26&mn=sn-4g5lzned%2Csn-f5f7lnl6&ms=au%2Conr&mv=m&mvi=1&pl=29&initcwndbps=3235000&spc=lT-KhhRVT3ldrHGQzIoXUj4ieLUci5w&vprv=1&mime=video%2Fmp4&ns=gDU_v_5c5KxlAinBl_ZkmRwH&gir=yes&clen=11102422&dur=208.560&lmt=1601123251841218&mt=1660438609&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5531432&n=4exFm0zjfTACgA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC-B6B0D239hCcuqQ0Jf6RjoccO3X0pwozRXPiAwXKZwCIBz3m7iPYjwpM4Ds5179frA2mX_sJKj6E10vdhf4YaN3&alr=yes&sig=AOq0QJ8wRQIgK6kfOBFMaxK2T2Cq3uTewzVoPABL0L4OMQsLy5ZLErQCIQCZdrObUBekoRnF9V9k12UuLuMVR3NMgPKsG2HiSKrNNw%3D%3D&cpn=yZ2pss4KF79RpwT7&cver=1.20220810.01.00&range=0-158951&rn=1&rbuf=0 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 7691e3574a950c28d6a4606002fbadb70905c3e1089c28ea69ac18ff57e79d07 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:20 GMT X-Restrict-Formats-Hint None Cross-Origin-Resource-Policy cross-origin Connection keep-alive Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 158952 Last-Modified Sat, 26 Sep 2020 12:27:31 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin https://www.youtube.com Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=21299 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin https://www.youtube.com X-Content-Type-Options nosniff Expires Sun, 14 Aug 2022 01:02:20 GMT
GET H/1.1	200 OK	videoplayback Show response rr1---sn-4g5lzned.googlevideo.com/ Frame D59B	65 KB 66 KB	709ms 26ms	Fetch audio/webm	2a00:1450:4001:13::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-4g5lzned.googlevideo.com/videoplayback?expire=1660460539&ei=m0n4Yvq4JOz57gPspqugAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ANcLFCgVZXymAnpaB662-azMrZLA2zYdF5l89mW_bcbL&itag=251&source=youtube&requiressl=yes&mh=K5&mm=31%2C26&mn=sn-4g5lzned%2Csn-f5f7lnl6&ms=au%2Conr&mv=m&mvi=1&pl=29&initcwndbps=3235000&spc=lT-KhhRVT3ldrHGQzIoXUj4ieLUci5w&vprv=1&mime=audio%2Fwebm&ns=gDU_v_5c5KxlAinBl_ZkmRwH&gir=yes&clen=3482105&dur=208.581&lmt=1552131733329776&mt=1660438609&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5511222&n=4exFm0zjfTACgA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAL7HIo0kNVo6uGN6_0GlS01lktOnB7bWSvyi8CvA1XrMAiEAiScuhnurIh5BW2ezq-rRzMbMuQcdZ0wS2ECutj73M1A%3D&alr=yes&sig=AOq0QJ8wRgIhAKmpnGBR1icXN_U2Bmjk8K615LXR2enWtivc4T42Pg0lAiEA4YR5fUkGeHU3W2R4TEFm7p56sfjb98lwGE4mWd6Yq2A%3D&cpn=yZ2pss4KF79RpwT7&cver=1.20220810.01.00&range=0-66148&rn=2&rbuf=0 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 20801b87c649f90365e9f1640c70268f1977862d130d9d315f0628b4be29cf5d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:20 GMT X-Content-Type-Options nosniff Cross-Origin-Resource-Policy cross-origin Connection keep-alive Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 66149 Last-Modified Sat, 09 Mar 2019 11:42:13 GMT Server gvs 1.0 Vary Origin Content-Type audio/webm Access-Control-Allow-Origin https://www.youtube.com Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=21299 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin https://www.youtube.com Expires Sun, 14 Aug 2022 01:02:20 GMT
GET H3	200	remote.js Show response www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/ Frame D59B	119 KB 37 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2e9e737195ca1b78275927ea5d7c4ab9ee51d761ce225c1a0e8f540e8618c888 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 00:26:23 GMT content-encoding br x-content-type-options nosniff age 174956 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37782 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 12 Aug 2023 00:26:23 GMT
GET H3	200	endscreen.js Show response www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/ Frame D59B	29 KB 8 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/endscreen.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3138edb366efc379b6f11e4660f3b618b55940038d8a0a348cc5ac42693ecf4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 00:26:23 GMT content-encoding br x-content-type-options nosniff age 174956 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7955 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 12 Aug 2023 00:26:23 GMT
GET H3	200	annotations_module.js Show response www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/ Frame D59B	68 KB 20 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/annotations_module.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 970c07a3985284612212e090f4bad752d437977a26a6c075002233ed020b9b4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Fri, 12 Aug 2022 00:27:06 GMT content-encoding br x-content-type-options nosniff age 174913 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20369 x-xss-protection 0 last-modified Thu, 11 Aug 2022 02:21:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 12 Aug 2023 00:27:06 GMT
POST H3	200	next Show response www.youtube.com/youtubei/v1/ Frame D59B	31 KB 5 KB	274ms 273ms	XHR application/json	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 2b1c9ea17167f34945a8c528fa7abc7021de10ecc551f0358c8d645b561dfb2b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220810.01.00 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D Content-Type application/json Response headers date Sun, 14 Aug 2022 01:02:20 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5120 x-xss-protection 0 expires Sun, 14 Aug 2022 01:02:20 GMT
GET H2	200	sc_frame_content.php Show response www.lcmmedia.de/kamp/ Frame C0A8	2 KB 1 KB	47ms 47ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1025&sid=15&ns=1&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/rot.php?art=wideskyscraper&uid=1&sid=15 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash d16bebd212d4acdbab4339bd6418b8a204fad7c393a76fbaaf01824473fdce6f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.onlineflat24.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 904 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:20 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/ Frame 774F	51 B 319 B	336ms 113ms	Script application/javascript	167.114.209.61 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=v2load.com&_ss=3olopxh29g&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=14xo&_cb=_dtspv.c Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.v2load.com%2Fvideos%2F4tDpYxNYqPg%2F%3Fs%3D1&j=https%3A%2F%2Fwww.v2load.de%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns515688.ip-167-114-209.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 93639872ea8bc435b1808d24d4b896326aac44995432a2588ada90220f4bab5b Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:20 GMT X-T 0.179 Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Sun, 14 Aug 2022 01:02:19 GMT
GET H2	200	tc.js Show response cdn.tynt.com/ Frame 774F	17 KB 7 KB	636ms 37ms	Script application/javascript	104.18.36.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: widgets.amung.us URL: https://widgets.amung.us/small.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 21 Jul 2022 14:57:10 GMT server cloudflare age 209079 etag W/"62d96946-4599" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 73a5c3b21df5bb8b-FRA expires Wed, 17 Aug 2022 01:02:20 GMT
GET DATA	200 OK	truncated / Frame 774F	439 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	sc_frame_content.php Show response www.lcmmedia.de/kamp/ Frame 18FB	2 KB 1 KB	46ms 46ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1002&sid=15&ns=1&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/rot.php?art=leaderboard&uid=1&sid=15 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 2a6b94ef0be15b95a35fdaa5f873f5f8b0f4d85d8c96b1ce15049d48a91d6c22 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.onlineflat24.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 904 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Sun, 14 Aug 2022 01:02:20 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D59B	98 B 142 B	35ms 35ms	XHR application/json+protobuf	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d3fb832e535b3b92bcb2f72c6a45edf2e8230cac470e62e68e2d2b54aade1ab5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json+protobuf Response headers date Sun, 14 Aug 2022 01:02:19 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 118 x-xss-protection 0
GET H/1.1	200 OK	allklick.php Show response www.k-bettel.de/	5 B 284 B	30ms 30ms	XHR text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/allklick.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash e06d29ded1182ff6245852a02975c85c92837d586f568e769f910e1f0a621293 Request headers Accept text/html, */*; q=0.01 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:19 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-control no-cache Connection Keep-Alive Keep-Alive timeout=5, max=95 Content-Length 25
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame A4FE	49 KB 20 KB	416ms 24ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-185627359-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.onlineflat24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 20 date Sun, 14 Aug 2022 01:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 14 Aug 2022 03:02:00 GMT
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	29ms 29ms	Preflight text/html	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Sun, 14 Aug 2022 01:02:19 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	banner.gif h.premiumsim.de/ Frame C0A8 Redirect Chain https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1025&sid=15&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== https://h.premiumsim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=3388	44 KB 44 KB	67ms 67ms	Image image/gif	193.227.195.217 TELIKO-AS
General Check archive.org Show headers Download Go to Show image Full URL https://h.premiumsim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=3388 Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1025&sid=15&ns=1&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== Protocol H2 Server 193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE), Reverse DNS h.deutschlandsim.de Software nginx / Resource Hash 9d59eac001d6047707596cb3ea0cd6c7c7e2ca3258e896327c3f09615511cd93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:20 GMT last-modified Sun, 14 Aug 2022 01:02:20 GMT server nginx x-location wildcard x-served-by My Servlet Handler strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Tue, 13 Sep 2022 03:02:20 +0200 Redirect headers location https://h.premiumsim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=3388 content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; server nginx x-powered-by PHP/7.4.30, PleskLin date Sun, 14 Aug 2022 01:02:20 GMT content-length 0 content-type text/html; charset=UTF-8
GET H2	200	werbung.png www.lcmmedia.de/assets/ico/ Frame C0A8 Redirect Chain https://lcmmedia.de/assets/ico/werbung.png https://www.lcmmedia.de/assets/ico/werbung.png	2 KB 2 KB	32ms 32ms	Image image/png	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.lcmmedia.de/assets/ico/werbung.png Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1025&sid=15&ns=1&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== Protocol H2 Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PleskLin Resource Hash 8601a94dccb7ac5a7b55df00ada6dd85b731d13d2a4c2368ea9eea6f14f0e491 Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT last-modified Thu, 03 Jun 2021 16:00:29 GMT server nginx x-powered-by PleskLin etag "60b8fc9d-84a" content-type image/png accept-ranges bytes content-length 2122 Redirect headers location https://www.lcmmedia.de/assets/ico/werbung.png date Sun, 14 Aug 2022 01:02:20 GMT server nginx content-length 162 content-type text/html
GET H3	200	HuZAqxFvgCO4LXH4pVtY6Jlf1Jx7LC3maEd4T7oJvHXWSpfGa099ydqYLwotg4K3466teGRWqbQ=s88-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame D59B	4 KB 4 KB	80ms 25ms	Image image/jpeg	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/HuZAqxFvgCO4LXH4pVtY6Jlf1Jx7LC3maEd4T7oJvHXWSpfGa099ydqYLwotg4K3466teGRWqbQ=s88-c-k-c0x00ffffff-no-rj Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6ee68ac52ed2c6f109b60c9d97156a38084f36ab7a22fbd96795b3b88b4c0853 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 22:15:17 GMT x-content-type-options nosniff age 10023 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3806 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 14 Jun 2022 09:14:11 GMT
GET H2	200	banner.gif h.sim.de/ Frame 18FB Redirect Chain https://www.lcmmedia.de/kamp/b_view.php?uid=1&bid=1002&sid=15&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== https://h.sim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=6637	42 KB 42 KB	144ms 74ms	Image image/gif	193.227.195.217 TELIKO-AS
General Check archive.org Show headers Download Go to Show image Full URL https://h.sim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=6637 Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1002&sid=15&ns=1&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== Protocol H2 Server 193.227.195.217 , Germany, ASN29037 (TELIKO-AS, DE), Reverse DNS h.deutschlandsim.de Software nginx / Resource Hash 671a88a4bb87b9686b51f14f3dd5d9919f6ab7179f7bea954cd6fda8ab69a9a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:20 GMT last-modified Sun, 14 Aug 2022 01:02:20 GMT server nginx x-location wildcard x-served-by My Servlet Handler strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Tue, 13 Sep 2022 03:02:20 +0200 Redirect headers location https://h.sim.de/banner.gif?promotion_partner_id=13476&promotion_product_id=6637 content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; server nginx x-powered-by PHP/7.4.30, PleskLin date Sun, 14 Aug 2022 01:02:20 GMT content-length 0 content-type text/html; charset=UTF-8
GET H2	200	werbung.png www.lcmmedia.de/assets/ico/ Frame 18FB Redirect Chain https://lcmmedia.de/assets/ico/werbung.png https://www.lcmmedia.de/assets/ico/werbung.png	2 KB 2 KB	33ms 33ms	Image image/png	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://www.lcmmedia.de/assets/ico/werbung.png Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/sc_frame_content.php?uid=1&bid=1002&sid=15&ns=1&rc=aHR0cHM6Ly93d3cub25saW5lZmxhdDI0LmRlLw== Protocol H2 Server 213.202.218.154 Manchester, United Kingdom, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PleskLin Resource Hash 8601a94dccb7ac5a7b55df00ada6dd85b731d13d2a4c2368ea9eea6f14f0e491 Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT last-modified Thu, 03 Jun 2021 16:00:29 GMT server nginx x-powered-by PleskLin etag "60b8fc9d-84a" content-type image/png accept-ranges bytes content-length 2122 Redirect headers location https://www.lcmmedia.de/assets/ico/werbung.png date Sun, 14 Aug 2022 01:02:20 GMT server nginx content-length 162 content-type text/html
GET H3	200	videoplayback Show response rr1---sn-4g5lzned.googlevideo.com/ Frame D59B	64 KB 64 KB	51ms 24ms	Fetch audio/webm	2a00:1450:4001:13::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-4g5lzned.googlevideo.com/videoplayback?expire=1660460539&ei=m0n4Yvq4JOz57gPspqugAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ANcLFCgVZXymAnpaB662-azMrZLA2zYdF5l89mW_bcbL&itag=251&source=youtube&requiressl=yes&mh=K5&mm=31%2C26&mn=sn-4g5lzned%2Csn-f5f7lnl6&ms=au%2Conr&mv=m&mvi=1&pl=29&initcwndbps=3235000&spc=lT-KhhRVT3ldrHGQzIoXUj4ieLUci5w&vprv=1&mime=audio%2Fwebm&ns=gDU_v_5c5KxlAinBl_ZkmRwH&gir=yes&clen=3482105&dur=208.581&lmt=1552131733329776&mt=1660438609&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5511222&n=4exFm0zjfTACgA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAL7HIo0kNVo6uGN6_0GlS01lktOnB7bWSvyi8CvA1XrMAiEAiScuhnurIh5BW2ezq-rRzMbMuQcdZ0wS2ECutj73M1A%3D&alr=yes&sig=AOq0QJ8wRgIhAKmpnGBR1icXN_U2Bmjk8K615LXR2enWtivc4T42Pg0lAiEA4YR5fUkGeHU3W2R4TEFm7p56sfjb98lwGE4mWd6Yq2A%3D&cpn=yZ2pss4KF79RpwT7&cver=1.20220810.01.00&range=66149-131684&rn=3&rbuf=4613&pot=GpsBCm72otT9ATe8hn_Y6h_EzUseYihGgYmPe9N0sMlh8Up5XX_lhLfxYn6Svom0lryqS2wmBqj8rONX6iQORSZs3p0uoldm39it0Drk324YwJWaHdzSFBnhWUGn_PbMMRhGgIg3OfWi9yMHvaOHDc3G7RIpAX04kIgGoLErgv9xfCWgj9_4oA-bhz5pYGuvmAQLMBkMEXDyUvY9pdQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash b414f3e1a193020bea1c8f2fb45e429de7be69cb3c068ead7681fb693fde9e71 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65536 client-protocol quic last-modified Sat, 09 Mar 2019 11:42:13 GMT server gvs 1.0 vary Origin content-type audio/webm access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com expires Sun, 14 Aug 2022 01:02:20 GMT
GET H2	200	hqdefault.webp i.ytimg.com/vi_webp/tinrJJZmER8/ Frame D59B	23 KB 24 KB	83ms 22ms	Image image/webp	2a00:1450:4001:830::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/tinrJJZmER8/hqdefault.webp Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6366e82914ab29d5d88822af6825c03b3abc6250a2b64007a8eca98821f97115 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 00:24:23 GMT x-content-type-options nosniff age 2277 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23598 x-xss-protection 0 server sffe etag "1659000759" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 14 Aug 2022 02:24:23 GMT
GET DATA	200 OK	truncated / Frame D59B	229 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 339be58cfd00cf6f56fbb5def7e0d410f2177b7ae00993c5647fe4083fcb5a6f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/png
GET H2	200	hqdefault.jpg i.ytimg.com/vi/HIj2EWuuPVY/ Frame D59B	25 KB 26 KB	106ms 44ms	Image image/jpeg	2a00:1450:4001:830::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/HIj2EWuuPVY/hqdefault.jpg Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1bd7bb0e633fd6ee41aae6a9501c02be24e79736e2797c6bd5c2317e2932140 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:09 GMT x-content-type-options nosniff age 11 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26065 x-xss-protection 0 server sffe etag "1660299413" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=300 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 14 Aug 2022 01:07:09 GMT
GET H2	200	maxresdefault.webp i.ytimg.com/vi_webp/FjY2HKCtM04/ Frame D59B	37 KB 38 KB	121ms 60ms	Image image/webp	2a00:1450:4001:830::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/FjY2HKCtM04/maxresdefault.webp Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4246f44481ffcf55cc06d6bcdc5e16ac6a1c24c8592a8cfb1442c0bb2d66922f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 23:50:28 GMT x-content-type-options nosniff age 4312 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38360 x-xss-protection 0 server sffe etag "1566289234" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 14 Aug 2022 01:50:28 GMT
GET H2	200	featured_channel.jpg i.ytimg.com/an/UJHYmJ3_1Kwfs3lqYc_Rxg/ Frame D59B	3 KB 3 KB	93ms 42ms	Image image/jpeg	2a00:1450:4001:830::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/an/UJHYmJ3_1Kwfs3lqYc_Rxg/featured_channel.jpg?v=61af3c8e Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c35c47740025df09963063377aad83f303542baeaef41a49a5a0186fb63568b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 00:53:48 GMT x-content-type-options nosniff age 512 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3379 x-xss-protection 0 server sffe etag "1638874254" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 14 Aug 2022 02:53:48 GMT
GET H3	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame D59B	4 KB 2 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 14 Aug 2022 01:02:20 GMT
GET H2	204	p ic.tynt.com/b/ Frame 774F	0 227 B	371ms 120ms	Image text/plain	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!videov2load&lm=3&ts=1660438940622&dn=TC&iso=1&img=https%3A%2F%2Fi.ytimg.com%2Fvi%2F4tDpYxNYqPg%2Fmaxresdefault.jpg&ct=4tDpYxNYqPg&r=https%3A%2F%2Fwww.v2load.de%2F&t=%3A%20v2Load%20%3A%204tDpYxNYqPg&cu=https%3A%2F%2Fwww.v2load.com%2Fvideos%2F4tDpYxNYqPg%2F Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/104/ Frame D59B	52 KB 15 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/104/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sat, 13 Aug 2022 20:37:42 GMT content-encoding gzip x-content-type-options nosniff age 15878 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15107 x-xss-protection 0 last-modified Mon, 30 May 2022 15:03:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sun, 14 Aug 2022 20:37:42 GMT
GET H3	200	videoplayback Show response rr1---sn-4g5lzned.googlevideo.com/ Frame D59B	332 KB 332 KB	26ms 25ms	Fetch video/mp4	2a00:1450:4001:13::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-4g5lzned.googlevideo.com/videoplayback?expire=1660460539&ei=m0n4Yvq4JOz57gPspqugAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ANcLFCgVZXymAnpaB662-azMrZLA2zYdF5l89mW_bcbL&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=K5&mm=31%2C26&mn=sn-4g5lzned%2Csn-f5f7lnl6&ms=au%2Conr&mv=m&mvi=1&pl=29&initcwndbps=3235000&spc=lT-KhhRVT3ldrHGQzIoXUj4ieLUci5w&vprv=1&mime=video%2Fmp4&ns=gDU_v_5c5KxlAinBl_ZkmRwH&gir=yes&clen=11102422&dur=208.560&lmt=1601123251841218&mt=1660438609&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5531432&n=4exFm0zjfTACgA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC-B6B0D239hCcuqQ0Jf6RjoccO3X0pwozRXPiAwXKZwCIBz3m7iPYjwpM4Ds5179frA2mX_sJKj6E10vdhf4YaN3&alr=yes&sig=AOq0QJ8wRQIgK6kfOBFMaxK2T2Cq3uTewzVoPABL0L4OMQsLy5ZLErQCIQCZdrObUBekoRnF9V9k12UuLuMVR3NMgPKsG2HiSKrNNw%3D%3D&cpn=yZ2pss4KF79RpwT7&cver=1.20220810.01.00&range=158952-498567&rn=4&rbuf=6024&pot=GpsBCm72otT9ATe8hn_Y6h_EzUseYihGgYmPe9N0sMlh8Up5XX_lhLfxYn6Svom0lryqS2wmBqj8rONX6iQORSZs3p0uoldm39it0Drk324YwJWaHdzSFBnhWUGn_PbMMRhGgIg3OfWi9yMHvaOHDc3G7RIpAX04kIgGoLErgv9xfCWgj9_4oA-bhz5pYGuvmAQLMBkMEXDyUvY9pdQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash b84286f982195f8834e165543ec0e747a8d4125334c2647ca1d859a350351eda Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT x-restrict-formats-hint None cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 339616 client-protocol quic last-modified Sat, 26 Sep 2020 12:27:31 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com x-content-type-options nosniff expires Sun, 14 Aug 2022 01:02:20 GMT
GET H3	204	playback Show response www.youtube.com/api/stats/ Frame D59B	0 17 B	34ms 34ms	XHR text/html	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=yZ2pss4KF79RpwT7&ver=2&cmt=0.072&fmt=397&fs=0&rt=1.153&euri=https%3A%2F%2Fwww.v2load.com%2F&lact=1180&cl=466802422&mos=1&volume=100&cbr=Chrome&cbrver=104.0.5112.79&c=WEB_EMBEDDED_PLAYER&cver=1.20220810.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&hl=de_DE&cr=DE&len=208.581&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24220089%2C24226335%2C24238983%2C24245746%2C24248385%2C24258655%2C24260441%2C24263054%2C39321934&rtn=3&afmt=251&size=728%3A410&inview=0&muted=1&docid=4tDpYxNYqPg&ei=m0n4Yvq4JOz57gPspqugAg&plid=AAXmKRErK8a5Rrs5&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4tDpYxNYqPg%3Fshowinfo%3D0%26autoplay%3D1%26mute%3D1%26enablejsapi%3D1%26loop%3D1%26controls%3D2%26modestbranding%3D1%26iv_load_policy%3D3%26theme%3Ddark%26rel%3D0&of=rWxbV8tTDK_Wro5u6RQAdQ&vm=CAMQARgBOjJBTlRLbG5zb1lraGlPTm1acF9XbXdvYk9CQVNpOWlzYnlZNWlZcm1mbHdRaWJIMkVod2JXQVBta0tESll2eHFBNWhBMmtraWs3T2pSOG5vcjhLazhaRHR4R2dwc0JKS0VpQk1KRGkyV2xpSlBjSEpub0IxNmVYdVQzazZ6aUlEOGRidnUzMENvUkt3 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-YouTube-Client-Version 1.20220810.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D X-YouTube-Ad-Signals dt=1660438939481&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:20 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	ptracking Show response www.youtube.com/ Frame D59B	0 19 B	31ms 31ms	XHR text/html	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/ptracking?html5=1&video_id=4tDpYxNYqPg&cpn=yZ2pss4KF79RpwT7&ei=m0n4Yvq4JOz57gPspqugAg&ptk=youtube_single&oid=WRvjQj7mZ4X_ndAgQTy5Xw&ptchn=UJHYmJ3_1Kwfs3lqYc_Rxg&pltype=content Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-YouTube-Client-Version 1.20220810.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D X-YouTube-Ad-Signals dt=1660438939481&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:20 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame D59B	28 B 54 B	40ms 38ms	XHR application/json	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-YouTube-Client-Version 1.20220810.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D X-YouTube-Ad-Signals dt=1660438939481&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image Response headers date Sun, 14 Aug 2022 01:02:20 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Sun, 14 Aug 2022 01:02:20 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame D59B	28 B 54 B	43ms 39ms	XHR application/json	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-YouTube-Client-Version 1.20220810.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D X-YouTube-Ad-Signals dt=1660438939352&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image Response headers date Sun, 14 Aug 2022 01:02:20 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Sun, 14 Aug 2022 01:02:20 GMT
GET H3	200	videoplayback Show response rr1---sn-4g5lzned.googlevideo.com/ Frame D59B	165 KB 165 KB	25ms 24ms	Fetch audio/webm	2a00:1450:4001:13::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-4g5lzned.googlevideo.com/videoplayback?expire=1660460539&ei=m0n4Yvq4JOz57gPspqugAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ANcLFCgVZXymAnpaB662-azMrZLA2zYdF5l89mW_bcbL&itag=251&source=youtube&requiressl=yes&mh=K5&mm=31%2C26&mn=sn-4g5lzned%2Csn-f5f7lnl6&ms=au%2Conr&mv=m&mvi=1&pl=29&initcwndbps=3235000&spc=lT-KhhRVT3ldrHGQzIoXUj4ieLUci5w&vprv=1&mime=audio%2Fwebm&ns=gDU_v_5c5KxlAinBl_ZkmRwH&gir=yes&clen=3482105&dur=208.581&lmt=1552131733329776&mt=1660438609&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5511222&n=4exFm0zjfTACgA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAL7HIo0kNVo6uGN6_0GlS01lktOnB7bWSvyi8CvA1XrMAiEAiScuhnurIh5BW2ezq-rRzMbMuQcdZ0wS2ECutj73M1A%3D&alr=yes&sig=AOq0QJ8wRgIhAKmpnGBR1icXN_U2Bmjk8K615LXR2enWtivc4T42Pg0lAiEA4YR5fUkGeHU3W2R4TEFm7p56sfjb98lwGE4mWd6Yq2A%3D&cpn=yZ2pss4KF79RpwT7&cver=1.20220810.01.00&range=131685-300794&rn=5&rbuf=9156&pot=GpsBCm72otT9ATe8hn_Y6h_EzUseYihGgYmPe9N0sMlh8Up5XX_lhLfxYn6Svom0lryqS2wmBqj8rONX6iQORSZs3p0uoldm39it0Drk324YwJWaHdzSFBnhWUGn_PbMMRhGgIg3OfWi9yMHvaOHDc3G7RIpAX04kIgGoLErgv9xfCWgj9_4oA-bhz5pYGuvmAQLMBkMEXDyUvY9pdQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 75608ad7e53226daf4c3766e6d0c18c827f4382f2c05a5b57e1a60fd72637496 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 169110 client-protocol quic last-modified Sat, 09 Mar 2019 11:42:13 GMT server gvs 1.0 vary Origin content-type audio/webm access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com expires Sun, 14 Aug 2022 01:02:20 GMT
GET H2	200	v2 Show response de.tynt.com/deb/ Frame 774F	4 B 260 B	383ms 125ms	Script application/javascript	67.202.105.34 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!videov2load&dn=TC&cc=1&r=https%3A%2F%2Fwww.v2load.de%2F Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.34 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip34.67-202-105.static.steadfastdns.net Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:20 GMT cache-control max-age=86400 content-type application/javascript accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 4 expires Mon, 15 Aug 2022 01:02:21 GMT
GET H/1.1	200 OK	allklick.php Show response www.k-bettel.de/	5 B 284 B	26ms 26ms	XHR text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/allklick.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash e06d29ded1182ff6245852a02975c85c92837d586f568e769f910e1f0a621293 Request headers Accept text/html, */*; q=0.01 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:20 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-control no-cache Connection Keep-Alive Keep-Alive timeout=5, max=94 Content-Length 25
GET H2	204	p ic.tynt.com/b/ Frame 774F	0 227 B	123ms 123ms	Image text/plain	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!videov2load&lm=3&ts=1660438940622&dn=TC&iso=1&img=https%3A%2F%2Fi.ytimg.com%2Fvi%2F4tDpYxNYqPg%2Fmaxresdefault.jpg&ct=4tDpYxNYqPg&r=https%3A%2F%2Fwww.v2load.de%2F&t=%3A%20v2Load%20%3A%204tDpYxNYqPg&cu=https%3A%2F%2Fwww.v2load.com%2Fvideos%2F4tDpYxNYqPg%2F Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/ Frame 774F	0 227 B	122ms 122ms	Image text/plain	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!videov2load&lm=3&ts=1660438940622&dn=TC&iso=1&img=https%3A%2F%2Fi.ytimg.com%2Fvi%2F4tDpYxNYqPg%2Fmaxresdefault.jpg&ct=4tDpYxNYqPg&r=https%3A%2F%2Fwww.v2load.de%2F&t=%3A%20v2Load%20%3A%204tDpYxNYqPg Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/ Frame 774F	0 227 B	120ms 120ms	Image text/plain	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!videov2load&lm=3&ts=1660438940622&dn=TC&iso=1&img=https%3A%2F%2Fi.ytimg.com%2Fvi%2F4tDpYxNYqPg%2Fmaxresdefault.jpg&ct=4tDpYxNYqPg&r=https%3A%2F%2Fwww.v2load.de%2F Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/ Frame 774F	0 227 B	121ms 121ms	Image text/plain	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!videov2load&lm=3&ts=1660438940622&dn=TC&iso=1&img=https%3A%2F%2Fi.ytimg.com%2Fvi%2F4tDpYxNYqPg%2Fmaxresdefault.jpg&ct=4tDpYxNYqPg Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/ Frame 774F	0 227 B	121ms 121ms	Image text/plain	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!videov2load&lm=3&ts=1660438940622&dn=TC&iso=1&img=https%3A%2F%2Fi.ytimg.com%2Fvi%2F4tDpYxNYqPg%2Fmaxresdefault.jpg Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	/ cdn.bmcdn3.com/confirm/b737050b-f5aa-4676-8fb2-5a1ae29abcc2/	0 268 B	141ms 141ms	Image text/plain	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bmcdn3.com/confirm/b737050b-f5aa-4676-8fb2-5a1ae29abcc2/?fid=919c290309429183cb82f944f6e7e2a3&source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMYMH6TOLH2KL2qvTbTJNUbbrYM1s9sFru24WjFjPLQa4K0wk5FAslYTJJG5y8TB5tsZKeu%2Fr9KRFFGMuWNjma%2B54j4M%2F%2FCIlfYMXGd%2FWfysEPNU3vk66juReshl78vVgEinGcUJx3DLvc%2Ff"}],"group":"cf-nel","max_age":604800} cf-ray 73a5c3b889959191-FRA
GET H2	200	/ cdn.bmcdn3.com/confirm/5764b208-d607-40a2-a8af-2fe323f1aa2c/	0 291 B	122ms 122ms	Image text/plain	2606:4700:20::681a:c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bmcdn3.com/confirm/5764b208-d607-40a2-a8af-2fe323f1aa2c/?fid=919c290309429183cb82f944f6e7e2a3&source=https%3A%2F%2Fwww.k-bettel.de%2Findex.php%3Fcontent%3D%2Fnoreload%26ref%3D441484%26tan%3D7ac5e2d5aaca19e0548fd08247d3204d%26step2%3Dok Requested by Host: www.k-bettel.de URL: https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrmnswx9jqY%2Fx5HGfqJ8u7vRXDtFvpDU1xuwRJWLa1fjwnvJ0GDDlad5K%2B73iair27091TeKoolhYlr6BqUmQTQvKjnE19uw3bsTqJQTXMy2t168yUggPFII8OIleKP41KDgU195gzzLcZMr"}],"group":"cf-nel","max_age":604800} cf-ray 73a5c3b889979191-FRA
GET H2	204	p ic.tynt.com/b/ Frame 774F	0 227 B	120ms 120ms	Image text/plain	67.202.105.33 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!videov2load&lm=3&ts=1660438940622&dn=TC&iso=1 Requested by Host: www.v2load.com URL: https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.33 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip33.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.v2load.com/videos/4tDpYxNYqPg/?s=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:21 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H/1.1	200 OK	dark-bottom.css s3.amazonaws.com/valao-cloud/cookie-hinweis/	3 KB 4 KB	124ms 123ms	Stylesheet text/css	54.231.137.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/valao-cloud/cookie-hinweis/dark-bottom.css Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.137.168 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 27ab84c45d4ea3d72d807bb1d3db6359ade41f288b235c6b23118a2fa96cc449 Request headers accept-language de-DE,de;q=0.9 Referer https://www.k-bettel.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:22 GMT Last-Modified Thu, 13 Jun 2019 19:15:46 GMT Server AmazonS3 x-amz-request-id TGXR153H7HD8CSW2 ETag "5bf7ee25dfc531a650cadc3770723438" Content-Type text/css Accept-Ranges bytes Content-Length 3341 x-amz-id-2 fs8L9TJiSe9BMTUl2JE570hWRNgtNQWCT7gCDUAoY1AhNiSsBZmtLNLRiJV5uKkFOlJSrTIEoOk=
GET H/1.1	200 OK	allklick.php Show response www.k-bettel.de/	5 B 284 B	27ms 26ms	XHR text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/allklick.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash e06d29ded1182ff6245852a02975c85c92837d586f568e769f910e1f0a621293 Request headers Accept text/html, */*; q=0.01 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:21 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-control no-cache Connection Keep-Alive Keep-Alive timeout=5, max=93 Content-Length 25
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame D59B	28 B 54 B	39ms 38ms	XHR application/json	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-YouTube-Client-Version 1.20220810.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D X-YouTube-Ad-Signals dt=1660438939352&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image Response headers date Sun, 14 Aug 2022 01:02:22 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Sun, 14 Aug 2022 01:02:22 GMT
GET H3	204	watchtime Show response www.youtube.com/api/stats/ Frame D59B	0 17 B	32ms 32ms	XHR text/html	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=yZ2pss4KF79RpwT7&ver=2&cmt=1.924&fmt=397&fs=0&rt=3.001&euri=https%3A%2F%2Fwww.v2load.com%2F&lact=3029&cl=466802422&state=playing&volume=100&cbr=Chrome&cbrver=104.0.5112.79&c=WEB_EMBEDDED_PLAYER&cver=1.20220810.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=de_DE&cr=DE&len=208.581&rtn=13&afmt=251&idpj=-9&ldpj=-34&rti=3&size=728%3A410&inview=0&st=0&et=1.924&muted=1&docid=4tDpYxNYqPg&ei=m0n4Yvq4JOz57gPspqugAg&plid=AAXmKRErK8a5Rrs5&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4tDpYxNYqPg%3Fshowinfo%3D0%26autoplay%3D1%26mute%3D1%26enablejsapi%3D1%26loop%3D1%26controls%3D2%26modestbranding%3D1%26iv_load_policy%3D3%26theme%3Ddark%26rel%3D0&of=rWxbV8tTDK_Wro5u6RQAdQ&vm=CAMQARgBOjJBTlRLbG5zb1lraGlPTm1acF9XbXdvYk9CQVNpOWlzYnlZNWlZcm1mbHdRaWJIMkVod2JXQVBta0tESll2eHFBNWhBMmtraWs3T2pSOG5vcjhLazhaRHR4R2dwc0JKS0VpQk1KRGkyV2xpSlBjSEpub0IxNmVYdVQzazZ6aUlEOGRidnUzMENvUkt3 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/4tDpYxNYqPg?showinfo=0&autoplay=1&mute=1&enablejsapi=1&loop=1&controls=2&modestbranding=1&iv_load_policy=3&theme=dark&rel=0 X-YouTube-Client-Version 1.20220810.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id Cgs1N0xjQm1LUGk1Yyibk-GXBg%3D%3D X-YouTube-Ad-Signals dt=1660438939481&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C410&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Sun, 14 Aug 2022 01:02:22 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	allklick.php Show response www.k-bettel.de/	5 B 284 B	30ms 30ms	XHR text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/allklick.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash e06d29ded1182ff6245852a02975c85c92837d586f568e769f910e1f0a621293 Request headers Accept text/html, */*; q=0.01 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:22 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-control no-cache Connection Keep-Alive Keep-Alive timeout=5, max=92 Content-Length 25
GET H3	200	videoplayback Show response rr1---sn-4g5lzned.googlevideo.com/ Frame D59B	794 KB 794 KB	23ms 23ms	Fetch video/mp4	2a00:1450:4001:13::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr1---sn-4g5lzned.googlevideo.com/videoplayback?expire=1660460539&ei=m0n4Yvq4JOz57gPspqugAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ANcLFCgVZXymAnpaB662-azMrZLA2zYdF5l89mW_bcbL&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=K5&mm=31%2C26&mn=sn-4g5lzned%2Csn-f5f7lnl6&ms=au%2Conr&mv=m&mvi=1&pl=29&initcwndbps=3235000&spc=lT-KhhRVT3ldrHGQzIoXUj4ieLUci5w&vprv=1&mime=video%2Fmp4&ns=gDU_v_5c5KxlAinBl_ZkmRwH&gir=yes&clen=11102422&dur=208.560&lmt=1601123251841218&mt=1660438609&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5531432&n=4exFm0zjfTACgA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgC-B6B0D239hCcuqQ0Jf6RjoccO3X0pwozRXPiAwXKZwCIBz3m7iPYjwpM4Ds5179frA2mX_sJKj6E10vdhf4YaN3&alr=yes&sig=AOq0QJ8wRQIgK6kfOBFMaxK2T2Cq3uTewzVoPABL0L4OMQsLy5ZLErQCIQCZdrObUBekoRnF9V9k12UuLuMVR3NMgPKsG2HiSKrNNw%3D%3D&cpn=yZ2pss4KF79RpwT7&cver=1.20220810.01.00&range=498568-1311308&rn=6&rbuf=12125&pot=GpsBCm72otT9ATe8hn_Y6h_EzUseYihGgYmPe9N0sMlh8Up5XX_lhLfxYn6Svom0lryqS2wmBqj8rONX6iQORSZs3p0uoldm39it0Drk324YwJWaHdzSFBnhWUGn_PbMMRhGgIg3OfWi9yMHvaOHDc3G7RIpAX04kIgGoLErgv9xfCWgj9_4oA-bhz5pYGuvmAQLMBkMEXDyUvY9pdQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/4c3f79c5/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 776de8b265ffa23c9e7b3889cb5bb6b1154c4847c1318ab0d94436e07eed282f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Sun, 14 Aug 2022 01:02:23 GMT x-restrict-formats-hint None cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 812741 client-protocol quic last-modified Sat, 26 Sep 2020 12:27:31 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21296 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com x-content-type-options nosniff expires Sun, 14 Aug 2022 01:02:23 GMT
GET H/1.1	200 OK	allklick.php Show response www.k-bettel.de/	5 B 284 B	26ms 26ms	XHR text/html	195.201.125.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.k-bettel.de/allklick.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.125.43 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS k-bettel.hansespace.de Software Apache / Resource Hash e06d29ded1182ff6245852a02975c85c92837d586f568e769f910e1f0a621293 Request headers Accept text/html, */*; q=0.01 Referer https://www.k-bettel.de/index.php?content=/noreload&ref=441484&tan=7ac5e2d5aaca19e0548fd08247d3204d&step2=ok X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Sun, 14 Aug 2022 01:02:23 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-control no-cache Connection Keep-Alive Keep-Alive timeout=5, max=91 Content-Length 25

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.k-bettel.de

URL

http://www.k-bettel.de/popup/pop.php