www.xn--flge-1ra.de Open in urlscan Pro Puny
www.flüge.de IDN
2a01:4f8:1c0c:81e4::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--flge-1ra.de/
Effective URL:
https://www.xn--flge-1ra.de/
Submission: On March 30 via api (March 30th 2021, 3:38:38 pm UTC) from GB

Summary HTTP 73 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 73 HTTP transactions. The main IP is 2a01:4f8:1c0c:81e4::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.xn--flge-1ra.de.
TLS certificate: Issued by R3 on March 8th 2021. Valid for: 3 months.

This is the only time www.xn--flge-1ra.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2a01:4f8:1c0c... 2a01:4f8:1c0c:81e4::2	24940 (HETZNER-AS) (HETZNER-AS)
10	185.64.96.3 185.64.96.3	8469 (PIRONETND...) (PIRONETNDH-AS CANCOM Managed Services GmbH)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:206... 2600:9000:206f:2a00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3033::ac43:944f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
73	21

35 2a01:4f8:1c0c:81e4::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

xn--flge-1ra.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.xn--flge-1ra.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.triplemind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.96.3 (Germany)

ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE)

de.images.traveltainment.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:2a00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.149 (Ketsch, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:944f (United States)

ASN13335 (CLOUDFLARENET, US)

www.ad4mat.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.251 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	xn--flge-1ra.de 1 redirects xn--flge-1ra.de www.xn--flge-1ra.de	1 MB
10	traveltainment.eu de.images.traveltainment.eu	206 KB
4	adform.net 2 redirects track.adform.net s2.adform.net	30 KB
4	mathtag.com pixel.mathtag.com	3 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 5994599.fls.doubleclick.net	3 KB
4	google-analytics.com www.google-analytics.com	22 KB
3	triplemind.com ad.triplemind.com	5 KB
3	google.com www.google.com adservice.google.com	708 B
2	facebook.com www.facebook.com	416 B
2	google.de www.google.de	591 B
2	redintelligence.net 1 redirects hal9000.redintelligence.net	2 KB
2	facebook.net connect.facebook.net	92 KB
2	bing.com bat.bing.com	9 KB
1	ad4mat.de www.ad4mat.de	1012 B
1	dwin1.com www.dwin1.com	6 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	48 KB
73	17

	Domain	Requested by
31	www.xn--flge-1ra.de	www.xn--flge-1ra.de
10	de.images.traveltainment.eu	www.xn--flge-1ra.de
4	pixel.mathtag.com	hal9000.redintelligence.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.xn--flge-1ra.de
3	ad.triplemind.com	www.xn--flge-1ra.de ad.triplemind.com
3	track.adform.net	2 redirects hal9000.redintelligence.net
2	5994599.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	www.facebook.com	www.xn--flge-1ra.de
2	www.google.de	www.xn--flge-1ra.de
2	www.google.com	www.xn--flge-1ra.de
2	hal9000.redintelligence.net	1 redirects www.dwin1.com
2	connect.facebook.net	www.xn--flge-1ra.de connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.xn--flge-1ra.de
1	adservice.google.com	5994599.fls.doubleclick.net
1	s2.adform.net	hal9000.redintelligence.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.ad4mat.de	www.dwin1.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.dwin1.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.xn--flge-1ra.de
1	xn--flge-1ra.de	1 redirects
73	22

This site contains links to these domains. Also see Links.

Domain
hotels.xn--flge-1ra.de
www.reise.de
play.google.com
itunes.apple.com
de-de.facebook.com
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
xn--flge-1ra.de R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
*.traveltainment.eu Thawte RSA CA 2018	`2021-02-24` - `2022-03-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
redintelligence.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-17` - `2022-02-16`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.triplemind.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.xn--flge-1ra.de/
Frame ID: 9DB02DDA6DCDACB63609DD3FC3341BC5
Requests: 64 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Frame ID: B1C0E9D3A28958AFA6CF21D8B912F1B7
Requests: 7 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233
Frame ID: FF5127B816A4905D383BACC202B94269
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://xn--flge-1ra.de/ HTTP 301
https://www.xn--flge-1ra.de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

73
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

1519 kB
Transfer

2795 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://hotels.xn--flge-1ra.de/?aid=347522
Title: Hotels

Search URL Search Domain Scan URL

URL: https://www.reise.de/
Title: Pauschalreisen

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.swissxl.fluege
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/de/app/fluge.de/id1019565954
Title:

Search URL Search Domain Scan URL

URL: https://de-de.facebook.com/fluege.vergleichen/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fluge.de/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fluege.vergleichen/
Title: Flüge.de auf Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn--flge-1ra.de/ HTTP 301
https://www.xn--flge-1ra.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://hal9000.redintelligence.net/retarget?a=49586&version=1 HTTP 302
https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

Request Chain 63

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 64

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233

Request Chain 67

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=645415802979&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=645415802979&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xn--flge-1ra.de/
Redirect Chain

http://xn--flge-1ra.de/
https://www.xn--flge-1ra.de/

102 KB
22 KB

68ms
41ms

Document
text/html

2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fa4753d44c60715d7c676b0a3a08399e7b948b3406736b1980886dd2be385cff

Request headers

:method: GET
:authority: www.xn--flge-1ra.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.16.1
date: Tue, 30 Mar 2021 15:38:13 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 30 Mar 2021 15:27:14 GMT
expires: Tue, 30 Mar 2021 18:27:14 GMT
pragma: public
cache-control: max-age=10141, public
x-duration: D=9599 us
access-control-allow-origin: *
link: <//cdn.fluxgrid.net>; rel="preconnect"
x-origin-duration: D=14163
x-origin-cache-control: max-age=10141, public
age: 0
x-cache: MISS
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
vary: Origin,Accept
content-encoding: gzip

Redirect headers

Server: nginx/1.16.1
Date: Tue, 30 Mar 2021 15:38:13 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.xn--flge-1ra.de/

GET
H2 200 1939e.css
www.xn--flge-1ra.de/wp-content/cache/minify/10/ 270 KB
39 KB 278ms
276ms Stylesheet
text/css 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/1939e.css
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 1709877b1b4a24df201032b6902c21f0d55f545cb942ede7f59850af930caf52

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=241594
x-cache: MISS
last-modified: Tue, 09 Mar 2021 07:11:38 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin,Accept
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=238216 us
expires: Tue, 30 Mar 2021 21:38:13 GMT

GET
H2 200 fadc0.js Show response
www.xn--flge-1ra.de/wp-content/cache/minify/10/ 558 KB
134 KB 278ms
276ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/fadc0.js
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 96051b32567f50b85573b29331c3e6d5687bf0be915a6a2562ff2cb233054390

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=249546
x-cache: MISS
last-modified: Tue, 09 Mar 2021 07:11:38 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=247279 us
expires: Tue, 30 Mar 2021 21:38:13 GMT

GET
H2 200 61add.js Show response
www.xn--flge-1ra.de/wp-content/cache/minify/10/ 866 B
852 B 254ms
252ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/61add.js
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f90677a87eef94484c52fd888e1a8f744c18c459752412c30cefe3a5dc94f85c

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=241708
x-cache: MISS
last-modified: Tue, 09 Mar 2021 07:11:11 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=238752 us
expires: Tue, 30 Mar 2021 21:38:13 GMT

GET
H2 200 cloud-bg.jpg
www.xn--flge-1ra.de/wp-content/themes/fluege-master/images/ 47 KB
48 KB 86ms
33ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/themes/fluege-master/images/cloud-bg.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 97836b27768d0e3723ae5b18a26387e6b5b9697a66d224c4787f4a34921306b0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=16407
x-cache: MISS
last-modified: Fri, 08 Mar 2019 14:42:09 GMT
content-length: 48370
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14417 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 paypal-logo.png
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 8 KB
8 KB 80ms
18ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/paypal-logo.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d89faebb1d969f7b296ba93164a203165491ce967dd42ba351c14f43013efe7f

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=9638
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:38 GMT
content-length: 7940
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=3539 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 visa-logo.png
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 8 KB
8 KB 102ms
41ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/visa-logo.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bd78975408b4db8440f8dab32512930e91b27fa1f4fa1c66462da84becfdb59d

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=23092
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:29 GMT
content-length: 7848
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=20822 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 american-express-logo.png
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 8 KB
8 KB 94ms
33ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/american-express-logo.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4a3bc550e2976fb00630f6aa1876e2a5333db5429e819995898a82eeb4d81afd

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=20941
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:11 GMT
content-length: 7903
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=19317 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 mastercard-logo.png
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 6 KB
6 KB 63ms
42ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/mastercard-logo.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: edec770ab0b7ed3376fb6878c4802b7fdb138528822404483f094cd078c1e4bf

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=16367
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:16 GMT
content-length: 5872
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14644 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 giropay-logo.png
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 4 KB
4 KB 45ms
24ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/giropay-logo.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 06a8f5a691f57985581257ce78bb23acfd133857ffd3af0d790285f3e89c9dd8

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=7826
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:20 GMT
content-length: 3986
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=6511 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 sofortueberweisung-logo.png
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 13 KB
13 KB 30ms
27ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/sofortueberweisung-logo.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d36f88639070d02081f7934671d25407c9e52c0e9ac2652720486c3635ef64ad

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=14216
x-cache: MISS
last-modified: Mon, 28 May 2018 10:51:33 GMT
content-length: 12815
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=12593 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 alanya-antalya-tuerkei-fluege-480x270.jpg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 25 KB
26 KB 41ms
32ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/alanya-antalya-tuerkei-fluege-480x270.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 36ea3116c290e71f3a7bd8cc4786402e7cd05d47abc13d0e749cce44617a05f8

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=15882
x-cache: MISS
last-modified: Tue, 10 Dec 2019 13:55:15 GMT
content-length: 25878
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=11393 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 Berlin_Beitragsbild-480x270.jpg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 29 KB
29 KB 93ms
61ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/Berlin_Beitragsbild-480x270.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4ca21b1d3f98966da085508c3fcd782232d53e54533c2443db19d9246f085e0b

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=19662
x-cache: MISS
last-modified: Thu, 20 Jul 2017 20:33:35 GMT
content-length: 29688
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=17504 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 kreml-moskau-480x270.jpeg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 29 KB
29 KB 98ms
66ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/kreml-moskau-480x270.jpeg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 72598958ba1df4c7b007123cad8595d9f918d330bebd1ea1c717f1b88b89043c

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=17923
x-cache: MISS
last-modified: Thu, 24 Jan 2019 16:47:33 GMT
content-length: 29423
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=15895 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 tower-bridge-768780_1920-480x270.jpg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 27 KB
27 KB 82ms
50ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/tower-bridge-768780_1920-480x270.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b2c9990fcd016da0286758a18a5c269855cb904d518c5c362bd1c6d9760744d1

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=16021
x-cache: MISS
last-modified: Sat, 08 Apr 2017 08:06:14 GMT
content-length: 27303
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14450 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 beach-2100369_1920-480x270.jpg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 40 KB
40 KB 51ms
47ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/beach-2100369_1920-480x270.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 77789ec43e36feda23eeeef0ffedfd3de7f6d43b5d3cdab3d649a620fd626644

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=16265
x-cache: MISS
last-modified: Tue, 28 Mar 2017 13:02:59 GMT
content-length: 40620
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14313 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 paris-eiffelturm-480x270.jpeg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 40 KB
40 KB 59ms
34ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/paris-eiffelturm-480x270.jpeg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 531df41376782101853b7c43c783aacbd2045a68a8fec80fc6dd035fb38710e4

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=8914
x-cache: MISS
last-modified: Wed, 14 Nov 2018 13:54:50 GMT
content-length: 40959
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=5539 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 new-york-empire-state1912582_1920-480x270.jpg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 30 KB
31 KB 60ms
37ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/new-york-empire-state1912582_1920-480x270.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 14813ecad3e3498f71e6c52447a49360474fc35ff6f5768ef6647cb26793f48b

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=17816
x-cache: MISS
last-modified: Thu, 30 Nov 2017 10:33:25 GMT
content-length: 30919
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=11496 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 morocco-2809965_960_720-480x270.jpg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 22 KB
23 KB 106ms
94ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/morocco-2809965_960_720-480x270.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f6e455705f19f652d4ae08b7ce31e64337d2dac6336e083a3763d29136b45dd2

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=14750
x-cache: MISS
last-modified: Sat, 30 Dec 2017 18:07:15 GMT
content-length: 22962
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=13260 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 lissabon-2165717_1920-480x270.jpg
www.xn--flge-1ra.de/wp-content/uploads/sites/10/ 33 KB
33 KB 73ms
69ms Image
image/jpeg 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/uploads/sites/10/lissabon-2165717_1920-480x270.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b1d42b207e4918942fe406f0b05e65dcfb126e7c480df678109530e1e8219f85

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=10965
x-cache: MISS
last-modified: Fri, 15 Dec 2017 15:48:13 GMT
content-length: 33317
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=9357 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H/1.1 200
OK THB_999_H93745.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/90000/ 19 KB
20 KB 203ms
38ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/90000/THB_999_H93745.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 76a6d5800341465119fa838669b49788abe9f0ed3577be9ad1479f3b6131c71e

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Thu, 22 Aug 2019 01:39:12 GMT
Server: nginx
ETag: "5d5df240-4d69"
X-TT-Cluster: op-image-p104-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19817
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H136556.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/135000/ 28 KB
28 KB 202ms
37ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/135000/THB_999_H136556.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9e8f0dded7e9b54c850b88931a06e210e4f6d42e9ffaa3125bb574c884ea53c2

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Tue, 28 Jan 2020 16:33:09 GMT
Server: nginx
ETag: "5e306245-6e6d"
X-TT-Cluster: op-image-p105-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28269
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H202363.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/200000/ 20 KB
21 KB 204ms
41ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/200000/THB_999_H202363.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3676727c39a0862a8f289e1a92d66000c1ef550ffe0079d0cbfa47b5c2958aa9

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Sat, 19 Sep 2020 15:53:56 GMT
Server: nginx
ETag: "5f662994-50d5"
X-TT-Cluster: op-image-p106-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20693
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H62301.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/60000/ 24 KB
25 KB 207ms
44ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/60000/THB_999_H62301.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: a67bccd0a02dbf52f79948ca4a29fcbdf56ba7e7e69360dadf5f3bdeab70a162

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Tue, 24 Apr 2018 10:06:16 GMT
Server: nginx
ETag: "5adf0198-613d"
X-TT-Cluster: op-image-p104-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24893
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H61515.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/60000/ 18 KB
19 KB 148ms
40ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/60000/THB_999_H61515.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: d16ec95a4db7b210950b537da5fb03b8a8f6b81b7842d0db0bb4e9014fb8bb7f

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Sat, 11 May 2019 19:47:15 GMT
Server: nginx
ETag: "5cd726c3-499f"
X-TT-Cluster: op-image-p103-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18847
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H133439.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/130000/ 16 KB
16 KB 85ms
62ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/130000/THB_999_H133439.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5beafebf86bce65e493ad9231c8341aaef4be0fb0fd7d2b80d79d162321ec864

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Tue, 19 Jan 2021 16:59:06 GMT
Server: nginx
ETag: "60070fda-3e20"
X-TT-Cluster: op-image-p104-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15904
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H17718.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/15000/ 17 KB
18 KB 58ms
35ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/15000/THB_999_H17718.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3b5ba15219f8a634cfe6222ab23c73887cc06e6a134bb5eb14aa5264b3910905

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Sun, 03 Feb 2019 16:04:55 GMT
Server: nginx
ETag: "5c571127-45df"
X-TT-Cluster: op-image-p106-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17887
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H205672.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/205000/ 20 KB
20 KB 48ms
36ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/205000/THB_999_H205672.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 59961c8978d63e93383ffb31cbdd7f1a83158d2514856fcb16acd917036fb2aa

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Wed, 20 Mar 2019 01:32:30 GMT
Server: nginx
ETag: "5c91982e-5029"
X-TT-Cluster: op-image-p105-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20521
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H66497.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/65000/ 18 KB
19 KB 40ms
38ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/65000/THB_999_H66497.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7e1ab25f367610925921674bbc3c73ce1de7ab35057ae488287c90d83eedf490

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Wed, 25 Apr 2018 19:38:56 GMT
Server: nginx
ETag: "5ae0d950-4991"
X-TT-Cluster: op-image-p103-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18833
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H/1.1 200
OK THB_999_H143880.jpg
de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/140000/ 21 KB
21 KB 40ms
38ms Image
image/jpeg 185.64.96.3
PIRONETNDH-AS CAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/140000/THB_999_H143880.jpg
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: b5b49f9daabf3ad5ca77087fdd6a5959b7da61e298adf3440e0abcd7e41df42c

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:14 GMT
Last-Modified: Thu, 10 May 2018 09:05:14 GMT
Server: nginx
ETag: "5af40b4a-5288"
X-TT-Cluster: op-image-p106-content-https
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21128
Expires: Tue, 30 Mar 2021 16:38:14 GMT

GET
H2 200 stern_full.png
www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/ 2 KB
2 KB 75ms
71ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/stern_full.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 28abac40a46aafd12282589e912592fc26852a7e2c9bafc55014872c56cc304e

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=9295
x-cache: MISS
last-modified: Wed, 11 Apr 2018 11:01:05 GMT
content-length: 1761
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=7689 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 stern_empty.png
www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/ 1 KB
2 KB 177ms
36ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/stern_empty.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ce3b6f1efe5ab3bc8859cc0b24152593f2fabb8c175b647f5073ef32378c8da2

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=13857
x-cache: MISS
last-modified: Wed, 11 Apr 2018 11:01:05 GMT
content-length: 1459
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=11802 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 app-google-play.png
www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/ 4 KB
5 KB 153ms
89ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/app-google-play.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 013ba24f36afe9779df692d4d811eacfb87026789ed6ad79b99bd9513c696b86

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=17451
x-cache: MISS
last-modified: Wed, 11 Apr 2018 11:01:05 GMT
content-length: 4253
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=15618 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 app-store.png
www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/ 3 KB
4 KB 111ms
48ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/themes/fluege-child-fluege-de/images/app-store.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 27abd64c5fb28d5215b52de39acc9bd9fe7447f1d93cb602ad92bcdde82df5f5

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=17850
x-cache: MISS
last-modified: Wed, 11 Apr 2018 11:01:05 GMT
content-length: 3269
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=14457 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 cookieconsent.css
www.xn--flge-1ra.de/cookieconsent/ 3 KB
1 KB 20ms
19ms Stylesheet
text/css 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/cookieconsent/cookieconsent.css
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7499b56dc242b94ec613a4b326861d054d75d1d0be497c6268302ad427970cff

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=9142
x-cache: MISS
last-modified: Sun, 08 Dec 2019 16:20:28 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public, public,max-age=86400
vary: Origin,Accept
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800, public, public, public,max-age=86400
x-duration: D=5421 us
expires: Tue, 30 Mar 2021 21:38:14 GMT

GET
H2 200 17b0a.js Show response
www.xn--flge-1ra.de/wp-content/cache/minify/10/ 39 KB
14 KB 196ms
194ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/17b0a.js
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bae1bad04fca27753145571c05149e8060f65954b047eab1ff84e98a317bcda8

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=173751
x-cache: MISS
last-modified: Wed, 24 Mar 2021 07:03:39 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=171616 us
expires: Tue, 30 Mar 2021 21:38:14 GMT

GET
H2 200 0cdd4.js Show response
www.xn--flge-1ra.de/wp-content/cache/minify/10/ 42 KB
11 KB 293ms
237ms Script
application/x-javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/0cdd4.js
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f1881c9ead68709b0164a07940915fce74a23b4b3c129307852a88668098796e

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=207772
x-cache: MISS
last-modified: Tue, 09 Mar 2021 07:11:40 GMT
pragma: public
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=21600, public
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600, public
x-duration: D=206039 us
expires: Tue, 30 Mar 2021 21:38:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
48 KB 94ms
31ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MWFK6

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3af873a3757535362cc2512887a3ca678256730f4d7d7432aea2e4a68ce493a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48730
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Mar 2021 15:38:14 GMT

GET
H2 200 glyphicons-regular.woff2
www.xn--flge-1ra.de/wp-content/plugins/glyphicons/fonts/ 94 KB
94 KB 72ms
46ms Font
application/font-woff2 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/plugins/glyphicons/fonts/glyphicons-regular.woff2
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/1939e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: eedc7581ecfd9bb57b1af16ad7ad4428aa147de4f08e01f49a768c801a29de84

Request headers

Origin: https://www.xn--flge-1ra.de
Referer: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/1939e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=22203
x-cache: MISS
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800, public, public
x-duration: D=19542 us
access-control-allow-headers: origin, x-requested-with, content-type
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 206 clouds_1080p.webm
www.xn--flge-1ra.de/wp-content/themes/fluege-master/images/ 361 KB
362 KB 141ms
53ms Media
video/webm 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/themes/fluege-master/images/clouds_1080p.webm
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 92ffd641f88372e406522acb7fd2360279848c3fbcf6bd5b90c0c13b062f4437

Request headers

Referer: https://www.xn--flge-1ra.de/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=17193
x-cache: MISS
Content-Range: bytes 0-370116/370117
Content-Length: 370117
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public
vary: Origin
content-type: video/webm
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
x-duration: D=15763 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 cloud.png
www.xn--flge-1ra.de/wp-content/themes/fluege-master/images/ 2 KB
3 KB 91ms
30ms Image
image/png 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--flge-1ra.de/wp-content/themes/fluege-master/images/cloud.png
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/1939e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7815f1d38d1b5e4fae67d3fcf835aa78df6e48245ef7e3d235aa8845a9b32f19

Request headers

Referer: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/1939e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
age: 0
x-origin-duration: D=7039
x-cache: MISS
last-modified: Tue, 10 Apr 2018 17:40:45 GMT
content-length: 2410
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800, public, public
accept-ranges: bytes
x-duration: D=5362 us
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 glyphicons-social-regular.woff2
www.xn--flge-1ra.de/wp-content/plugins/glyphicons/fonts/ 13 KB
13 KB 48ms
42ms Font
application/font-woff2 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--flge-1ra.de/wp-content/plugins/glyphicons/fonts/glyphicons-social-regular.woff2
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/1939e.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bc11f3c90164e98b28a9cf6883fb34383f4fa5be87a1f3d6a70facbf0bd80ba3

Request headers

Origin: https://www.xn--flge-1ra.de
Referer: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/1939e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:14 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=17180
x-cache: MISS
pragma: public
x-origin-vary: X-Forwarded-Proto,Origin,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: max-age=604800, public, public
vary: Origin
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800, public, public
x-duration: D=15488 us
access-control-allow-headers: origin, x-requested-with, content-type
expires: Tue, 06 Apr 2021 15:38:14 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 35ms
35ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MWFK6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3d3334f2122e1411a5f4be5b85a712373d7b791de57d829d1fd8b3cbdba30344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13743
x-xss-protection: 0
server: cafe
etag: 506321234855497976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 15:38:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MWFK6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:15 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: 6E4198CDEF1F4B1A951581BD70F5BC95 Ref B: FRAEDGE1420 Ref C: 2021-03-30T15:38:16Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: OaUqPKv5J17u8mxFIFLQwSxOneY2/jC2NygQKnre31ucl3wxh92vhBHCdk9CTJmUmSF4JFq01ZRUuGL23Wbk/g==
x-fb-trip-id: 2052514463
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 30 Mar 2021 15:38:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 15320.js Show response
www.dwin1.com/ 22 KB
6 KB 76ms
14ms Script
application/javascript 2600:9000:206f:2a00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/15320.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MWFK6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2a00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f0c499729733054fc93d97186444c9e39f6d8ba5469b819b7133e434b13d3dd

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YzbfbhYP.wiyoZXdDYMc4hudHC9jAWaZ
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 08:04:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"e674eba00770d75cbee0218a6d0f1869"
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
date: Tue, 30 Mar 2021 15:38:16 GMT
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
x-amz-cf-id: 0yGiXuQc9cVCM6aoqhJPHN8QgaEjI7klG8nTHoQzw7cdxgUYnWwTfg==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MWFK6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4989
date: Tue, 30 Mar 2021 14:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Tue, 30 Mar 2021 16:15:07 GMT

GET
H2 204 0
bat.bing.com/action/ 0
92 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5477372&tm=gtm001&Ver=2&mid=13a9d115-4ebe-4f54-959f-05a0bb321123&sid=f21a4a60916d11eba4e2ffd8d424d7bc&vid=f21c0e30916d11eb9573bd2271019c8d&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fl%C3%BCge%20g%C3%BCnstig%20buchen%20-%20Vergleichen%20und%20sparen%20mit%20Fl%C3%BCge.de&kw=Fl%C3%BCge,Billigfl%C3%BCge,Flugsuche,Fl%C3%BCge.de,Flug,Billigflug,Airlinebewertungen,Erfahrungsberichte%20Airlines&p=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&r=&lt=2063&evt=pageLoad&msclkid=N&sv=1&rn=603599
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Mar 2021 15:38:15 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 41C63C33D1714556A2AA6631C65D8103 Ref B: FRAEDGE1420 Ref C: 2021-03-30T15:38:16Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/879786597/ 2 KB
1 KB 28ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879786597/?random=1617118696482&cv=9&fst=1617118696482&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&tiba=Fl%C3%BCge%20g%C3%BCnstig%20buchen%20-%20Vergleichen%20und%20sparen%20mit%20Fl%C3%BCge.de&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2078fea22f9b27b77b28e0c4e55e9d0ff30cff073daf1cbe12f0d1cdc6f907b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1300660796615588 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 63ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1300660796615588?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08173f1a8e3b0cddbf9e07e3ae512eccb6a7cfd3067f4663dbd6738e8f9d65a8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ddyykifp0vjpUPENMR8H0ooX/4q9s1lQ822uMqdgz38uLKTJ90UnY0xFlh+vAldjb0grxU5zqM+eM1s+9CrEug==
x-fb-trip-id: 2052514463
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 30 Mar 2021 15:38:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1177
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 30 Mar 2021 16:18:39 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Tue, 30 Mar 2021 16:34:46 GMT

GET
H/1.1

200
OK

Cookie set retarget Show response
hal9000.redintelligence.net/ Frame B1C0
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=49586&version=1
https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

2 KB
1 KB

184ms
114ms

Document
text/html

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/15320.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 210a9a7a878bd02dc417300c6329df5164dbe585019b1eb42221e08f77015bf9

Request headers

Host: hal9000.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.xn--flge-1ra.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=1693a16f7128ca21
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.xn--flge-1ra.de/

Response headers

Date: Tue, 30 Mar 2021 15:38:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=1693a16f7128ca21; expires=Mon, 28-Jun-2021 15:38:18 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 771
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 30 Mar 2021 15:38:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=1693a16f7128ca21; expires=Mon, 28-Jun-2021 15:38:18 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=49586&version=1&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 ck_tracker.php Show response
www.ad4mat.de/ads/js/ 714 B
1012 B 130ms
66ms Script
text/javascript 2606:4700:3033::ac43:944f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ad4mat.de/ads/js/ck_tracker.php?adspaceId=16015320&mt=1&country=www.ad4mat.de&sprd=false&catId=home
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/15320.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:944f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca77dde54c1e1ad860a110847a8e22622c9e7ad96eb51127fc6f9b3070916836

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 63826c8e7864c272-FRA
x-cache: MISS
p3p: CP="NOI CUR OUR STP", policyref="/w3c/p3p.ad4mat.xml"
content-type: text/javascript
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bH65s6aecw3tTyMfaXGEo%2B4vXYJH7bRRhcDDpIxoP938dtVDGCbKZQgtedijkNzod0TiloHvTbN1gSBs2LER67rRzNIaiTKWqMp5QlQL5pNvJ%2F12Z10KjOxO"}]}
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0925622d0c0000c272ad9f1000000001

GET
H2 200 /
www.google.com/pagead/1p-user-list/879786597/ 42 B
118 B 48ms
47ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/879786597/?random=1617118696482&cv=9&fst=1617116400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&tiba=Fl%C3%BCge%20g%C3%BCnstig%20buchen%20-%20Vergleichen%20und%20sparen%20mit%20Fl%C3%BCge.de&async=1&fmt=3&is_vtc=1&random=1169522181&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/879786597/ 42 B
108 B 46ms
45ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/879786597/?random=1617118696482&cv=9&fst=1617116400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=0&url=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&tiba=Fl%C3%BCge%20g%C3%BCnstig%20buchen%20-%20Vergleichen%20und%20sparen%20mit%20Fl%C3%BCge.de&async=1&fmt=3&is_vtc=1&random=1169522181&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-4756585-3&cid=477049888.1617118697&jid=1190325232&gjid=1688311715&_gid=1286861975.1617118697&_u=aGBAgUArCAAAAE~&z=2106127295

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Mar 2021 15:38:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.xn--flge-1ra.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=1884576832&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&ul=en-us&de=UTF-8&dt=Fl%C3%BCge%20g%C3%BCnstig%20buchen%20-%20Vergleichen%20und%20sparen%20mit%20Fl%C3%BCge.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUArC~&jid=1190325232&gjid=1688311715&cid=477049888.1617118697&tid=UA-4756585-3&_gid=1286861975.1617118697&gtm=2wg3h05MWFK6&cd1=A&z=1073080774

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 18:27:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76266
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
263 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1300660796615588&ev=PageView&dl=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&rl=&if=false&ts=1617118696913&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617118696911.2049098035&it=1617118696536&coo=false&rqm=GET

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 30 Mar 2021 15:38:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
153 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1300660796615588&ev=Microdata&dl=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&rl=&if=false&ts=1617118697423&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Fl%C3%BCge%20g%C3%BCnstig%20buchen%20-%20Vergleichen%20und%20sparen%20mit%20Fl%C3%BCge.de%22%2C%22meta%3Adescription%22%3A%22Jetzt%20Flug%20buchen%20auf%20Fl%C3%BCge.de%20-%20Vergleichen%20Sie%20die%20Fl%C3%BCge%20aller%20bekannten%20Airlines%20und%20buchen%20Sie%20den%20g%C3%BCnstigsten%20Flug%22%2C%22meta%3Akeywords%22%3A%22Fl%C3%BCge%2CBilligfl%C3%BCge%2CFlugsuche%2CFl%C3%BCge.de%2CFlug%2CBilligflug%2CAirlinebewertungen%2CErfahrungsberichte%20Airlines%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Fl%C3%BCge%22%2C%22og%3Adescription%22%3A%22Jetzt%20Flug%20buchen%20auf%20Fl%C3%BCge.de%20-%20Vergleichen%20Sie%20die%20Fl%C3%BCge%20aller%20bekannten%20Airlines%20und%20buchen%20Sie%20den%20g%C3%BCnstigsten%20Flug%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.xn--flge-1ra.de%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.xn--flge-1ra.de%2Fwp-content%2Fuploads%2Fsites%2F10%2Fsearch-bg.jpg%22%2C%22article%3Apublished_time%22%3A%222011-11-14%22%2C%22article%3Amodified_time%22%3A%222021-02-04%22%2C%22article%3Atag%22%3A%22Landingpages%22%2C%22og%3Asite_name%22%3A%22Fl%C3%BCge.de%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Brand%22%2C%22name%22%3A%22Fl%C3%BCge.de%22%2C%22url%22%3A%22https%3A%2F%2Fwww.fl%C3%BCge.de%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.fl%C3%BCge.de%2Fwp-content%2Fthemes%2Ffluege-master%2Fimages%2Fnoimg.jpg%22%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1617118696911.2049098035&it=1617118696536&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 30 Mar 2021 15:38:17 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 71ms
45ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-4756585-3&cid=477049888.1617118697&jid=1190325232&_u=aGBAgUArCAAAAE~&z=560682864

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 59ms
43ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-4756585-3&cid=477049888.1617118697&jid=1190325232&_u=aGBAgUArCAAAAE~&z=560682864

Requested by

Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame B1C0 597 B
1 KB 131ms
56ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master zrh-pixel-x4 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:19 GMT
Server: MT3 3628 75f709e master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Tue, 30 Mar 2021 15:38:18 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame B1C0 597 B
1 KB 125ms
55ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master zrh-pixel-x29 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:19 GMT
Server: MT3 3628 75f709e master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Tue, 30 Mar 2021 15:38:18 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame B1C0
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

140ms
43ms

Script
application/x-javascript

37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:19 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 14:31:29 GMT
server: nginx
etag: W/"605b4d41-13e1b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 30 Mar 2021 15:38:19 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3-Q050

200

activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233 Show response
5994599.fls.doubleclick.net/ Frame FF51
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233?

391 B
1 KB

104ms
67ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

62e17118fbbd73adc6964f1e6b81e56f741ffe7ede7fb21e698d6964fd210f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Mar 2021 15:38:19 GMT
expires: Tue, 30 Mar 2021 15:38:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
set-cookie: IDE=AHWqTUkp4s3mELfARFKrHH-wXF7huNDyGyYXDNmhtmFIdTAlIiHtbxD8_Y43o4Qvl8I; expires=Thu, 30-Mar-2023 15:38:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Mar 2021 15:38:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame B1C0 43 B
480 B 60ms
59ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master zrh-pixel-x25 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:19 GMT
Server: MT3 3628 75f709e master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Mar 2021 15:38:18 GMT

GET
H2 200 dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233
adservice.google.com/ddm/fls/z/ Frame FF51 42 B
107 B 42ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNmGis2s2O8CFX5bFQgdM54Cmw;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3741855192671.233?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame B1C0
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=645415802979&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&ADF...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=645415802979&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--flge-1ra.de%2...

111 B
592 B

50ms
50ms

Script
text/javascript

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=645415802979&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=49586&version=1&redirected=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:38:19 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=645415802979&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D49586%26version%3D1%26redirected%3D1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 asyncjs.php Show response
ad.triplemind.com/server/www/delivery/ 10 KB
4 KB 105ms
44ms Script
text/javascript 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.triplemind.com/server/www/delivery/asyncjs.php
Requested by: Host: www.xn--flge-1ra.de
URL: https://www.xn--flge-1ra.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: eb7f9322e398f07e95d1281e15f6717e7567af4afd25cda67a452d1ac08f62df

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:19 GMT
content-encoding: gzip
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
age: 0
p3p: CP="CUR ADM OUR NOR STA NID"
x-origin-cache-control: public, max-age=3600
x-robots-tag: noindex, nofollow
vary: Origin,Accept
x-cache: MISS
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=3600
x-duration: D=27618 us
x-origin-duration: D=29952
expire: Tue, 30 Mar 2021 16:38:19 GMT

GET
H2 200 asyncspc.php Show response
ad.triplemind.com/server/www/delivery/ 437 B
809 B 30ms
24ms XHR
application/json 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.triplemind.com/server/www/delivery/asyncspc.php?zones=222&prefix=revive-0-&loc=https%3A%2F%2Fwww.xn--flge-1ra.de%2F
Requested by: Host: ad.triplemind.com
URL: https://ad.triplemind.com/server/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: de3cf3d3e4f6d2ecd3f492cfff8fe666c7c22dd5f3e946bb6fcd6ed5dc5c6086

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:19 GMT
content-encoding: gzip
age: 0
x-origin-duration: D=8728
x-cache: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
vary: Origin,Accept
content-type: application/json
access-control-allow-origin: https://www.xn--flge-1ra.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-duration: D=5928 us
expires: 0

GET
H2 200 lg.php
ad.triplemind.com/server/www/delivery/ 43 B
490 B 35ms
34ms Image
image/gif 2a01:4f8:1c0c:81e4::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.triplemind.com/server/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=222&source={obfs:}&loc=https%3A%2F%2Fwww.xn--flge-1ra.de%2F&cb=2cbf265f51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:1c0c:81e4::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.xn--flge-1ra.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:38:20 GMT
age: 0
x-origin-duration: D=22155
x-cache: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
pragma: no-cache
x-origin-vary: Origin,X-Forwarded-Proto,PS-CapabilityList,X-Host
server: nginx/1.16.1
x-origin-cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
vary: Origin,Accept
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-duration: D=19929 us
expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame B1C0 43 B
635 B 65ms
48ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master zrh-pixel-x30 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:38:29 GMT
Server: MT3 3628 75f709e master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Mar 2021 15:38:28 GMT

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/fadc0.js(Line 251) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://www.xn--flge-1ra.de/wp-content/cache/minify/10/fadc0.js(Line 248) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://www.xn--flge-1ra.de/:1628:544) at e (https://www.xn--flge-1ra.de/wp-content/cache/minify/10/fadc0.js:248:30005) at t (https://www.xn--flge-1ra.de/wp-content/cache/minify/10/fadc0.js:248:30307) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.triplemind.com
adservice.google.com
bat.bing.com
connect.facebook.net
de.images.traveltainment.eu
googleads.g.doubleclick.net
hal9000.redintelligence.net
pixel.mathtag.com
s2.adform.net
stats.g.doubleclick.net
track.adform.net
www.ad4mat.de
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.xn--flge-1ra.de
xn--flge-1ra.de
138.201.63.149
142.250.185.198
142.250.74.194
185.64.96.3
2.18.233.201
2600:9000:206f:2a00:f:8ce2:fb80:93a1
2606:4700:3033::ac43:944f
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c04::9d
2a01:4f8:1c0c:81e4::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.157.6.235
37.157.6.251
013ba24f36afe9779df692d4d811eacfb87026789ed6ad79b99bd9513c696b86
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a8f5a691f57985581257ce78bb23acfd133857ffd3af0d790285f3e89c9dd8
08173f1a8e3b0cddbf9e07e3ae512eccb6a7cfd3067f4663dbd6738e8f9d65a8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14813ecad3e3498f71e6c52447a49360474fc35ff6f5768ef6647cb26793f48b
1709877b1b4a24df201032b6902c21f0d55f545cb942ede7f59850af930caf52
1f0c499729733054fc93d97186444c9e39f6d8ba5469b819b7133e434b13d3dd
210a9a7a878bd02dc417300c6329df5164dbe585019b1eb42221e08f77015bf9
27abd64c5fb28d5215b52de39acc9bd9fe7447f1d93cb602ad92bcdde82df5f5
28abac40a46aafd12282589e912592fc26852a7e2c9bafc55014872c56cc304e
3676727c39a0862a8f289e1a92d66000c1ef550ffe0079d0cbfa47b5c2958aa9
36ea3116c290e71f3a7bd8cc4786402e7cd05d47abc13d0e749cce44617a05f8
3af873a3757535362cc2512887a3ca678256730f4d7d7432aea2e4a68ce493a1
3b5ba15219f8a634cfe6222ab23c73887cc06e6a134bb5eb14aa5264b3910905
3d3334f2122e1411a5f4be5b85a712373d7b791de57d829d1fd8b3cbdba30344
4a3bc550e2976fb00630f6aa1876e2a5333db5429e819995898a82eeb4d81afd
4ca21b1d3f98966da085508c3fcd782232d53e54533c2443db19d9246f085e0b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
531df41376782101853b7c43c783aacbd2045a68a8fec80fc6dd035fb38710e4
59961c8978d63e93383ffb31cbdd7f1a83158d2514856fcb16acd917036fb2aa
5beafebf86bce65e493ad9231c8341aaef4be0fb0fd7d2b80d79d162321ec864
62e17118fbbd73adc6964f1e6b81e56f741ffe7ede7fb21e698d6964fd210f29
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
72598958ba1df4c7b007123cad8595d9f918d330bebd1ea1c717f1b88b89043c
7499b56dc242b94ec613a4b326861d054d75d1d0be497c6268302ad427970cff
76a6d5800341465119fa838669b49788abe9f0ed3577be9ad1479f3b6131c71e
77789ec43e36feda23eeeef0ffedfd3de7f6d43b5d3cdab3d649a620fd626644
7815f1d38d1b5e4fae67d3fcf835aa78df6e48245ef7e3d235aa8845a9b32f19
7e1ab25f367610925921674bbc3c73ce1de7ab35057ae488287c90d83eedf490
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
92ffd641f88372e406522acb7fd2360279848c3fbcf6bd5b90c0c13b062f4437
96051b32567f50b85573b29331c3e6d5687bf0be915a6a2562ff2cb233054390
97836b27768d0e3723ae5b18a26387e6b5b9697a66d224c4787f4a34921306b0
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e8f0dded7e9b54c850b88931a06e210e4f6d42e9ffaa3125bb574c884ea53c2
a2078fea22f9b27b77b28e0c4e55e9d0ff30cff073daf1cbe12f0d1cdc6f907b
a67bccd0a02dbf52f79948ca4a29fcbdf56ba7e7e69360dadf5f3bdeab70a162
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d42b207e4918942fe406f0b05e65dcfb126e7c480df678109530e1e8219f85
b2c9990fcd016da0286758a18a5c269855cb904d518c5c362bd1c6d9760744d1
b5b49f9daabf3ad5ca77087fdd6a5959b7da61e298adf3440e0abcd7e41df42c
bae1bad04fca27753145571c05149e8060f65954b047eab1ff84e98a317bcda8
bc11f3c90164e98b28a9cf6883fb34383f4fa5be87a1f3d6a70facbf0bd80ba3
bd78975408b4db8440f8dab32512930e91b27fa1f4fa1c66462da84becfdb59d
bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412
ca77dde54c1e1ad860a110847a8e22622c9e7ad96eb51127fc6f9b3070916836
ce3b6f1efe5ab3bc8859cc0b24152593f2fabb8c175b647f5073ef32378c8da2
d16ec95a4db7b210950b537da5fb03b8a8f6b81b7842d0db0bb4e9014fb8bb7f
d36f88639070d02081f7934671d25407c9e52c0e9ac2652720486c3635ef64ad
d89faebb1d969f7b296ba93164a203165491ce967dd42ba351c14f43013efe7f
de3cf3d3e4f6d2ecd3f492cfff8fe666c7c22dd5f3e946bb6fcd6ed5dc5c6086
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7f9322e398f07e95d1281e15f6717e7567af4afd25cda67a452d1ac08f62df
edec770ab0b7ed3376fb6878c4802b7fdb138528822404483f094cd078c1e4bf
eedc7581ecfd9bb57b1af16ad7ad4428aa147de4f08e01f49a768c801a29de84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f1881c9ead68709b0164a07940915fce74a23b4b3c129307852a88668098796e
f6e455705f19f652d4ae08b7ce31e64337d2dac6336e083a3763d29136b45dd2
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f90677a87eef94484c52fd888e1a8f744c18c459752412c30cefe3a5dc94f85c
fa4753d44c60715d7c676b0a3a08399e7b948b3406736b1980886dd2be385cff

www.xn--flge-1ra.de Open in urlscan Pro Puny www.flüge.de IDN 2a01:4f8:1c0c:81e4::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

100 %HTTPS

67 %IPv6

17 Domains

22 Subdomains

21 IPs

4 Countries

1519 kBTransfer

2795 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xn--flge-1ra.de Open in urlscan Pro Puny
www.flüge.de IDN
2a01:4f8:1c0c:81e4::2 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

1519 kB
Transfer

2795 kB
Size

0
Cookies

73 HTTP transactions
0 data transactions