helden.de Open in urlscan Pro
2606:4700:10::6816:4d41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cos4co.com/
Effective URL:
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Submission: On February 07 via manual (February 7th 2022, 6:24:43 pm UTC) from US — Scanned from DE

Summary HTTP 226 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 34 domains to perform 226 HTTP transactions. The main IP is 2606:4700:10::6816:4d41, located in United States and belongs to CLOUDFLARENET, US. The main domain is helden.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time helden.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.212.220 103.224.212.220	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:4700:20:... 2606:4700:20::681a:b29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
87	2606:4700:10:... 2606:4700:10::6816:4d41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	34.102.224.29 34.102.224.29	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	13.224.96.5 13.224.96.5	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7c8	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:293::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 2	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	() ()
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.64.84 151.101.64.84	() ()
1 5	184.30.24.193 184.30.24.193	() ()
1	141.226.228.48 141.226.228.48	() ()
2	54.147.21.139 54.147.21.139	() ()
2	50.16.7.188 50.16.7.188	() ()
1	13.224.96.31 13.224.96.31	() ()
226	37

1 103.224.212.220 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-220.above.com

cos4co.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b29 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

haftpflichthelden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 2606:4700:10::6816:4d41 (United States)

ASN13335 (CLOUDFLARENET, US)

helden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.224.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.224.102.34.bc.googleusercontent.com

images.provenexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

w.likebtn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.224.96.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-5.zrh50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.37 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7c8 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:293::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:22::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (None, )

ASN- ()

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.84 (None, )

ASN- ()

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.193 (None, ) 1 redirects

ASN- ()

www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.31 (None, )

ASN- ()

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	helden.de helden.de	2 MB
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 5914	751 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	443 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 13	38 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	14 KB
5	1redirb.com 1 redirects 1redirb.com — Cisco Umbrella Rank: 552700	8 KB
4	drift.com metrics.api.drift.com bootstrap.api.drift.com	343 B
4	pinterest.de www.pinterest.de	15 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 546 www.linkedin.com — Cisco Umbrella Rank: 647 px4.ads.linkedin.com	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	158 KB
3	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5557	763 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	3 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 923 trc.taboola.com — Cisco Umbrella Rank: 570 trc-events.taboola.com	19 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 385	11 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 281 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565	9 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 701	19 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	37 KB
2	t.co t.co — Cisco Umbrella Rank: 487	416 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 537	576 B
2	likebtn.com w.likebtn.com — Cisco Umbrella Rank: 101295	62 KB
2	lookandfind.me lookandfind.me	1 KB
1	driftcdn.com embeds.driftcdn.com	5 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	295 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1098	2 KB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 16617	914 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 630	6 KB
1	provenexpert.com images.provenexpert.com — Cisco Umbrella Rank: 243479	14 KB
1	haftpflichthelden.de 1 redirects haftpflichthelden.de	554 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14385	750 B
1	clever-redirect.com 1 redirects clever-redirect.com	436 B
1	cos4co.com 1 redirects cos4co.com	1 KB
226	34

	Domain	Requested by
87	helden.de	lookandfind.me helden.de
64	js.driftt.com	helden.de js.driftt.com
7	www.google.com	1 redirects helden.de www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com
5	1redirb.com	1 redirects 1redirb.com
4	www.pinterest.de	s.pinimg.com 1redirb.com
4	www.googletagmanager.com	helden.de www.googletagmanager.com 1redirb.com
4	fonts.googleapis.com	helden.de
3	www.google.de	helden.de
3	bat.bing.com	www.googletagmanager.com bat.bing.com helden.de
3	www.gstatic.com	www.google.com
2	bootstrap.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	ct.pinterest.com	s.pinimg.com helden.de
2	px.ads.linkedin.com	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	1redirb.com connect.facebook.net
2	t.co	helden.de
2	analytics.twitter.com	static.ads-twitter.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	w.likebtn.com	helden.de w.likebtn.com
2	ajax.googleapis.com	helden.de
2	lookandfind.me	1redirb.com
1	embeds.driftcdn.com	js.driftt.com
1	trc-events.taboola.com	cdn.taboola.com
1	www.pinterest.com	1 redirects
1	www.facebook.com	helden.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	trc.taboola.com	cdn.taboola.com
1	px4.ads.linkedin.com	helden.de
1	www.linkedin.com	1 redirects
1	cdn.taboola.com	www.googletagmanager.com
1	snap.licdn.com	1redirb.com
1	ipapi.co	helden.de
1	c.amazon-adsystem.com	helden.de
1	static.ads-twitter.com	helden.de
1	images.provenexpert.com	helden.de
1	haftpflichthelden.de	1 redirects
1	www.awin1.com	1 redirects
1	clever-redirect.com	1 redirects
1	cos4co.com	1 redirects
226	44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.pinterest.de
my.helden.de
www.provenexpert.com
twitter.com
www.linkedin.com
www.xing.com
themeforest.net
acoda.com

Subject Issuer	Validity	Valid
lookandfind.me R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
developer.provenexpert.com GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-01-30` - `2022-12-31`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-17` - `2022-02-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Frame ID: A58631DB6F0DC5F300E7EF9CBC1E41CE
Requests: 149 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644258279463&dcc=t
Frame ID: 151B33DD4F438785E988CD709A7E533D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j3tkopukhvrf
Frame ID: 1C4FB9C8CD62FE6BFD99FA5EF23412E2
Requests: 5 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
Frame ID: 5595A3E5E2C4384578ABCD8842238C4D
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
Frame ID: 1F15F47EC8E5E8527545CDC8A946CC1E
Requests: 33 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 15B00B6079195D8718618FB78B01FB27
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🥇Premiumschutz für deinen Lifestyle // helden.decockadecloud-miningmagnifierspaceshiptime-machineb-love

Page URL History Show full URLs

http://cos4co.com/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfA... Page URL
http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D43087... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=43087740&sid=20220208052436028267756e439d626d HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%... Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=4b9ac480efe9155985555c4d9c9fe3a4&pref2=DE HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da... HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

226
Requests

97 %
HTTPS

50 %
IPv6

34
Domains

44
Subdomains

37
IPs

6
Countries

3225 kB
Transfer

7903 kB
Size

36
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/helden.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helden.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4A1U61t-ttoV0amitX3ERw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/helden_de/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://my.helden.de/
Title: Login

Search URL Search Domain Scan URL

URL: https://my.helden.de/signup
Title: ABSCHLIESSEN

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/?utm_source=Widget&utm_medium=Widget&utm_campaign=Widget

Search URL Search Domain Scan URL

URL: https://twitter.com/heldende_

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/helden-de/

Search URL Search Domain Scan URL

URL: https://www.xing.com/pages/helden-de

Search URL Search Domain Scan URL

URL: http://themeforest.net/item/you-multipurpose-responsive-wordpress-theme/15175900?ref=-ACODA-
Title: You WordPress Theme

Search URL Search Domain Scan URL

URL: http://acoda.com/
Title: Acoda

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/
Title: Insurance Hero GmbH Versicherungen Anonym hat 4,84 von 5 Sternen 400 Bewertungen auf ProvenExpert.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cos4co.com/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D Page URL
http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D43087740%26sid%3D20220208052436028267756e439d626d&s=j&enc=QWRsNmpwM0d2S3R6dGxQVko3eGNFSDQ5ZmtWS09FeDRPV2RKU2xaaU5HdE1WRmx4VG5WRWQyUk9hbE5hUTFNdllYSjJUR2xGUldSNE1sQmxWQzgzYzNwS05VSndVVGh0ZEVvNVUyZGpjVmx0Vmxwb1ZGWXpXWFpVUkRGMGJWaDBWRVZ1VjFWd1ExSjZjM2RJUTI4eVRUWXJWMFpoVlhkb1REUmlSVVp3WWtaNVRISklSVGQyWlcweWRqaG9kME5YVnpjMWQwVmpTSEpFTm5wT1RFSjNjVWRwY2toNU1VSTRNa1V6TUZsdmJFMW9VMk5MTW1SaFJFa3ZiRzVDVUVSc1NXTTNkRXR2T0M5VGMzUk5iSEZRUTFBd2JHRlBUMjlIZWpWV1kyOUNia05CZGpRNFRsRjBiMVF4ZUZKVGVsaHZTWGswWWxabldrVTJVRk5tY1daaldWbzFNelI2TkVwblMwSlhZbE5GYjFOSVdETTVTbWR4VkU1TWRXbG1VbkZzVUdSRVQybzVTMnRhY2tweUwwOVhSRkppVm5CVGVITllhbGR1VFUxNWFEWmlRVlJUTDNGRlRFTm1PU3RtUmxwdVYzQjJUSFZrVW5GcWJpdEdkMFp2V2twM1VsSnJjSGswUm1wMVRURndhWHBOVVhaWmRWbFNZWGQwVWxBd2EyMVJXV2RDT1dRME4wZGtXVVJXU0ZkaU1YSnlSMEkxYm1GdFQyMDNkR1YzYzFaSVRuSk9PRFpLYkRKeldYWnpiMDEwTDFwYVpsVkJkV1UwV1Zack1rSldjMXBhUmxCbVptdzNUVmQ0YWk5TlZqRXdhR1pCZW1oeGIwSndWVUZYY1RSR1EySnNkalptTURKcVMxcHNOM1ZYUlZnNFRtRTFhVFI2U2t4M1YyOUZPVVpRYVRsMmNYaG1TRGxUUVVoVU5EQnJSWEZtUkVKWmNqUjJNVFpoYmpkaU0yUnJWak5CWmtGNVducFFka3gwYmpKaE0zRnRUekpaUm5kRE4xaGFOMVIwUlVkQ1lVUktUR0pSYUZFNE15dEhLMmN6U1ZwS1pqaHNLM3B1VDFoVlNEUk1UWGRhTkM5cVJEaHBVMnd5WjNOT1RHVlRTbmczY1RsTlkwdDRUSFo1VUVJM1FsY3dOVGN5YTJGQ1dpOXVWV28zV1cxS2VteFJka0pITnl0MksyeFdTRlJNZUZONGF6RnVNRU40TUdOVWNGTk5OMVk1Y2prMFZYZExRVmRMVkdOSU9EQmpZbFZCZURoMVJuZDVXVFJMY0ZKcFVqSjVjVWswUkZweVYzUmlSalZKVVZobFFTdDVZVkp4YTFFMVdHRnpkRTFtZVRCNVZVMUJPR3BaZEZkd2FqRm9aVFZGYUZoeFVWSm1ObWhuVUVKU2Ewa3hNa0YyZVZSdFFqUlVZamwwWm5aWFRsb3lZVkV4VkZSR00xRm9TVVZHVkVZeVpXZFZSMDlEY2toNlNFZFVXRWxZUkdocU9UWnFaRmh0U0haSmVIVm5kV1pCVmpCdFozSmFSMlpZVWxGc1FVSkxUM2xuUFQwPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=43087740&sid=20220208052436028267756e439d626d HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=43087740&s5=wc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D4b9ac480efe9155985555c4d9c9fe3a4%26pref2%3DDE&h=c2d2e9319eb60a90863d7bd40caec158 Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=4b9ac480efe9155985555c4d9c9fe3a4&pref2=DE HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cos4co.com/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D

Request Chain 4

http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D43087740%26sid%3D20220208052436028267756e439d626d&s=j&enc=QWRsNmpwM0d2S3R6dGxQVko3eGNFSDQ5ZmtWS09FeDRPV2RKU2xaaU5HdE1WRmx4VG5WRWQyUk9hbE5hUTFNdllYSjJUR2xGUldSNE1sQmxWQzgzYzNwS05VSndVVGh0ZEVvNVUyZGpjVmx0Vmxwb1ZGWXpXWFpVUkRGMGJWaDBWRVZ1VjFWd1ExSjZjM2RJUTI4eVRUWXJWMFpoVlhkb1REUmlSVVp3WWtaNVRISklSVGQyWlcweWRqaG9kME5YVnpjMWQwVmpTSEpFTm5wT1RFSjNjVWRwY2toNU1VSTRNa1V6TUZsdmJFMW9VMk5MTW1SaFJFa3ZiRzVDVUVSc1NXTTNkRXR2T0M5VGMzUk5iSEZRUTFBd2JHRlBUMjlIZWpWV1kyOUNia05CZGpRNFRsRjBiMVF4ZUZKVGVsaHZTWGswWWxabldrVTJVRk5tY1daaldWbzFNelI2TkVwblMwSlhZbE5GYjFOSVdETTVTbWR4VkU1TWRXbG1VbkZzVUdSRVQybzVTMnRhY2tweUwwOVhSRkppVm5CVGVITllhbGR1VFUxNWFEWmlRVlJUTDNGRlRFTm1PU3RtUmxwdVYzQjJUSFZrVW5GcWJpdEdkMFp2V2twM1VsSnJjSGswUm1wMVRURndhWHBOVVhaWmRWbFNZWGQwVWxBd2EyMVJXV2RDT1dRME4wZGtXVVJXU0ZkaU1YSnlSMEkxYm1GdFQyMDNkR1YzYzFaSVRuSk9PRFpLYkRKeldYWnpiMDEwTDFwYVpsVkJkV1UwV1Zack1rSldjMXBhUmxCbVptdzNUVmQ0YWk5TlZqRXdhR1pCZW1oeGIwSndWVUZYY1RSR1EySnNkalptTURKcVMxcHNOM1ZYUlZnNFRtRTFhVFI2U2t4M1YyOUZPVVpRYVRsMmNYaG1TRGxUUVVoVU5EQnJSWEZtUkVKWmNqUjJNVFpoYmpkaU0yUnJWak5CWmtGNVducFFka3gwYmpKaE0zRnRUekpaUm5kRE4xaGFOMVIwUlVkQ1lVUktUR0pSYUZFNE15dEhLMmN6U1ZwS1pqaHNLM3B1VDFoVlNEUk1UWGRhTkM5cVJEaHBVMnd5WjNOT1RHVlRTbmczY1RsTlkwdDRUSFo1VUVJM1FsY3dOVGN5YTJGQ1dpOXVWV28zV1cxS2VteFJka0pITnl0MksyeFdTRlJNZUZONGF6RnVNRU40TUdOVWNGTk5OMVk1Y2prMFZYZExRVmRMVkdOSU9EQmpZbFZCZURoMVJuZDVXVFJMY0ZKcFVqSjVjVWswUkZweVYzUmlSalZKVVZobFFTdDVZVkp4YTFFMVdHRnpkRTFtZVRCNVZVMUJPR3BaZEZkd2FqRm9aVFZGYUZoeFVWSm1ObWhuVUVKU2Ewa3hNa0YyZVZSdFFqUlVZamwwWm5aWFRsb3lZVkV4VkZSR00xRm9TVVZHVkVZeVpXZFZSMDlEY2toNlNFZFVXRWxZUkdocU9UWnFaRmh0U0haSmVIVm5kV1pCVmpCdFozSmFSMlpZVWxGc1FVSkxUM2xuUFQwPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=43087740&sid=20220208052436028267756e439d626d HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=43087740&s5=wc

Request Chain 114

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644258279463 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644258279463&dcc=t

Request Chain 139

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3298705%26time%3D1644258280459%26url%3Dhttps%253A%252F%252Fhelden.de%252F%253Futm_source%253Daffilinet%2526src%253Daffnet%2526awc%253D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&liSync=true&e_ipv6=AQLl-QuPKjBNowAAAX7VbkXPYYK78AMjkMP9NjpUbsbxP_fAyLLaemDfaBYMC9db7h4PqwzYl5AP_gXQYz5-Ts0VJ8_P

Request Chain 143

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&auid=982436335.1644258280&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6GMBYrmAHobLx_AP68Sl0A8&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&auid=982436335.1644258280&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=6GMBYrmAHobLx_AP68Sl0A8&random=1366508334&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&auid=982436335.1644258280&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=6GMBYrmAHobLx_AP68Sl0A8&random=1366508334&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 155

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

226 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirb.com/
Redirect Chain

http://cos4co.com/
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDN...

4 KB
3 KB

504ms
176ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3f1dc6e238cf6475a737168708dc6f31b508ed75160447a27a57f021906e5a70

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 07 Feb 2022 18:24:37 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2298
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 07 Feb 2022 18:24:36 GMT
Server: Apache/2.4.25 (Debian)
Location: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jscheck.js Show response
1redirb.com/javascript/ 899 B
718 B 173ms
173ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/javascript/jscheck.js
Requested by: Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 18:24:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Jan 2022 13:27:28 GMT
Server: Apache/2.4.25 (Debian)
ETag: "383-5d58ac3a31000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirb.com/javascript/ 10 KB
4 KB 343ms
172ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/javascript/swfobject.js
Requested by: Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 18:24:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Jan 2022 13:27:28 GMT
Server: Apache/2.4.25 (Debian)
ETag: "27ef-5d58ac3a31000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirb.com/ 0
166 B 389ms
209ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/jscheck.php?enc=QWRsNmpwM0d2S3R6dGxQVko3eGNFSDQ5ZmtWS09FeDRPV2RKU2xaaU5HdE1WRmx4VG5WRWQyUk9hbE5hUTFNdllYSjJUR2xGUldSNE1sQmxWQzgzYzNwS05VSndVVGh0ZEVvNVUyZGpjVmx0Vmxwb1ZGWXpXWFpVUkRGMGJWaDBWRVZ1VjFWd1ExSjZjM2RJUTI4eVRUWXJWMFpoVlhkb1REUmlSVVp3WWtaNVRISklSVGQyWlcweWRqaG9kME5YVnpjMWQwVmpTSEpFTm5wT1RFSjNjVWRwY2toNU1VSTRNa1V6TUZsdmJFMW9VMk5MTW1SaFJFa3ZiRzVDVUVSc1NXTTNkRXR2T0M5VGMzUk5iSEZRUTFBd2JHRlBUMjlIZWpWV1kyOUNia05CZGpRNFRsRjBiMVF4ZUZKVGVsaHZTWGswWWxabldrVTJVRk5tY1daaldWbzFNelI2TkVwblMwSlhZbE5GYjFOSVdETTVTbWR4VkU1TWRXbG1VbkZzVUdSRVQybzVTMnRhY2tweUwwOVhSRkppVm5CVGVITllhbGR1VFUxNWFEWmlRVlJUTDNGRlRFTm1PU3RtUmxwdVYzQjJUSFZrVW5GcWJpdEdkMFp2V2twM1VsSnJjSGswUm1wMVRURndhWHBOVVhaWmRWbFNZWGQwVWxBd2EyMVJXV2RDT1dRME4wZGtXVVJXU0ZkaU1YSnlSMEkxYm1GdFQyMDNkR1YzYzFaSVRuSk9PRFpLYkRKeldYWnpiMDEwTDFwYVpsVkJkV1UwV1Zack1rSldjMXBhUmxCbVptdzNUVmQ0YWk5TlZqRXdhR1pCZW1oeGIwSndWVUZYY1RSR1EySnNkalptTURKcVMxcHNOM1ZYUlZnNFRtRTFhVFI2U2t4M1YyOUZPVVpRYVRsMmNYaG1TRGxUUVVoVU5EQnJSWEZtUkVKWmNqUjJNVFpoYmpkaU0yUnJWak5CWmtGNVducFFka3gwYmpKaE0zRnRUekpaUm5kRE4xaGFOMVIwUlVkQ1lVUktUR0pSYUZFNE15dEhLMmN6U1ZwS1pqaHNLM3B1VDFoVlNEUk1UWGRhTkM5cVJEaHBVMnd5WjNOT1RHVlRTbmczY1RsTlkwdDRUSFo1VUVJM1FsY3dOVGN5YTJGQ1dpOXVWV28zV1cxS2VteFJka0pITnl0MksyeFdTRlJNZUZONGF6RnVNRU40TUdOVWNGTk5OMVk1Y2prMFZYZExRVmRMVkdOSU9EQmpZbFZCZURoMVJuZDVXVFJMY0ZKcFVqSjVjVWswUkZweVYzUmlSalZKVVZobFFTdDVZVkp4YTFFMVdHRnpkRTFtZVRCNVZVMUJPR3BaZEZkd2FqRm9aVFZGYUZoeFVWSm1ObWhuVUVKU2Ewa3hNa0YyZVZSdFFqUlVZamwwWm5aWFRsb3lZVkV4VkZSR00xRm9TVVZHVkVZeVpXZFZSMDlEY2toNlNFZFVXRWxZUkdocU9UWnFaRmh0U0haSmVIVm5kV1pCVmpCdFozSmFSMlpZVWxGc1FVSkxUM2xuUFQwPQ%3D%3D&rand=0.19064010665163922
Requested by: Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 18:24:37 GMT
Server: Apache/2.4.25 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

a
lookandfind.me/s/
Redirect Chain

http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D43087740%26sid%3D20220208052436028267756e439d626d&s=j&enc=QWRsNmpwM0d2S3R6dGxQVko3eGNFSDQ5ZmtWS09FeDRPV2RKU...
https://clever-redirect.com/s/r6?s=721614&s3=43087740&sid=20220208052436028267756e439d626d
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=43087740&s5=wc

376 B
741 B

78ms
31ms

Document
text/html

157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=43087740&s5=wc
Requested by: Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 376
content-type: text/html; charset=UTF-8
date: Mon, 07 Feb 2022 18:24:38 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
location: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=43087740&s5=wc
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 07 Feb 2022 18:24:38 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27

GET
H2 200 r
lookandfind.me/s/ 306 B
336 B 24ms
23ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D4b9ac480efe9155985555c4d9c9fe3a4%26pref2%3DDE&h=c2d2e9319eb60a90863d7bd40caec158
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=43087740&s5=wc

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 306
content-type: text/html; charset=UTF-8
date: Mon, 07 Feb 2022 18:24:38 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

GET
H2

200

Primary Request / Show response
helden.de/
Redirect Chain

https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=4b9ac480efe9155985555c4d9c9fe3a4&pref2=DE
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

275 KB
48 KB

495ms
439ms

Document
text/html

2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Requested by: Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D4b9ac480efe9155985555c4d9c9fe3a4%26pref2%3DDE&h=c2d2e9319eb60a90863d7bd40caec158
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d1623a0d8c0a16032dff0dc03a21ec8e519abac55ccbc8a505603743878f9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D4b9ac480efe9155985555c4d9c9fe3a4%26pref2%3DDE&h=c2d2e9319eb60a90863d7bd40caec158

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://helden.de/wp-json/>; rel="https://api.w.org/" <https://helden.de/>; rel=shortlink
cache-control: max-age=0
expires: Mon, 07 Feb 2022 18:24:38 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9ea8033eb3920b-FRA
content-encoding: gzip

Redirect headers

date: Mon, 07 Feb 2022 18:24:38 GMT
content-type: text/html; charset=iso-8859-1
location: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FpkOjCzoUJRNG9Q4skivSffg58udly0WIhLpZCHpiDBPxvylaZ4F6tKE7MvYN74ZxA0GsyZq1SoMCqR03R3g6bHN8R%2BCE%2BPXK5BznDIX6GYtdkhTj8sjs7Eu%2BQizp3lgaOVNUuXelrcYoHO4QWh7pgj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d9ea8020e5e9195-FRA

GET
H2 200 helden-custom.css
helden.de/wp-content/themes/you/css/ 1 KB
698 B 44ms
43ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/helden-custom.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 09:04:16 GMT
server: cloudflare
age: 1071655
cf-polished: origSize=2130
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8060e3f920b-FRA
cf-bgj: minify

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/ 31 KB
6 KB 73ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 10:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5770
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2023 10:11:45 GMT

GET
H2 200 wp-notification-bars-public.css
helden.de/wp-content/plugins/wp-notification-bars/public/css/ 4 KB
1 KB 44ms
42ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 1071655
cf-polished: origSize=4192
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8060e41920b-FRA
cf-bgj: minify

GET
H2 200 acoda_counters.min.css
helden.de/wp-content/plugins/acoda-counters/assets/ 797 B
341 B 46ms
45ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8060e54920b-FRA
content-length: 278
expires: Thu, 26 Jan 2023 08:43:44 GMT

GET
H2 200 acoda_gigatools.min.css
helden.de/wp-content/plugins/acoda-gigatools/assets/ 695 B
327 B 63ms
61ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-gigatools/assets/acoda_gigatools.min.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8060e5a920b-FRA
content-length: 264
expires: Thu, 26 Jan 2023 08:43:44 GMT

GET
H2 200 style.css
helden.de/wp-content/plugins/likebtn-like-button/public/css/ 2 KB
801 B 49ms
48ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/css/style.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 1071655
cf-polished: origSize=2476
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8060e5d920b-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-public.css
helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 3 KB
1 KB 62ms
61ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.0
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc6b9f591f8a9a592258150d30296b9a224ee2d938cecc5e8ba347535e360dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Aug 2020 12:16:56 GMT
server: cloudflare
age: 1071655
cf-polished: origSize=3959
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8060e60920b-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-gdpr.css
helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 17 KB
3 KB 49ms
48ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.0
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fa40176cf7621f894c7645f6162825006cee47b52776058cc2fa7f3b7bcae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Aug 2020 12:16:56 GMT
server: cloudflare
age: 1071655
cf-polished: origSize=21346
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8060e63920b-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 30 KB
7 KB 50ms
49ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8060e66920b-FRA
content-length: 7036
expires: Thu, 26 Jan 2023 08:43:44 GMT

GET
H2 200 dynamic-mobmenu.css
helden.de/wp-content/uploads/ 8 KB
2 KB 62ms
61ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/uploads/dynamic-mobmenu.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 14:13:59 GMT
server: cloudflare
age: 1071655
cf-polished: status=cannot_optimize
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8060e68920b-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 1 KB
931 B 79ms
27ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 17:12:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 18:24:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 18:24:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
468 B 79ms
28ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7edee88862109a0b709cb1801cccd10f6460971dbb1afc945abb81c17bfca85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:24:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 18:24:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 18:24:39 GMT

GET
H2 200 js_composer.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 451 KB
44 KB 43ms
42ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8060e6a920b-FRA
content-length: 44917
expires: Thu, 26 Jan 2023 08:43:44 GMT

GET
H2 200 mobmenu-icons.css
helden.de/wp-content/plugins/mobile-menu/includes/css/ 2 KB
757 B 61ms
60ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 1071655
cf-polished: origSize=3886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062e85920b-FRA
cf-bgj: minify

GET
H2 200 style.css
helden.de/wp-content/themes/helden/ 376 KB
60 KB 63ms
62ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/style.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6928cc4d50cb193b1c5d09343ecae72c20af5da0483e28b7c48a4c77e0f6d3c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 14:51:16 GMT
server: cloudflare
age: 1071655
cf-polished: origSize=448108
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:43:44 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062e88920b-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
helden.de/wp-includes/js/jquery/ 95 KB
33 KB 63ms
62ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 22:08:51 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=96873
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062e89920b-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
helden.de/wp-includes/js/jquery/ 10 KB
4 KB 77ms
75ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8062e8a920b-FRA
content-length: 4014
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 main.js Show response
helden.de/wp-content/themes/helden/ 122 KB
35 KB 61ms
60ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 09 Aug 2021 14:46:59 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=179649
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062e8b920b-FRA
cf-bgj: minify

GET
H2 200 countid.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 5 KB
2 KB 48ms
46ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/countid.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8062e8d920b-FRA
content-length: 1975
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 acoda_counters.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 1 KB
586 B 59ms
58ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8062e92920b-FRA
content-length: 523
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 frontend.js Show response
helden.de/wp-content/plugins/likebtn-like-button/public/js/ 5 KB
2 KB 75ms
73ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=7114
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062e96920b-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-public.js Show response
helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 35 KB
9 KB 58ms
56ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.0
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499f5d894e680015c299c3707e38a9b65074b888ed8e8380854a782a71c4ebd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Aug 2020 12:16:56 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=46549
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062e9c920b-FRA
cf-bgj: minify

GET
H2 200 wpgmza_data.js Show response
helden.de/wp-content/plugins/wp-google-maps/ 0
101 B 61ms
60ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 13:26:08 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8062e9d920b-FRA
content-length: 0
cf-bgj: minify

GET
H2 200 wp-notification-bars-public.js Show response
helden.de/wp-content/plugins/wp-notification-bars/public/js/ 689 B
377 B 76ms
75ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=1041
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062ea1920b-FRA
cf-bgj: minify

GET
H2 200 mobmenu.js Show response
helden.de/wp-content/plugins/mobile-menu/includes/js/ 6 KB
1 KB 60ms
59ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=8712
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062ea4920b-FRA
cf-bgj: minify

GET
H2 200 waypoints.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/ 8 KB
3 KB 65ms
64ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8062ea6920b-FRA
content-length: 2615
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 waypoints-sticky.min.js Show response
helden.de/wp-content/themes/you/js/ 3 KB
1 KB 73ms
73ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/waypoints-sticky.min.js?ver=1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8062ea8920b-FRA
content-length: 1282
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 helden_de_custom.js Show response
helden.de/wp-content/themes/you/js/ 6 KB
3 KB 65ms
64ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/helden_de_custom.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Mar 2021 13:18:15 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=7385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea8062eab920b-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
665 B 77ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 17:36:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 18:24:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 18:24:39 GMT

GET
H2 200 helden.de_Logo.svg
helden.de/wp-content/uploads/2021/02/ 5 KB
2 KB 79ms
72ms Image
image/svg+xml 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/02/helden.de_Logo.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Feb 2021 09:49:41 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d9ea806c850920b-FRA
content-length: 1845
expires: Fri, 25 Feb 2022 08:43:44 GMT

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
helden.de/wp-content/assets/profly_dji/ 33 KB
8 KB 71ms
64ms Image
image/svg+xml 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/profly_dji/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d9ea806e870920b-FRA
date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 05:21:52 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/svg+xml
content-length: 8356
expires: Fri, 25 Feb 2022 08:43:44 GMT

GET
H2 200 Kundenvertrauen_helden_de.svg
helden.de/wp-content/uploads/2021/07/ 32 KB
8 KB 72ms
65ms Image
image/svg+xml 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/Kundenvertrauen_helden_de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 08:21:20 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d9ea806e872920b-FRA
content-length: 8129
expires: Fri, 25 Feb 2022 08:43:44 GMT

GET
H2 200 widget_square_165_1.png
images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/ 14 KB
14 KB 74ms
25ms Image
image/png 34.102.224.29
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/widget_square_165_1.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.224.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.224.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48a2156abaed07fa73ed289ca1e45a818cdf7ca5d8aa6e6d31b64b2bf3850753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
via: 1.1 google
last-modified: Mon, 07 Feb 2022 13:41:31 GMT
server: nginx
age: 0
etag: "6201218b-37bf"
content-type: image/png
cache-control: max-age=86400,no-cache
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14271
expires: Tue, 08 Feb 2022 18:24:39 GMT

GET
H2 200 Helden_Web_Mobile-Mockup_06.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 73ms
66ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_06.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1071655
cf-polished: qual=85, origFmt=jpeg, origSize=52798
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_06.webp"
content-length: 27534
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:43:44 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e876920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_05.jpg
helden.de/wp-content/uploads/2019/10/ 19 KB
19 KB 76ms
69ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_05.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1009008
cf-polished: qual=85, origFmt=jpeg, origSize=42408
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_05.webp"
content-length: 19320
last-modified: Mon, 14 Oct 2019 10:34:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 27 May 2022 02:07:51 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e878920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_04.jpg
helden.de/wp-content/uploads/2019/10/ 25 KB
25 KB 78ms
71ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_04.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1071655
cf-polished: qual=85, origFmt=jpeg, origSize=50929
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_04.webp"
content-length: 25904
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:43:44 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e87a920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_03.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 78ms
71ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_03.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1071655
cf-polished: qual=85, origFmt=jpeg, origSize=55274
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_03.webp"
content-length: 27706
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:43:44 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e87d920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_02.jpg
helden.de/wp-content/uploads/2019/10/ 33 KB
33 KB 90ms
83ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_02.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 418642
cf-polished: qual=85, origFmt=jpeg, origSize=59813
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_02.webp"
content-length: 34042
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 02 Jun 2022 22:07:17 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e87e920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_01.jpg
helden.de/wp-content/uploads/2019/10/ 23 KB
23 KB 79ms
72ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_01.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1071655
cf-polished: qual=85, origFmt=jpeg, origSize=48508
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_01.webp"
content-length: 23826
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:43:44 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e87f920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_292Y6.jpg
helden.de/wp-content/uploads/2020/08/ 28 KB
28 KB 92ms
85ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/08/helden_code_292Y6.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3739bf38a85743e9e259f58619bae5a1c329c8ad724e89a83c8e59d0cefdfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 38899
cf-polished: qual=85, origFmt=jpeg, origSize=42163
content-disposition: inline; filename="helden_code_292Y6.webp"
content-length: 28454
last-modified: Mon, 03 Aug 2020 13:17:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 07:36:20 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e881920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_T8DW5.jpg
helden.de/wp-content/assets/community/ 6 KB
6 KB 85ms
78ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_T8DW5.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61492c8f237d7e8c9eb6f79db84a7f183ba4f2e6495f0d27f4b5b03e37728410

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 38897
cf-polished: qual=85, origFmt=jpeg, origSize=19105
content-disposition: inline; filename="helden_code_T8DW5.webp"
content-length: 6102
last-modified: Thu, 15 Apr 2021 07:28:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 07:36:22 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e884920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_37GA2.jpg
helden.de/wp-content/uploads/2019/10/ 11 KB
11 KB 84ms
78ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_37GA2.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b75edcde311da386af1f591724dd1ed3df272ee891957b58392876c131ffc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:25:54 GMT
server: cloudflare
age: 294106
cf-polished: degrade=85, origSize=33314, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 04 Jun 2022 08:42:53 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e885920b-FRA
content-length: 11263
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1C9A8.jpg
helden.de/wp-content/uploads/2019/06/ 33 KB
33 KB 79ms
73ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/06/helden_code_1C9A8.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b958011680839e6ed18a1edfd66a300e1442100fd1c24ed5bf5eee2ffa1723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2019 10:13:29 GMT
server: cloudflare
age: 38896
cf-polished: qual=85, origFmt=jpeg, origSize=204700
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 07:36:23 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_code_1C9A8.webp"
cf-ray: 6d9ea806e888920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_15TN4.jpg
helden.de/wp-content/assets/community/ 23 KB
23 KB 87ms
81ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_15TN4.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b244c7cb0ef9b67c21bf245fa48296451725e8a0bebe450e447f64a06543c6d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Apr 2021 07:28:29 GMT
server: cloudflare
age: 791893
cf-polished: degrade=85, origSize=55132, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sun, 29 May 2022 14:26:26 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e88e920b-FRA
content-length: 23421
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_44KJ3.jpg
helden.de/wp-content/assets/community/ 10 KB
10 KB 87ms
81ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_de_44KJ3.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a963fc406ef4b119ff883573841d143c2f1ca8b5c28d167420421341f079251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Jan 2022 10:04:21 GMT
server: cloudflare
age: 645845
cf-polished: degrade=85, origSize=39584, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 31 May 2022 07:00:34 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e894920b-FRA
content-length: 10399
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_0AED0.jpg
helden.de/wp-content/assets/community/ 11 KB
11 KB 90ms
84ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_de_0AED0.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6197e8d2522b6655650164210d9362624685371febfde3e5fe770641434813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Jan 2022 09:25:06 GMT
server: cloudflare
age: 207399
cf-polished: degrade=85, origSize=44599, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sun, 05 Jun 2022 08:48:00 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e895920b-FRA
content-length: 11421
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_NINA4.jpg
helden.de/wp-content/uploads/2020/07/ 29 KB
29 KB 88ms
82ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/07/helden_code_NINA4.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65532969f8fa7c98137e3b88cdab9b8a779d065999cab303c12f0be8ad96916f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jul 2020 10:31:21 GMT
server: cloudflare
age: 38897
cf-polished: qual=85, origFmt=jpeg, origSize=276894
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 07:36:22 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_code_NINA4.webp"
cf-ray: 6d9ea806e898920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_2XXC3.jpg
helden.de/wp-content/uploads/2019/10/ 11 KB
11 KB 91ms
85ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_2XXC3.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708ee79f31c11e3bbb964355009869a3f6660ca1d493eb272ee5ddb28c11f717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:25:03 GMT
server: cloudflare
age: 207401
cf-polished: degrade=85, origSize=34199, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sun, 05 Jun 2022 08:47:58 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e89b920b-FRA
content-length: 11146
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1U8C7.jpg
helden.de/wp-content/uploads/2019/10/ 11 KB
11 KB 80ms
74ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_1U8C7.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e2b6480c7741fb5ce74f7924a8ee486e9aea6c8a797df6a6739af800146f11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:38 GMT
server: cloudflare
age: 294107
cf-polished: degrade=85, origSize=34920, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 04 Jun 2022 08:42:52 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e89f920b-FRA
content-length: 11547
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1STI9.jpg
helden.de/wp-content/uploads/2019/10/ 4 KB
5 KB 82ms
77ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_1STI9.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0dd566a5709cf4b3c46b8f38d85fa6879b3ecf0ff669b385df1cf2d3dcd43c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 38894
cf-polished: qual=85, origFmt=jpeg, origSize=15292
content-disposition: inline; filename="helden_code_1STI9.webp"
content-length: 4582
last-modified: Mon, 14 Oct 2019 09:24:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 07:36:25 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8a0920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_3RC53.jpg
helden.de/wp-content/uploads/2019/10/ 7 KB
8 KB 100ms
95ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_3RC53.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6b7e77088d6752ddae7064e92151329ed0b137977140c7c866de38a7f84ff8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:25:21 GMT
server: cloudflare
age: 207400
cf-polished: degrade=85, origSize=22885, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sun, 05 Jun 2022 08:47:59 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8a1920b-FRA
content-length: 7417
cf-bgj: imgq:85,h2pri

GET
H2 200 Versicherungspartner_NV-300x208.jpg
helden.de/wp-content/uploads/2020/04/ 3 KB
3 KB 82ms
76ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_NV-300x208.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1070733
cf-polished: qual=85, origFmt=jpeg, origSize=6159
content-disposition: inline; filename="Versicherungspartner_NV-300x208.webp"
content-length: 2924
last-modified: Fri, 03 Apr 2020 11:30:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:59:06 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8a3920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Versicherungspartner_HISCOX-300x182.jpg
helden.de/wp-content/uploads/2020/04/ 4 KB
4 KB 87ms
82ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_HISCOX-300x182.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 416100
cf-polished: qual=85, origFmt=jpeg, origSize=6611
content-disposition: inline; filename="Versicherungspartner_HISCOX-300x182.webp"
content-length: 3982
last-modified: Fri, 03 Apr 2020 11:30:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 02 Jun 2022 22:49:39 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8a4920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
helden.de/wp-content/uploads/2021/07/ 23 KB
23 KB 86ms
80ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 343682
cf-polished: origFmt=png, origSize=56718
content-disposition: inline; filename="WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.webp"
content-length: 23324
last-modified: Mon, 05 Jul 2021 11:39:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 18:56:37 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8a9920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
helden.de/wp-content/uploads/2020/06/ 47 KB
47 KB 91ms
85ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/06/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 10:28:11 GMT
server: cloudflare
age: 334379
cf-polished: qual=85, origFmt=jpeg, origSize=69103
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 21:31:40 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.webp"
cf-ray: 6d9ea806e8ab920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden.de_Logo_web_retina.png
helden.de/wp-content/uploads/2019/01/ 4 KB
5 KB 80ms
75ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/01/helden.de_Logo_web_retina.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 426556
cf-polished: origFmt=png, origSize=8928
content-disposition: inline; filename="helden.webp"
content-length: 4534
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 02 Jun 2022 19:55:23 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8ac920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 js_composer_tta.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 309 KB
14 KB 34ms
34ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea8069fa1920b-FRA
content-length: 14545
expires: Thu, 26 Jan 2023 08:43:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
649 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a55eb96ad9952ebf2d6e42d4f44565d00ebe4a6ea1171e4d4dcaa6a653081c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 17:55:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 18:24:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 18:24:39 GMT

GET
H2 200 ihover.min.css
helden.de/wp-content/themes/you/css/ 50 KB
3 KB 68ms
60ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/ihover.min.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 08:00:21 GMT
server: cloudflare
age: 1071655
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806bff4920b-FRA
content-length: 3178
expires: Thu, 26 Jan 2023 08:43:44 GMT

GET
H2 200 core.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 4 KB
2 KB 47ms
38ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806b80a920b-FRA
content-length: 1811
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 widget.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 7 KB
3 KB 70ms
61ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806b811920b-FRA
content-length: 2543
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 position.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 6 KB
3 KB 69ms
60ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806b813920b-FRA
content-length: 2469
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 menu.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 9 KB
3 KB 84ms
75ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806b816920b-FRA
content-length: 2805
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 wp-sanitize.min.js Show response
helden.de/wp-includes/js/ 423 B
350 B 48ms
39ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-sanitize.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071566
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806b817920b-FRA
content-length: 257
expires: Thu, 26 Jan 2023 08:45:13 GMT

GET
H2 200 wp-a11y.min.js Show response
helden.de/wp-includes/js/ 640 B
461 B 70ms
62ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-a11y.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806b819920b-FRA
content-length: 375
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 autocomplete.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 8 KB
3 KB 87ms
78ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c821920b-FRA
content-length: 2774
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 presVouch.js Show response
helden.de/wp-content/themes/helden/ 3 KB
1 KB 83ms
74ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/presVouch.js?ver=1.2
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 08:40:22 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=5783
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea806c82a920b-FRA
cf-bgj: minify

GET
H2 200 underscore.min.js Show response
helden.de/wp-includes/js/ 16 KB
6 KB 85ms
76ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c82d920b-FRA
content-length: 5634
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 backbone.min.js Show response
helden.de/wp-includes/js/ 22 KB
7 KB 73ms
64ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/backbone.min.js?ver=1.2.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c82f920b-FRA
content-length: 7433
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 api-request.min.js Show response
helden.de/wp-includes/js/ 768 B
518 B 84ms
75ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/api-request.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c835920b-FRA
content-length: 440
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 wp-api.min.js Show response
helden.de/wp-includes/js/ 14 KB
4 KB 74ms
66ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-api.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c837920b-FRA
content-length: 4086
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 scripts.js Show response
helden.de/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 73ms
65ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
cf-polished: origSize=14440
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:45:10 GMT
cache-control: max-age=31536000
cf-ray: 6d9ea806c838920b-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 76ms
26ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cbfe64eec1cd97e6b40c7df10021f707d564f508b9571d7207debebec1bae7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Mon, 07 Feb 2022 18:24:39 GMT

GET
H2 200 effect.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 13 KB
5 KB 81ms
73ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c83a920b-FRA
content-length: 5162
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 wp-embed.min.js Show response
helden.de/wp-includes/js/ 1 KB
894 B 81ms
73ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-embed.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c83b920b-FRA
content-length: 739
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 js_composer_front.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 71ms
62ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c83c920b-FRA
content-length: 5712
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 vc-accordion.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/ 12 KB
3 KB 83ms
75ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c840920b-FRA
content-length: 2673
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 vc-tta-autoplay.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/ 2 KB
917 B 81ms
73ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c844920b-FRA
content-length: 831
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 vc-tabs.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/ 4 KB
1 KB 83ms
75ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c84d920b-FRA
content-length: 1170
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H2 200 skrollr.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/ 12 KB
6 KB 83ms
76ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071569
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9ea806c84e920b-FRA
content-length: 5593
expires: Thu, 26 Jan 2023 08:45:10 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: helden.de
URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 17:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2023 17:58:10 GMT

GET
H2 200 widget.js Show response
w.likebtn.com/js/w/ 124 KB
34 KB 84ms
34ms Script
application/javascript 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/js/w/widget.js
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.15.4
Resource Hash: 096fd1f8218ce1969b5f08643cdfdb26396495e3ab1a3d60410ba18c3bd4f418

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10502
x-powered-by: HHVM/3.15.4
last-modified: Mon, 07 Feb 2022 10:07:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfUP1mvByoGrCstdPPXUz2luy0k%2BYIQ1i8hv4RZFtBV7NhraNDxizkCvwzzk0JWAlpLnMH04xe2rgzhxmFAS24X0GtQaiWXpIw8E45dDF5D0X%2FAuwKTQSyAhH17Vvy6m6EaaPeZ06Ieq6oo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=691200, s-maxage=57600
cf-polished: origSize=126890
cf-ray: 6d9ea8070ef6909d-FRA
cf-bgj: minify

GET
H2 200 h8eubnf2kys7.js Show response
js.driftt.com/include/1644258300000/ 227 KB
65 KB 239ms
157ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1644258300000/h8eubnf2kys7.js

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3c430c6bbf28dcc0eb84b18a6647b8feab76de0a77a6975cb71b9b5f4cdf3731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: lCI5UbIVt302JWDoFj_nErhlDGDRS.n9
content-encoding: gzip
etag: W/"88aa02188a6071f32ff6a1455cb7bb1c"
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 16:14:45 GMT
server: nginx
date: Mon, 07 Feb 2022 18:24:39 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bZWo97WNXVNxzJqX3adGnMY_QdJdWLjxejoWaauYOcQIvs1PfXhAkw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 66ms
17ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200096-IAD, cache-hhn11536-HHN

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 7 KB
7 KB 56ms
17ms Script
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: RCjAxJ8CrRqbtKQCS4KIrWhcLcYrBklc
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 17:52:19 GMT
server: AmazonS3
age: 14905
etag: "4e42700e21a922978b72507ad18a7fea"
x-cache: Hit from cloudfront
content-type: text/javascript
date: Mon, 07 Feb 2022 14:16:14 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6674
x-amz-cf-id: qR0DntenxfSgMoMHJH9uJVcslON6v6ejs0opwHqnf6vAljpIzoMEpA==

GET
H2 200 helden_de_phv_hero.jpg
helden.de/wp-content/assets/header/old/ 394 KB
395 KB 79ms
79ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/header/old/helden_de_phv_hero.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Feb 2021 14:27:07 GMT
server: cloudflare
age: 1071654
cf-polished: qual=85, origFmt=jpeg, origSize=514244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:43:45 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_phv_hero.webp"
cf-ray: 6d9ea806e8af920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_privathaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 70 KB
70 KB 70ms
70ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_privathaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 1070778
cf-polished: qual=85, origFmt=jpeg, origSize=92072
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:58:21 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_productimages_overview_privathaftpflicht.webp"
cf-ray: 6d9ea806e8b0920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_hausratschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 26 KB
26 KB 81ms
81ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hausratschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1070778
cf-polished: qual=85, origFmt=jpeg, origSize=37384
content-disposition: inline; filename="helden_de_productimages_overview_hausratschutz.webp"
content-length: 26294
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:58:21 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8b5920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_hundehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 17 KB
17 KB 80ms
79ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hundehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1070778
cf-polished: qual=85, origFmt=jpeg, origSize=26654
content-disposition: inline; filename="helden_de_productimages_overview_hundehaftpflicht.webp"
content-length: 17518
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:58:21 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8b9920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_pferdehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 28 KB
28 KB 76ms
75ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_pferdehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1070778
cf-polished: qual=85, origFmt=jpeg, origSize=37445
content-disposition: inline; filename="helden_de_productimages_overview_pferdehaftpflicht.webp"
content-length: 28404
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:58:21 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8bf920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_drohenhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 29 KB
30 KB 74ms
74ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_drohenhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 1070778
cf-polished: degrade=85, origSize=37829, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 26 May 2022 08:58:21 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8c4920b-FRA
content-length: 30032
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 59 KB
59 KB 76ms
75ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2020 14:23:55 GMT
server: cloudflare
age: 1070778
cf-polished: status=not_needed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 26 May 2022 08:58:21 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8c6920b-FRA
content-length: 60060
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 23 KB
23 KB 73ms
73ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1070777
cf-polished: qual=85, origFmt=jpeg, origSize=33528
content-disposition: inline; filename="helden_de_productimages_overview_2-in-1_berufshaftpflicht.webp"
content-length: 23796
last-modified: Mon, 02 Nov 2020 14:27:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:58:22 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8cb920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_bue_keyvisual.jpg
helden.de/wp-content/assets/buero_equipmentschutz/ 27 KB
27 KB 74ms
74ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/buero_equipmentschutz/helden_de_bue_keyvisual.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 1070778
cf-polished: qual=85, origFmt=jpeg, origSize=58681
content-disposition: inline; filename="helden_de_bue_keyvisual.webp"
content-length: 27568
last-modified: Fri, 12 Feb 2021 11:22:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:58:21 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8cf920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_familienhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 22 KB
23 KB 70ms
70ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_familienhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
cf-cache-status: HIT
age: 339694
cf-polished: qual=85, origFmt=jpeg, origSize=32576
content-disposition: inline; filename="helden_de_productimages_overview_familienhaftpflicht.webp"
content-length: 23000
last-modified: Tue, 25 Aug 2020 10:13:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 20:03:05 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea806e8d2920b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 62ms
18ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 428049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
22 KB 96ms
56ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 428049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 90ms
51ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 428048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:31 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 73ms
34ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 428048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:31 GMT

GET
H2 200 fontawesome-webfont.woff2
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/ 75 KB
76 KB 67ms
66ms Font
font/woff2 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1071566
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=10368000
cf-ray: 6d9ea806e8d4920b-FRA
expires: Thu, 26 May 2022 08:45:13 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 80ms
42ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:54:55 GMT
x-content-type-options: nosniff
age: 426584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:54:55 GMT

GET
H2 200 mobmenu.ttf
helden.de/wp-content/plugins/mobile-menu/includes/css/font/ 12 KB
8 KB 37ms
36ms Font
font/ttf 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/font/mobmenu.ttf?31192480
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d49ea099481e01f6c80d0098144b28710ed7e27ffadee7cdac797ed87ef5740b

Request headers

Referer: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.14
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 1071566
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9ea8079a7f920b-FRA
content-length: 7707
expires: Thu, 26 May 2022 08:45:13 GMT

GET
H3 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 43ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:34:14 GMT
x-content-type-options: nosniff
age: 427825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:34:14 GMT

GET
H2 200 / Show response
helden.de/wp-json/wp/v2/ 136 KB
7 KB 194ms
194ms XHR
application/json 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helden.de/wp-json/wp/v2/

Requested by

Host: helden.de
URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 6520
access-control-allow-headers: Authorization, Content-Type
allow: GET
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=0
cf-ray: 6d9ea8083bfd920b-FRA
link: <https://helden.de/wp-json/>; rel="https://api.w.org/"
expires: Mon, 07 Feb 2022 18:24:39 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ 356 KB
140 KB 63ms
17ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helden.de/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143107
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 17:04:41 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b

Request headers

Referer
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 / Show response
ipapi.co/json/ 720 B
914 B 294ms
242ms XHR
application/json 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: helden.de
URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222faffba8feef921489b8a8e8bee90148eabf5dc40aa82ee8a7b377543256ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://helden.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: br
allow: HEAD, GET, OPTIONS, POST, OPTIONS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xwQXmYz%2BPEMTqmrDbMJsGATPxB3ZHop6g%2B1XZCYjMXX%2FekTh29N0X6zw1QGLHuTjJiuEHTGOKdL9eixyWRe%2FijK%2BBq9PfGxNc8GCTp4UYpedzN0YPPts6mniTBdrsWkZUBF%2FMv3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://helden.de
cf-ray: 6d9ea808df60918e-FRA

GET
H2 200 widget.css
w.likebtn.com/css/w/ 72 KB
28 KB 30ms
30ms Stylesheet
text/css 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/css/w/widget.css?v=39
Requested by: Host: w.likebtn.com
URL: https://w.likebtn.com/js/w/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5702
cf-polished: origSize=80956
last-modified: Fri, 21 Jan 2022 11:39:55 GMT
server: cloudflare
etag: W/"61ea9b8b-13c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmDyN2aSLUYNd4mDhXfTmmSe9j7HUIztKzANHAyJ1t9Spvfbrd06hlPho3JoZVn%2BKuwYnOjqx9vjF4045khwKN2JQ5xmGAHAz%2F06Ymzh5fghHK0S45CEnKRaG3dOBCSupeUBvzESBfXBc8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d9ea808b9fb909d-FRA
cf-bgj: minify

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 151B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644258279463
https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644258279463&dcc=t

65 B
973 B

224ms
224ms

Document
text/html

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644258279463&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

Server: Server
Date: Mon, 07 Feb 2022 18:24:40 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: 3GY9KKY6408XTDYCX38A
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Mon, 07 Feb 2022 18:24:39 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: KBEFANZSSA7ZCXJKGENQ
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644258279463&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
459 B 165ms
128ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1d1d74a0-5f2e-4d8e-9e24-ce949ee11827&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5897794cbda36ae14c68e375fff4772a49edd1a14a593f47d2530adec706416e
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
338 B 158ms
122ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=1d1d74a0-5f2e-4d8e-9e24-ce949ee11827&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 07 Feb 2022 18:24:39 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 97f39a5f381572747cef3389fc888fa36e1e56b58d9a5b456f03ae20201b4da6
content-length: 43

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1C4F 40 KB
20 KB 66ms
40ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j3tkopukhvrf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe483d8d42eca2d0d06c46db57295722c6a31a0ca259153345c57954a67ab61a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y2tEvHyZs7KInrG9WtJ9SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Feb 2022 18:24:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y2tEvHyZs7KInrG9WtJ9SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20739
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 1C4F 51 KB
24 KB 47ms
22ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j3tkopukhvrf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 17:59:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 1C4F 356 KB
140 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143107
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 17:04:41 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 352ms
75ms Script
application/x-javascript 2a03:5f80:a::b212:e7c8
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7c8 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 18:24:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=75552
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 70ms
30ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-71374404-2

Requested by

Host: helden.de
URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d8c6759085dc699997e6bf474e98c7fff7a68e0b4c318c93d14965a019f9089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36053
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 18:24:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1C4F 102 B
134 B 25ms
25ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j3tkopukhvrf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 07 Feb 2022 18:24:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 193ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQ1UwMpgyIN7v0nVChsLsLNuTqJRUP%2BzxfAKo6CvtHxLN%2FKP4%2FyljKow%2FTO7Dyd4xRGRWxdjELqNIAYpQCjHNOH%2BE%2Fd8ejy4UKtfen5Emhmwlx5XjDIbWKEsCa%2FDNE6ltvI%2FgcQ7mpVUGCQYhkMq30NTutcJWqD3ZZ6RWxlvOOLC2vkZcdm%2FAUxLjmjGY0wZoibTuMnL7lt3tFhMEV1FQS7ngeQlR%2FNEHDxCQxWTF0ZNVBmng57xUkzsNmTBgMqfUFY6BoHXyxEPhSJRCx5MM%2Bj7pkKG6p8ODkBAvYYk3eM%2FhBROfCV6NfN7XOUIDYhRf4AEbCgvPgDwDunA%2Bj40hhqN4ws%2F5moxDSIf84MqMNsBpKrz2Z4WqZXXcuu03y4XIEDqjLXMVEitswtlk9wVxnK5qc6hLkFIzAAtTDCcAUAB3QvK4w5Er1FeMzTTAhqilxRIXOtqKoTWA4zhktp7Md9lu2U%2BefdnZlSXoqvnA9Ruze1Mh7vatIOecH5Zh9qfoqr%2B0D3b9Q1yAiUQHoECwUL3Gr4DRyoGL%2Fvwuvn9RkfzkTNU1qjTpfsOigKrQeYfcHl1ZS%2B4QkaxFQWKvvSmvsn5VFd%2Fv8A85y4cHMpwq7D0R%2FYOCowyvPzujNV0AEN%2F%2B8r9Go6%2Fo7oVgOPUlw37MulfSbIn5sUxpSe6mvsrG5izlMfKsrBcUvoZ60SY2sCOzkc6TruwOALhqpYTcW5mv0%2FA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: 61jZjQ+WLc9YhqN0D3uJCtd4GPZG6jikh+gq5GknCvfXbzFab2zxkBpCoKaLHZSgAhzPbs/aQQ4IDf2mIPz9TQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Feb 2022 18:24:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 190ms
17ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71374404-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1188
date: Mon, 07 Feb 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Feb 2022 20:04:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 68ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494380193&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71374404-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94a557a859947873e7666784eb5bf93699ea204d842365c5fe00264274bb8357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39506
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 18:24:40 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
45 KB 61ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b5be6ebb41014150c80429c8da4aabd3f0158b6b77665094da66d85c5e4cb66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46425
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 18:24:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 51ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-494380193

Requested by

Host: helden.de
URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4582e8ede874b8d645c892eab6a7bde2f253baf85efae1103bd3114cecd0c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39482
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 18:24:40 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1C4F 30 KB
17 KB 57ms
56ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3d6136497ce496da1e91c8708fc5f6277726188985a70884530407fff5986f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j3tkopukhvrf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17027
x-xss-protection: 1; mode=block
expires: Mon, 07 Feb 2022 18:24:40 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 118ms
40ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-494380193&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14850
x-xss-protection: 0
server: cafe
etag: 8228622888473677312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 18:24:40 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 411ms
348ms Script
application/javascript 2a02:26f0:6c00:293::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:293::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 88ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:39 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1BFAF4C7B4C4BF08BF1F412BB993C52 Ref B: FRAEDGE1220 Ref C: 2022-02-07T18:24:40Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1336307/ 55 KB
17 KB 56ms
15ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1336307/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f23ac7f053220566f81e8a71274ba876a87ee0fc55d92e078eb9448e2856242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: VwUI7cKS0mjWhvA.FVq2kqq5KQxDvnZM
content-encoding: gzip
etag: "463727c0be2fe4f4f0d79624eb8a7cb6"
age: 22170
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 17367
x-amz-id-2: E1tEao6FzNkJqlxS4Hbrp031Strxeel9U9/QRg+2Z/tTJTy1CG9wo9ZgOAHa3Cl0pMqGTIXdSRw=
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 07 Feb 2022 12:14:00 GMT
server: AmazonS3
x-timer: S1644258280.462812,VS0,VE1
date: Mon, 07 Feb 2022 18:24:40 GMT
vary: Accept-Encoding
x-amz-request-id: TMXX068TK7EQRBVS
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 41
x-cache-hits: 1

GET
H3 200 618036441688877 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 68ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/618036441688877?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ba9bb26b083f8a712458b673f21ba8d2803ec04e8dc37d19ae286bfb6c60943

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: W07T2pLnWluhcbR/Wm/EzuHKhMtF/bpJp29XzpNBW13DLuocc3E65Mfp0hO4mhwYD8GV8V0wOzI43i00lryKZA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 07 Feb 2022 18:24:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
117 B 136ms
135ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=00f56621-4b5c-4031-a401-7693cb570c73&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 118
date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5897794cbda36ae14c68e375fff4772a49edd1a14a593f47d2530adec706416e
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
78 B 130ms
129ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=00f56621-4b5c-4031-a401-7693cb570c73&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 07 Feb 2022 18:24:39 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 97f39a5f381572747cef3389fc888fa36e1e56b58d9a5b456f03ae20201b4da6
content-length: 43

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 50ms
24ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=281002059&t=pageview&_s=1&dl=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2108285307&gjid=1294100288&cid=1786668701.1644258280&tid=UA-71374404-2&_gid=1599491375.1644258280&_r=1&gtm=2ou220&z=696077661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helden.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helden.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/494380193/ 3 KB
2 KB 74ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494380193/?random=1644258280446&cv=9&fst=1644258280446&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45b6965ae8195c7f9d29e21381965e6ab1e0eae8d64714a2f36faea46743354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/494380193/ 2 KB
1 KB 54ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/494380193/?random=1644258280448&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&auid=982436335.1644258280&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

868bcdb99cda6699411f2a3852092f35680dde0511300a69bf06fa20327bf150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3298705%26time%3D1644258280459%26url%3Dhttps%253A%252F%252Fhelden.de%252F%253Futm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da...

0
156 B

329ms
123ms

Image
application/javascript

108.174.10.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&liSync=true&e_ipv6=AQLl-QuPKjBNowAAAX7VbkXPYYK78AMjkMP9NjpUbsbxP_fAyLLaemDfaBYMC9db7h4PqwzYl5AP_gXQYz5-Ts0VJ8_P
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Server: 108.174.10.14 -, , ASN (),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:41 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: vS7y9TGU0RZgv+zB2ioAAA==

Redirect headers

date: Mon, 07 Feb 2022 18:24:40 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E09853347DE84898AF861EB151594AA1 Ref B: VIEEDGE2318 Ref C: 2022-02-07T18:24:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1644258280459&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&liSync=true&e_ipv6=AQLl-QuPKjBNowAAAX7VbkXPYYK78AMjkMP9NjpUbsbxP_fAyLLaemDfaBYMC9db7h4PqwzYl5AP_gXQYz5-Ts0VJ8_P
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXXcbbAh9M0nHjXw/LWoQ==

GET
H2 200 json Show response
trc.taboola.com/1336307/trc/3/ 2 KB
2 KB 40ms
34ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1336307/trc/3/json?tim=1644258280486&data=%7B%22id%22%3A361%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1644258280475%2C%22cv%22%3A%2220220207-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhelden.de%2F%22%2C%22e%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dinsuranceherogmbh-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1644258280484%2C%22ref%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A18%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336307/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9305f3b0672b605b354afcf31517a00b78f1c04120066f599e4bc1fa28f3bc76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Mon, 07 Feb 2022 18:24:40 GMT
content-encoding: gzip
server: nginx
x-timer: S1644258281.502723,VS0,VE19
x-served-by: cache-hhn4077-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 73ms
23ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71374404-2&cid=1786668701.1644258280&jid=2108285307&gjid=1294100288&_gid=1599491375.1644258280&_u=YEBAAUAAAAAAAC~&z=1860660668

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://helden.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Feb 2022 18:24:40 GMT
content-type: text/plain
access-control-allow-origin: https://helden.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 50ms
16ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618036441688877&ev=PageView&dl=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1644258280507&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=28&fbp=fb.1.1644258280506.1637742900&it=1644258280421&coo=false&exp=p0&rqm=GET

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 07 Feb 2022 18:24:40 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/494380193/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
108 B

37ms
36ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&auid=982436335.1644258280&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=6GMBYrmAHobLx_AP68Sl0A8&random=1366508334&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/494380193/?random=616851780&cv=9&fst=1644258280448&num=1&label=dMLqCIbn5f0CEKHJ3usB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&auid=982436335.1644258280&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=6GMBYrmAHobLx_AP68Sl0A8&random=1366508334&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25084265.js Show response
bat.bing.com/p/action/ 0
92 B 168ms
168ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25084265.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 18:24:39 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1511B4A6D2354004B147D37C66407D56 Ref B: FRAEDGE1220 Ref C: 2022-02-07T18:24:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 39ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25084265&tm=gtm002&Ver=2&mid=a3c1bca3-d12f-4f8b-9d00-1ec633e5dbcb&sid=36cb7a60884311eca67e05a9bfe98256&vid=36cb9880884311ec816061330132a4cd&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&p=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&r=https%3A%2F%2Flookandfind.me%2F&lt=1241&evt=pageLoad&msclkid=N&sv=1&rn=235899
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C9AB1D1A3C241CB90FB26F7104EC501 Ref B: FRAEDGE1220 Ref C: 2022-02-07T18:24:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/494380193/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/494380193/?random=1644258280446&cv=9&fst=1644256800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&async=1&fmt=3&is_vtc=1&random=2375723290&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/494380193/ 42 B
548 B 74ms
30ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/494380193/?random=1644258280446&cv=9&fst=1644256800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa220&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b&ref=https%3A%2F%2Flookandfind.me%2F&tiba=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&async=1&fmt=3&is_vtc=1&random=2375723290&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71374404-2&cid=1786668701.1644258280&jid=2108285307&_u=YEBAAUAAAAAAAC~&z=1357501670

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 42ms
41ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71374404-2&cid=1786668701.1644258280&jid=2108285307&_u=YEBAAUAAAAAAAC~&z=1357501670

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 225ms
224ms Script
application/javascript 2a02:26f0:6c00:293::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:293::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
575 B 119ms
60ms XHR
application/json 151.101.64.84

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613082116632&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A1%7D&cb=1644258281061
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:41 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://helden.de
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU5XTXdPVE00WmpVdE1EQXlaaTAwTnpoakxUZzFaak10T1RGa01UQTJPRGRtTXpCbA
x-pinterest-rid: 2279483621705861
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 117ms
60ms Image
image/gif 151.101.64.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613082116632&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b%22%2C%22ref%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644258281063
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 18:24:41 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 8820630650073608
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 5595 2 KB
1 KB 312ms
312ms Document
text/html 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1644258300000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9dfd1e30ec1915dfbcf0020116661f5a912b7181b1e2eaffabbfe4ab575db2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 04 Feb 2022 16:15:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: g3Mm5AdjZNiPgzoglrFp7XtOzC3RPOIv
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 07 Feb 2022 18:24:42 GMT
cache-control: no-cache
etag: W/"f66021d8eba698f6f00e5b7b03643d97"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: fhrGn7Ss-1A0i4wPT0dX2JAkwnVmdwB2Q9RaDeAae4BFemjNcUlVzQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 1F15 2 KB
1 KB 312ms
312ms Document
text/html 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1644258300000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9dfd1e30ec1915dfbcf0020116661f5a912b7181b1e2eaffabbfe4ab575db2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 04 Feb 2022 16:15:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: g3Mm5AdjZNiPgzoglrFp7XtOzC3RPOIv
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 07 Feb 2022 18:24:42 GMT
cache-control: no-cache
etag: W/"f66021d8eba698f6f00e5b7b03643d97"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: XrHze2CfWpxnZ2vJycurnMMP99tHFXNkHdZ6EdvnNiy1nyzXwPffkQ==

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 15B0
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

200ms
199ms

Document
text/html

184.30.24.193

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 -, , ASN (),

Reverse DNS

Software

Resource Hash

708f01c4db9368fc9981977c3279ce9690636f0194ed6c644a80a5893a51359c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-a185fb24484190662ebd95548d341ab3' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1405836559499835; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-a185fb24484190662ebd95548d341ab3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1405836559499835; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-a185fb24484190662ebd95548d341ab3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 90
pinterest-generated-by: coreapp-webapp-prod-0a03e5e5
content-encoding: gzip
pinterest-version: e879318
referrer-policy: origin
x-pinterest-rid: 1405836559499835
date: Mon, 07 Feb 2022 18:24:42 GMT
content-length: 280
akamai-grn: 0.87247e68.1644258282.21b16f29
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 113
pinterest-generated-by: coreapp-webapp-prod-0a03d042
content-encoding: gzip
pinterest-version: e879318
referrer-policy: origin
x-pinterest-rid: 1334351313255585
date: Mon, 07 Feb 2022 18:24:42 GMT
akamai-grn: 0.87247e68.1644258282.21b16e0e
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 204 unip Show response
trc-events.taboola.com/1336307/log/3/ 0
243 B 71ms
22ms XHR
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1336307/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=18&ssd=1&est=1644258280481&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1644258282036&vi=1644258280475&ri=c53c2f0dd28ac188a5acc4f15359f37f&ref=https%3A%2F%2Flookandfind.me%2F&cv=20220207-4-RELEASE&item-url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336307/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://helden.de
pragma: no-cache
date: Mon, 07 Feb 2022 18:24:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 runtime~main.f26feaa2.js Show response
js.driftt.com/core/assets/js/ Frame 5595 6 KB
3 KB 39ms
39ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

cac9fd61be078dc8e05b940d298b75e3932894e379c91d3f32cdbab21631a714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:32 GMT
server: nginx
etag: W/"a03fbb3cfc1da322347a12ccc02e9ce9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ReRwy2CcwEXKOvB7bcAecIypYGfzMoCy
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iijg2pQlgce_vLljdctHjX_Q4BDO-FwodtIXG-4LQhrMDoe7gtCgnw==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 58 KB
20 KB 33ms
33ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dI6SGpKUfhNvZeoYLiwJCsSRPRNZVGGVbDxOmqJkzPD8LDc5xgeDDw==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 6 KB
3 KB 35ms
34ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JGrt46dKCuY3t6Hw0kFaBbFwndw1visdEPdDJ1_c4uMNpAB8ut31fw==

GET
H2 200 runtime~main.f26feaa2.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 6 KB
3 KB 34ms
33ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

cac9fd61be078dc8e05b940d298b75e3932894e379c91d3f32cdbab21631a714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:32 GMT
server: nginx
etag: W/"a03fbb3cfc1da322347a12ccc02e9ce9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ReRwy2CcwEXKOvB7bcAecIypYGfzMoCy
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: atknlpaOeooqD_hTN8C1s4RGYvspCZVMInVIWBc-DFtC0TS0fA6WAA==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 58 KB
20 KB 31ms
30ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eRpKdrqX5MDQ7YG4YaQ8HfFiU7zJaL40BmJez62cnclOUlc1_4B2qQ==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 6 KB
3 KB 32ms
32ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ltMc7AKxvT_v5QZRxtfrM0XPlDuv_MKDctsFbqMjSgaCgo0BJKemSQ==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 47 KB
14 KB 26ms
25ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JTymnu-bHsVwlb8eG4RLfbcZVdqrJctc2DnO5OOeyPjKUX3O21RW4A==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 44 KB
13 KB 30ms
29ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mVxNpXTvE75dT3YK9OCrSbeJ5RvFM2H7m8J0HvcxFfJMXyJetnRZZA==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 25 KB
8 KB 28ms
26ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mCIgeiP3b5rWpFgathmS5o-lx0vrCiPPkWH1TRRi7srck3uV2OCYzg==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 16 KB
5 KB 31ms
28ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hNRCnkEniDX-YPR1n6zcjZ41Z4Z4Oav920r8JfzI6IFXFuTT2YrHew==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 72 KB
22 KB 33ms
30ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iNYRjtUF6ex4g3YUi-Yiz-K8WhXbL_dMXAetulxPXDbEtU-3aOwsyQ==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 16 KB
6 KB 35ms
32ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CWzWwjiy272q9paHTZY3OTW9Avxibzz0e2T859tihhnrtemCRFE6MA==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 59 KB
19 KB 38ms
35ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 3604299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oWgHMRZfB6a9GPVRKqXoI8l1VpwBZgHpdGMnm1UkrW20wPwno5yodg==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 91 KB
28 KB 41ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m3Ddu6BxSNdQDrHbOsSv9Z2MQD8gX_x1STSsdrAPctgmDJin5bAsQQ==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 24 KB
7 KB 45ms
42ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m0nQQE7x9JLgJOd6FOFnptMjFZ8e1WJ_38-CDN4G5QfUTMLq6JyEGg==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 62 KB
20 KB 48ms
45ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zP1R9jTPgFdMo4vTmBLUgc78Ey6dNKpuSYAXzIsr0B5bMpEhaeHAZw==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 105 KB
34 KB 52ms
49ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wl_8ZzcotKH9wkDfn3KeyQ0u4lvbFJBQBSZZgcHAmYwSGw-k8hYuFw==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 12 KB
4 KB 58ms
55ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GbRdo1jRWx0hyKvU62KsN-RFIBeSyJ4rECJ7SfgMJYFiU1CaCTJWSQ==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 12 KB
5 KB 58ms
56ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HxsL32FNhhHnwYSOkTCWH5xJJDytLpn3XmEDCBnOE1g9Tq722R-HuA==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 17 KB
7 KB 59ms
57ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -74HhqIKhIjG4XQRrCgO_tSHB5ih0RibR7L6jWILzqfb8kD-7Pe-rw==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 5595 11 KB
3 KB 57ms
56ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _P7bsUzU9Yfv6YWHAwe61JDtAZGgFfdOU331ajStDD562iHiOPrrqA==

GET
H2 200 8.569b6451.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 69 KB
22 KB 59ms
58ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.569b6451.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3e2b8b35f95dc6e667219eda56927ec40ca05c2d770f8651d99e2f36fcf7636e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:31 GMT
server: nginx
etag: W/"d9c555dc91ba54d86a789492654c54de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZiosMTeLkMYCcIfMpUfiRQ84.YEn3A1f
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zLjiC0671eqJb82cPrQKqJ6P6jHli-KMWC4whTxammnyulVSO-aqcg==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 5595 24 B
667 B 58ms
57ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kjvSUtc20xZqzju4H7kpBWgyGIhajxYBulYitmvQg4S1fXDyZfjdMA==

GET
H2 200 15.1d8f5012.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 75 KB
19 KB 63ms
62ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.1d8f5012.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 272500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a10801df313ae6aee5353f1d56ee158d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KAn62QiCijDwsq5BJEU9_1eTMFOTCVrB
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DXfHkWUul7KGXQ4RYb2hyFP6K_U6wKjhMXyORPb6VbLLGOKsNLPbIA==

GET
H2 200 22.947209a2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 47 KB
13 KB 65ms
64ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.947209a2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 272500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"d06d1a64be2b2e5ab91bedd7c4c17717"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k7zUF0pgH6bmYsPK._H98sqTvr7U2rBt
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mPOxW6vxKsWoIYQToUjiRPL52BXPZLuYZZR83YaatUaaEH7R7ZNIfA==

GET
H2 200 13.6a0f2761.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 41 KB
13 KB 66ms
66ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.6a0f2761.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

35c25f6854ce3cfbfb0d6b93ddf1398e02dc7f71a8c878dd487e119143eb0f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"e424c51f822cdc41b84eee08299a4003"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8IzBp30roBajscVA3Ax5apMXOvEqsY4E
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D9YJfgDn7m3yHcmPT8YroEDsmTBmH3WYHkUckqedQdJHTVqz-MlbRA==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 47 KB
14 KB 66ms
64ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qvspd29NRDC46xfe8nrTpNAMSivM-YtkpVJnAT2kLmSnG7gYtup70A==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 44 KB
13 KB 67ms
65ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4o1Q3pEw2YyNyqoWlMh4vkh1jJ7DxVuGgKm6GQpLmIWza4YfC4L1oQ==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 25 KB
8 KB 67ms
65ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gEcvNgX9QFYpAAhPTlfGQpzQVZA04Gh2VeTw2kFoFCCHOuMUq8BmYw==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 16 KB
5 KB 68ms
65ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eXyGHfEGODyRYf-rGrdbHWhQxa3BtbjLr2JRp-92vHGhRZ7QGBU5Ew==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 72 KB
22 KB 68ms
66ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P9I9iT1io7d4BBlBznpvcZ4lbd4fYEPubwabPPdUvcsmATG52ecD2w==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 16 KB
6 KB 69ms
66ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C0d7d8hbP2EMT3_BdAyUqVUlwa9J3zZQjLiTYkNN_IZnPfyair3Nng==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 59 KB
19 KB 69ms
67ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 3604299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aXQecCBoF8Yz8-RIRBkjFDX9IN9rEoaQcXjMvZmbhZrLjYGjrAJGkw==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 91 KB
28 KB 71ms
68ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2jNQCuEqPjeY3Th73Y0F5_BiGWyHn84amsCFKyzVOiYWvL19uqZwvw==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 24 KB
7 KB 72ms
70ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iYDOXirmnyhZIpnyJDnnUALf-xE2NR88H8MXoAmThw96BanifsyxkQ==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 62 KB
20 KB 72ms
70ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ma8m_A6kDIOMXx1F5Fx9sm5uy5F0hIsKkdSaCtly9AXRnRPe-r9-AA==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 105 KB
34 KB 74ms
72ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9_5EgteVN9MBUBuXJWZo3bhWfgbCIyiya1wSUkNyyD1eVvjZufTBbg==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 12 KB
4 KB 75ms
73ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kI7K_IkozFzqAUnj_ET2maRKdKpHQQy63EreA_Sl09b69PFgo8j1Mg==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 12 KB
5 KB 75ms
73ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a9at2Q37S25GPvge-9xERBM6kBfRWl3MSwlMniyCMU_mmHCFnjKxCA==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 17 KB
7 KB 75ms
74ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5xl0N_LYoxyTnXp9ODbifzAkOAP3acgvZRfJyPopo5Sl3z4BlUMjqQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 1F15 11 KB
3 KB 76ms
74ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3oYuZyXTvmdooFa5Q-l0x0v2tw3bSqJm9jM0eZ4cza6_St8OIKW74A==

GET
H2 200 8.569b6451.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 69 KB
22 KB 76ms
75ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.569b6451.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3e2b8b35f95dc6e667219eda56927ec40ca05c2d770f8651d99e2f36fcf7636e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:31 GMT
server: nginx
etag: W/"d9c555dc91ba54d86a789492654c54de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZiosMTeLkMYCcIfMpUfiRQ84.YEn3A1f
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZrTSh4xdAZw7jf9wn-FJKwAxeaAE3mlTaxx_LiIyVqXggLJxZo-BaA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 1F15 24 B
665 B 76ms
74ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
age: 2946661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l3TLoLuzDXwBlij-JdchFB0Ni1AYynihngbCaKHrrEIG7IhVYYo-1A==

GET
H2 200 15.1d8f5012.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 75 KB
19 KB 78ms
77ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.1d8f5012.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 272500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a10801df313ae6aee5353f1d56ee158d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KAn62QiCijDwsq5BJEU9_1eTMFOTCVrB
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CGd6UDF-a71RyhEoZByCPFDXLQfmvkvYyq_FbZHeUfHKEpe9n-WsUw==

GET
H2 200 22.947209a2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 47 KB
13 KB 79ms
78ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.947209a2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 272500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"d06d1a64be2b2e5ab91bedd7c4c17717"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k7zUF0pgH6bmYsPK._H98sqTvr7U2rBt
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sw7htvMNQIHP7T4aErmhMe_7mME5o50I6hL9i9d1cl9E7VmB49R-TA==

GET
H2 200 13.6a0f2761.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 41 KB
13 KB 80ms
79ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.6a0f2761.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

35c25f6854ce3cfbfb0d6b93ddf1398e02dc7f71a8c878dd487e119143eb0f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"e424c51f822cdc41b84eee08299a4003"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8IzBp30roBajscVA3Ax5apMXOvEqsY4E
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LNVGNF9FSOkQBToEfy-15kx9KE_VAofEUhZ0MKLnh_FQh9YnQLt46g==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 9 KB
3 KB 26ms
23ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Bi9LdtucsDZewXM3pslOVpo-IuYFwmI3xQNN07uT_WuGOtxhyYAtzw==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 33 KB
10 KB 30ms
27ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s-qUakIN_wL4oI0JuM8pFophe3Ep62z6jpzdZOX3if2uooOGVbrzNQ==

GET
H2 200 25.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame 5595 8 KB
2 KB 28ms
26ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bxrqjBCKX9ERzz7WjftbPaYdOBk8_KxN
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2AAl6fMbMhwqPQQn1BDPRZZJjWUFoLYqe3mvlX3eEzOurwrElrStNg==

GET
H2 200 25.933762ac.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 12 KB
5 KB 30ms
28ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.933762ac.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

debe1406181017af8e12fcf3f2d1843c02903360e9c246670593ef9f56abcd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:03 GMT
content-encoding: gzip
age: 272499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"c9808105e3831864ebb75c4236638e27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6.p3mLEden9mzpVq1Cu0G1BQjs5mQvtF
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qdKB2pm1_UHyDGeTWIjiKLTq1HnkqS2tShzcbkSWsX_CufhX9SXqKw==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 5595 365 B
1006 B 29ms
27ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V6Je0eCsYNbZC_s_G2bTNMQ7e_-1aGk1MqQb1wRttkGXqweLCZlt9Q==

GET
H2 200 19.bd01f986.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5595 85 KB
23 KB 30ms
28ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.bd01f986.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a76cc7d5636822ab215fab6786e2168f46c1c60df4fa739beff32dfe8e8606e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=578514a6-cf06-47d2-bb33-2465fee24a93&sessionStarted=1644258281.343&campaignRefreshToken=1cb84f61-5b9d-46d0-b760-422d79787026&hideController=false&pageLoadStartTime=1644258279348&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:03 GMT
content-encoding: gzip
age: 272499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a0f7cb9df7dd7c35338c05aea736bb8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GeB3hRqNiyNAekycQsxm7Q5WIJnF3eCL
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OHjAtF1uDxV15cPNip-VhJD0Lxd05Ib5e2poCuv-NHtb1jfvYrQZvQ==

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 15B0 0
4 KB 192ms
192ms Other
text/plain 184.30.24.193

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1405836559499835

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-bcd2af171b5fade33d71f47406e85c18' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9299160995869614; frame-ancestors 'self' , script-src 'nonce-bcd2af171b5fade33d71f47406e85c18' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9299160995869614
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-bcd2af171b5fade33d71f47406e85c18' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9299160995869614; frame-ancestors 'self' , script-src 'nonce-bcd2af171b5fade33d71f47406e85c18' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9299160995869614
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.87247e68.1644258282.21b17037
content-security-policy-report-only: script-src 'nonce-bcd2af171b5fade33d71f47406e85c18' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 70
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 9299160995869614
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: e879318
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 07 Feb 2022 18:24:42 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0393a8

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 15B0 0
4 KB 153ms
153ms Other
text/plain 184.30.24.193

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-0c4f0ef7580ad36fe72726b88bac1761' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7466373043123885; frame-ancestors 'self' , script-src 'nonce-0c4f0ef7580ad36fe72726b88bac1761' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7466373043123885
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-0c4f0ef7580ad36fe72726b88bac1761' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7466373043123885; frame-ancestors 'self' , script-src 'nonce-0c4f0ef7580ad36fe72726b88bac1761' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7466373043123885
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.87247e68.1644258282.21b17039
content-security-policy-report-only: script-src 'nonce-0c4f0ef7580ad36fe72726b88bac1761' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 29
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 7466373043123885
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: e879318
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 07 Feb 2022 18:24:42 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03eebb

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 15B0 0
4 KB 155ms
154ms Other
text/plain 184.30.24.193

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-2574cfaf24d807c5b0e228424a91f45a' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1823471218355202; frame-ancestors 'self' , script-src 'nonce-2574cfaf24d807c5b0e228424a91f45a' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1823471218355202
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-2574cfaf24d807c5b0e228424a91f45a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1823471218355202; frame-ancestors 'self' , script-src 'nonce-2574cfaf24d807c5b0e228424a91f45a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1823471218355202
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.87247e68.1644258282.21b1703b
content-security-policy-report-only: script-src 'nonce-2574cfaf24d807c5b0e228424a91f45a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 28
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1823471218355202
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: e879318
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 07 Feb 2022 18:24:42 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03d7e5

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 1F15 3 KB
1 KB 25ms
24ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d0gMBHT4YClFmeTP2hTZpM2QWcBtQUCrY2F6xVRp4WMot0Nfbt69CA==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 3 KB
2 KB 26ms
26ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:05:36 GMT
content-encoding: gzip
age: 1549146
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 18:53:54 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h0zKVKjolDFFShHgHgH3T_z6naPaSUoIRyqx4OTZnsSNAqN_kDMuUw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 9 KB
3 KB 25ms
24ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 141csH-yhHmk8WiGR7GERv_-8I2dTMVhcn1z_as05wotXkIUK8a7qg==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 1F15 7 KB
2 KB 26ms
25ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xVKIN8YBM2TCjwR5F_N8-d2v2Jm5oE5yb104nRAKheilqc2PHqbJSA==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 54 KB
16 KB 27ms
26ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2946660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KtzPnRuVbDyEtqL97ZeLVa7758qrB0ADpHQnvX9I1zrIYj8fJ9CK7w==

GET
H2 200 1.e250bb71.chunk.css
js.driftt.com/core/assets/css/ Frame 1F15 44 KB
7 KB 26ms
25ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e250bb71.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"2b7f0e5ff08649a2d71db9fdde0609ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U0zOe09_ThzYcAoSvmLbLojXTsJVu6PB
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oPdHXuugzB_kLxo5KMyMF7i9HtrmEgi6x1NoHTL2Syti0F60AGobbQ==

GET
H2 200 1.9aaba8fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 71 KB
24 KB 27ms
26ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.9aaba8fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

93b748021560a4fb851b828224f1c7aa9f8b1b28d6e1b59c2888dc76659d23ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:03 GMT
content-encoding: gzip
age: 272499
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:28 GMT
server: nginx
etag: W/"c6b04c1f5bf3018a03b991cbd719c229"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kCSpqx2r.sn0zCo0LpbCB32nZQ3TEaMz
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vo12-KnE7MWwqAY3LZOKtJZcTCvM5YThXlez1h4WqzewbxXimmVYlw==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 1F15 12 KB
3 KB 26ms
26ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hn7tZNlC2HnMMkMIPp58rfG_G2i8M0IwKPd1YFuT0tAYTdNPt9wSIw==

GET
H2 200 30.f8f90b50.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1F15 12 KB
5 KB 28ms
28ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.f8f90b50.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

7fbdf18ef718f7d92c5c552cf3133223239e5a87b2b17543417c863895fa3ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644258279348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 266982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:30 GMT
server: nginx
etag: W/"403c83255f6ba5c35738df7176146d93"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9aY_CUpc8aGc6DumJu3tfRzHETVUuYEF
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YIpC2UmK-DtdrxWSFZDrpZp-ddwpjO67wakAM-QmXBj-5-DXvOOOKQ==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 5595 25 B
123 B 115ms
115ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Feb 2022 18:24:42 GMT
server: istio-envoy
requestid: da97e6fdb4c030cc
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 332ms
106ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 18:24:42 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftd0cae4a4da1a7f9470da96da133
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 322ms
106ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 18:24:42 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift55d39094620b49ff8b6e3992b2d
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 5595 126 B
220 B 104ms
104ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

2dc1572e1265760dd29d3751371f98026681e0bd04bc8febfa0fcc57fd01241b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Feb 2022 18:24:42 GMT
server: istio-envoy
requestid: e8164fde18f205c7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 126
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 h8eubnf2kys7.json Show response
embeds.driftcdn.com/embeds/ Frame 5595 10 KB
5 KB 108ms
38ms XHR
application/json 13.224.96.31

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/h8eubnf2kys7.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.31 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4edb7297a376ef6d3fdd4750d1d4f58759ff76695c7bd4165631337933227b1

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 18:24:28 GMT
content-encoding: gzip
age: 16
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 07 Feb 2022 17:13:47 GMT
server: AmazonS3
etag: W/"73fbfea5c0e692118c10626f2c92e7e8"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 af287426c130b47dba79bf825f91ebba.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 1M14xlNlc9XMsfzkulpFA7gHwAdbWBmFMeP9Z168gXH6LuDsetmzsw==

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 05:03:30	Name: _GRECAPTCHA Value: 09APj96hQBOKU4ygXlLdjiFh_6KT4vy2vQYLkLLbRlEs4qU8yFW-U4_Rg51iVPOZD8PLNxxtMR5p1K6kAMvAaRfcw
cos4co.com/	1970-01-23 16:20:18	Name: __tad Value: 1644258276.2984909
.1redirb.com/	1970-01-20 09:29:54	Name: __dsnsid Value: 20220208052436028267756e439d626d
clever-redirect.com/	1970-01-20 00:45:44	Name: 59897591b3f2367242f9076576284468 Value: e9cc419a39667c4f93b72c48703ac41af749778ba42db28373ad910811e859e4a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2259897591b3f2367242f9076576284468%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
lookandfind.me/	1970-01-20 00:45:44	Name: 582473f618e5a549486f339ecb063fa0 Value: c7d787a3b325d54119bf90e91f580ac365cd8538e7e68ffe41712ed12e10bcdca%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22582473f618e5a549486f339ecb063fa0%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.awin1.com/	1970-01-20 02:10:42	Name: aw14361 Value: 926315\|0\|0\|1644258278\|4b9ac480efe9155985555c4d9c9fe3a4\|aw\|0
.awin1.com/	1970-01-20 09:29:54	Name: bId Value: HLEX_620163e60163a5.43949556
.helden.de/	1970-01-20 02:10:42	Name: a_ident Value: affnet.14361_1644258278_da0e909e79d02fad4b14da5d40e87d0b
helden.de/	1970-01-20 09:29:54	Name: cookielawinfo-checkbox-necessary Value: yes
helden.de/	1970-01-20 09:29:54	Name: cookielawinfo-checkbox-non-necessary Value: yes
helden.de/	1970-01-20 09:29:54	Name: cookielawinfo-checkbox-advertisement Value: yes
helden.de/	1970-01-20 09:29:54	Name: cookielawinfo-checkbox-analytics Value: yes
helden.de/	1970-01-20 09:29:54	Name: cookielawinfo-checkbox-other Value: yes
helden.de/	1970-01-20 09:29:54	Name: cookielawinfo-checkbox-performance Value: yes
.t.co/	1970-01-20 18:15:30	Name: muc_ads Value: f92110f4-c7ff-46da-a3bf-6a04c556d3ea
.twitter.com/	1970-01-20 18:15:30	Name: personalization_id Value: "v1_c3ozPZiMzR4va5iwJyEqmQ=="
.amazon-adsystem.com/	1970-01-20 06:24:08	Name: ad-id Value: A-P4V8jxhk4dgramXhb2x7Y
.amazon-adsystem.com/	1970-01-21 21:50:03	Name: ad-privacy Value: 0
.helden.de/	1970-01-20 02:53:54	Name: _gcl_au Value: 1.1.982436335.1644258280
.helden.de/	1970-01-20 18:15:30	Name: _ga Value: GA1.2.1786668701.1644258280
.helden.de/	1970-01-20 00:45:44	Name: _gid Value: GA1.2.1599491375.1644258280
.helden.de/	1970-01-20 00:44:18	Name: _gat_gtag_UA_71374404_2 Value: 1
.bing.com/	1970-01-20 10:05:54	Name: MUID Value: 024ED981535D6DCD3E2AC8C5528F6C90
.helden.de/	1970-01-20 02:53:54	Name: _fbp Value: fb.1.1644258280506.1637742900
.helden.de/	1970-01-20 00:45:44	Name: _uetsid Value: 36cb7a60884311eca67e05a9bfe98256
.helden.de/	1970-01-20 10:05:54	Name: _uetvid Value: 36cb9880884311ec816061330132a4cd
.doubleclick.net/	1970-01-20 00:44:19	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 01:27:30	Name: UserMatchHistory Value: AQITJ9zOpLLDBwAAAX7VbkScCcrE-aDqokwypWdUTpsBLy5gExiF-uvoNsWqYwXvdPwfMC9v8kCCzg
.linkedin.com/	1970-01-20 01:27:30	Name: AnalyticsSyncHistory Value: AQJh1Heb4oggzwAAAX7VbkScxbP6tBuA09RpKF6xJXE915WUmgCCfiCcLSK9ze-kyPbaRIXko6EVZKgJEbqtCQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:16:12	Name: bcookie Value: "v=2&5ea7ca0c-1f40-433d-88ba-cae35b70ddb3"
.linkedin.com/	1970-01-20 00:45:44	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2196:u=1:x=1:i=1644258280:t=1644344680:v=2:sig=AQF9tFdn35tzghnbQuu0FmsRctStSQQa"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:16:12	Name: bscookie Value: "v=1&202202071824403d280750-0941-4de1-8def-5047dbfe3e42AQH2gT4djngr2b-zvtK7PsXhF3XxBH2b"
.linkedin.com/	1970-01-20 18:06:58	Name: li_gc Value: MTswOzE2NDQyNTgyODA7MjswMjFOQZe9hZvgiHk1/UwtDAmdduHlI/9V8uXFt2grHzhaDQ==
.helden.de/	1970-01-20 09:29:54	Name: _pin_unauth Value: dWlkPU5XTXdPVE00WmpVdE1EQXlaaTAwTnpoakxUZzFaak10T1RGa01UQTJPRGRtTXpCbA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-a185fb24484190662ebd95548d341ab3' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirb.com
aax-eu.amazon-adsystem.com
ajax.googleapis.com
analytics.twitter.com
bat.bing.com
bootstrap.api.drift.com
c.amazon-adsystem.com
cdn.taboola.com
clever-redirect.com
connect.facebook.net
cos4co.com
ct.pinterest.com
embeds.driftcdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
haftpflichthelden.de
helden.de
images.provenexpert.com
ipapi.co
js.driftt.com
lookandfind.me
metrics.api.drift.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trc-events.taboola.com
trc.taboola.com
w.likebtn.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.pinterest.com
www.pinterest.de
103.224.182.206
103.224.212.220
104.111.239.217
104.244.42.197
104.244.42.3
108.174.10.14
13.224.96.31
13.224.96.5
141.226.228.48
142.250.186.162
143.204.95.188
151.101.129.44
151.101.64.84
157.90.169.168
184.30.24.193
199.232.136.157
2606:4700:10::6816:4d41
2606:4700:20::681a:92c
2606:4700:20::681a:b29
2606:4700:20::ac43:48bf
2620:1ec:21::14
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:400c:c08::9a
2a02:26f0:6c00:293::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:5f80:a::b212:e7c8
34.102.224.29
50.16.7.188
52.94.223.37
54.147.21.139
78.46.197.88
01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f
024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d
050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
096fd1f8218ce1969b5f08643cdfdb26396495e3ab1a3d60410ba18c3bd4f418
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa
20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6
222faffba8feef921489b8a8e8bee90148eabf5dc40aa82ee8a7b377543256ae
22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008
22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2
26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f
26e2b6480c7741fb5ce74f7924a8ee486e9aea6c8a797df6a6739af800146f11
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dc1572e1265760dd29d3751371f98026681e0bd04bc8febfa0fcc57fd01241b
2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e
32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a
341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5
34b75edcde311da386af1f591724dd1ed3df272ee891957b58392876c131ffc4
35c25f6854ce3cfbfb0d6b93ddf1398e02dc7f71a8c878dd487e119143eb0f2b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705
39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf
39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9
3a6197e8d2522b6655650164210d9362624685371febfde3e5fe770641434813
3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c
3c430c6bbf28dcc0eb84b18a6647b8feab76de0a77a6975cb71b9b5f4cdf3731
3e2b8b35f95dc6e667219eda56927ec40ca05c2d770f8651d99e2f36fcf7636e
3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21
3f1dc6e238cf6475a737168708dc6f31b508ed75160447a27a57f021906e5a70
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec
47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a
48a2156abaed07fa73ed289ca1e45a818cdf7ca5d8aa6e6d31b64b2bf3850753
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
499f5d894e680015c299c3707e38a9b65074b888ed8e8380854a782a71c4ebd2
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389
536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c
5b6b7e77088d6752ddae7064e92151329ed0b137977140c7c866de38a7f84ff8
5ba9bb26b083f8a712458b673f21ba8d2803ec04e8dc37d19ae286bfb6c60943
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5dc6b9f591f8a9a592258150d30296b9a224ee2d938cecc5e8ba347535e360dd
5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8
61492c8f237d7e8c9eb6f79db84a7f183ba4f2e6495f0d27f4b5b03e37728410
61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581
62d1623a0d8c0a16032dff0dc03a21ec8e519abac55ccbc8a505603743878f9c
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
65532969f8fa7c98137e3b88cdab9b8a779d065999cab303c12f0be8ad96916f
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
6928cc4d50cb193b1c5d09343ecae72c20af5da0483e28b7c48a4c77e0f6d3c3
6a963fc406ef4b119ff883573841d143c2f1ca8b5c28d167420421341f079251
6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8
6c3739bf38a85743e9e259f58619bae5a1c329c8ad724e89a83c8e59d0cefdfe
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
708ee79f31c11e3bbb964355009869a3f6660ca1d493eb272ee5ddb28c11f717
708f01c4db9368fc9981977c3279ce9690636f0194ed6c644a80a5893a51359c
70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1
73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a
7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6
798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5
7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169
7b5be6ebb41014150c80429c8da4aabd3f0158b6b77665094da66d85c5e4cb66
7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7
7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed
7edee88862109a0b709cb1801cccd10f6460971dbb1afc945abb81c17bfca85e
7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6
7fbdf18ef718f7d92c5c552cf3133223239e5a87b2b17543417c863895fa3ebc
8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
868bcdb99cda6699411f2a3852092f35680dde0511300a69bf06fa20327bf150
882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41
89b958011680839e6ed18a1edfd66a300e1442100fd1c24ed5bf5eee2ffa1723
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e
8d8c6759085dc699997e6bf474e98c7fff7a68e0b4c318c93d14965a019f9089
8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303
8f23ac7f053220566f81e8a71274ba876a87ee0fc55d92e078eb9448e2856242
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b
9305f3b0672b605b354afcf31517a00b78f1c04120066f599e4bc1fa28f3bc76
93b748021560a4fb851b828224f1c7aa9f8b1b28d6e1b59c2888dc76659d23ce
93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a
94a557a859947873e7666784eb5bf93699ea204d842365c5fe00264274bb8357
95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b
96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644
9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df
9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1
9cbfe64eec1cd97e6b40c7df10021f707d564f508b9571d7207debebec1bae7d
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9dfd1e30ec1915dfbcf0020116661f5a912b7181b1e2eaffabbfe4ab575db2fa
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
a0fa40176cf7621f894c7645f6162825006cee47b52776058cc2fa7f3b7bcae2
a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d
a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a
a55eb96ad9952ebf2d6e42d4f44565d00ebe4a6ea1171e4d4dcaa6a653081c9d
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a76cc7d5636822ab215fab6786e2168f46c1c60df4fa739beff32dfe8e8606e8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7
b0dd566a5709cf4b3c46b8f38d85fa6879b3ecf0ff669b385df1cf2d3dcd43c3
b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c
b244c7cb0ef9b67c21bf245fa48296451725e8a0bebe450e447f64a06543c6d4
b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151
b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f
b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d
bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4582e8ede874b8d645c892eab6a7bde2f253baf85efae1103bd3114cecd0c17
c45b6965ae8195c7f9d29e21381965e6ab1e0eae8d64714a2f36faea46743354
c4edb7297a376ef6d3fdd4750d1d4f58759ff76695c7bd4165631337933227b1
c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6
c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92
c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b
cac9fd61be078dc8e05b940d298b75e3932894e379c91d3f32cdbab21631a714
d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d3d6136497ce496da1e91c8708fc5f6277726188985a70884530407fff5986f7
d49ea099481e01f6c80d0098144b28710ed7e27ffadee7cdac797ed87ef5740b
d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a
db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165
dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debe1406181017af8e12fcf3f2d1843c02903360e9c246670593ef9f56abcd35
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c
e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533
f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193
fe483d8d42eca2d0d06c46db57295722c6a31a0ca259153345c57954a67ab61a
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

helden.de Open in urlscan Pro 2606:4700:10::6816:4d41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

97 %HTTPS

50 %IPv6

34 Domains

44 Subdomains

37 IPs

6 Countries

3225 kBTransfer

7903 kBSize

36 Cookies

13 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helden.de Open in urlscan Pro
2606:4700:10::6816:4d41 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

97 %
HTTPS

50 %
IPv6

34
Domains

44
Subdomains

37
IPs

6
Countries

3225 kB
Transfer

7903 kB
Size

36
Cookies

226 HTTP transactions
1 data transactions