www.18uhr40.de Open in urlscan Pro
212.162.13.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Submission: On July 04 via api (July 4th 2020, 6:48:35 am UTC) from US

Summary HTTP 62 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 62 HTTP transactions. The main IP is 212.162.13.166, located in Germany and belongs to PLUSSERVER-ASN1, DE. The main domain is www.18uhr40.de.

This is the only time www.18uhr40.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	212.162.13.166 212.162.13.166	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
11	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
3	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
4	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
2	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
62	14

18 212.162.13.166 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: d166.x-mailer.de

www.18uhr40.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	18uhr40.de www.18uhr40.de	65 KB
13	wp.com c0.wp.com stats.wp.com pixel.wp.com	82 KB
6	doubleclick.net googleads.g.doubleclick.net
6	gstatic.com fonts.gstatic.com www.gstatic.com	200 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	136 KB
4	w.org s.w.org	2 KB
4	google.com www.google.com adservice.google.com	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	amung.us whos.amung.us	212 B
1	google.de adservice.google.de	887 B
1	waust.at waust.at	7 KB
1	googleapis.com fonts.googleapis.com	2 KB
62	12

	Domain	Requested by
18	www.18uhr40.de	www.18uhr40.de
11	c0.wp.com	www.18uhr40.de
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	fonts.gstatic.com	www.18uhr40.de
4	s.w.org	www.18uhr40.de
4	pagead2.googlesyndication.com	www.18uhr40.de pagead2.googlesyndication.com
3	www.google.com	www.18uhr40.de www.gstatic.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	www.18uhr40.de
1	whos.amung.us	waust.at
1	www.gstatic.com	www.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	stats.wp.com	www.18uhr40.de
1	waust.at	www.18uhr40.de
1	fonts.googleapis.com	www.18uhr40.de
62	17

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
www.ranking-hits.de
www.facebook.com
twitter.com
ct.de
www.thefroehlings.de
de.wordpress.org

Subject Issuer	Validity	Valid
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
18uhr40.de Let's Encrypt Authority X3	`2020-06-16` - `2020-09-14`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Frame ID: 594B5171535BBB8BC22142A7C53998F5
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html
Frame ID: 00C0308E1F544E49FED18AA56C4202E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&adk=1812271804&adf=3025194257&lmt=1593845281&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593845281841&bpp=17&bdt=324&idt=125&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2459571717947&frm=20&pv=2&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=12139902218444&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=147
Frame ID: 1324334B521D74E1F57EB0F1F62B17F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=600&slotname=4466619137&adk=1632686869&adf=769656191&w=120&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281858&bpp=6&bdt=341&idt=141&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=181&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=eV2632tzBQ&p=http%3A//www.18uhr40.de&dtd=147
Frame ID: 96BEFDE57E067F3C57D6576E49C4F5D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=2120401412&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281864&bpp=1&bdt=347&idt=157&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AjzRSMdu6W&p=http%3A//www.18uhr40.de&dtd=161
Frame ID: 9F6E2BDA4C75AE622ECECF9CEED3D58E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=3723755851&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281865&bpp=1&bdt=348&idt=164&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=2757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tXYKeBqE8G&p=http%3A//www.18uhr40.de&dtd=167
Frame ID: 1FD3C5553DF694F0085FA35EF98C1A3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=280&adk=363429464&adf=4092320266&w=413&fwrn=4&fwrnh=100&lmt=1593845282&rafmt=1&to=qs&pwprc=4681199406&psa=0&guci=1.2.0.0.2.2.0.0&format=413x280&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593845282091&bpp=2&bdt=574&idt=3&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=99&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=R5FRbUapoj&p=http%3A//www.18uhr40.de&dtd=16
Frame ID: 090F598BA8EB16405A15603CCFA7EAE5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&co=aHR0cDovL3d3dy4xOHVocjQwLmRlOjgw&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&theme=light&size=normal&cb=rexzk6f0uonf
Frame ID: F2644731232BBFF6FBFC6AEEA11F4EFE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A3308DC1F72F98A1061172DFFC2DF054
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&cb=hl40by8bkauk
Frame ID: E0A2954DB78798D5D1E39FDC27BC86D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

62
Requests

66 %
HTTPS

54 %
IPv6

12
Domains

17
Subdomains

14
IPs

2
Countries

538 kB
Transfer

1451 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/vm97j7xfgp/
Title: 2

Search URL Search Domain Scan URL

URL: https://www.ranking-hits.de/
Title: <img src="https://www.ranking-hits.de/?ref=www.18uhr40.de&style=30" alt="" border="0" />

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2F
Title: teilen

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2F&text=1758.%20Auf%20Wiedersehen%20%2829.03.2020%29
Title: twittern

Search URL Search Domain Scan URL

URL: http://ct.de/-2467514

Search URL Search Domain Scan URL

URL: http://www.thefroehlings.de/
Title: Lothar Fröhling

Search URL Search Domain Scan URL

URL: https://de.wordpress.org/
Title: Stolz präsentiert von WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/ 96 KB
21 KB 3548ms
3502ms Document
text/html 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PHP/7.2.31 PleskLin
Resource Hash: cdc01414d5a4d4a0ca5de3b694d53195cfff9bff8f3f9743bb648d91dfc3da3b

Request headers

Host: www.18uhr40.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.31 PleskLin
Link: <https://www.18uhr40.de/wp-json/>; rel="https://api.w.org/", <https://wp.me/paJvJJ-FJ>; rel=shortlink
X-Cache-Status: BYPASS
Content-Encoding: gzip

GET
H2 200 twentyfifteen.css
c0.wp.com/p/jetpack/8.6.1/modules/theme-tools/compat/ 14 KB
2 KB 101ms
31ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.6.1/modules/theme-tools/compat/twentyfifteen.css

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ace0dcf3d57835d61f2ef1647b238cc34f4054c6866d3e33f381b35776d8b484

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Wed, 31 Oct 2018 13:13:30 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/ 52 KB
7 KB 101ms
31ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Fri, 24 Apr 2020 15:32:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H2 200 theme.min.css
c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/ 2 KB
610 B 102ms
32ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/theme.min.css

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Thu, 06 Feb 2020 21:03:31 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H/1.1 200
OK front.css
www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/css/ 7 KB
2 KB 130ms
113ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/css/front.css?ver=1.0.9
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: fbdc61a0f42e55675a2c5a2e7bdcd9d98fd12679430bb4510108cd13f0045592

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5c741965-1b93"
Last-Modified: Mon, 25 Feb 2019 16:35:49 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK aalb_basics.css
www.18uhr40.de/wp-content/plugins/amazon-associates-link-builder/css/ 3 KB
1 KB 83ms
64ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/amazon-associates-link-builder/css/aalb_basics.css?ver=1.9.3
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: e7be98b44cfeff4fe548e4ce712fac1e09fd299e0dbae9feeec35bf2f43b86f2

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5d485b25-aa3"
Last-Modified: Mon, 05 Aug 2019 16:36:53 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
www.18uhr40.de/wp-content/themes/twentyfifteen/ 103 KB
16 KB 82ms
63ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/themes/twentyfifteen/style.css?ver=5.4.2
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: da8cafcbba85d85c43b8aee06bb89a4a085f733ff846c0ff173a9e91c9d8e768

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5e852ee6-19aed"
Last-Modified: Thu, 02 Apr 2020 00:16:38 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style.css
www.18uhr40.de/wp-content/themes/twentyfifteen-child/ 2 KB
1005 B 83ms
63ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/themes/twentyfifteen-child/style.css?ver=1.0.0
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 488f0b82e203c077cf415681413762c58e1499f6e6cb7ced318ede0b90de4be2

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5c0ab47c-8ba"
Last-Modified: Fri, 07 Dec 2018 17:57:16 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 30ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2b46270130afb036718f66a9bee9afb4a024573e278227aeafcf9f2137ff2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Origin: http://www.18uhr40.de

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jul 2020 06:48:01 GMT
server: ESF
date: Sat, 04 Jul 2020 06:48:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jul 2020 06:48:01 GMT

GET
H2 200 genericons.css
c0.wp.com/p/jetpack/8.6.1/_inc/genericons/genericons/ 28 KB
16 KB 100ms
31ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.6.1/_inc/genericons/genericons/genericons.css

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Wed, 13 Jan 2016 23:09:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H/1.1 200
OK style.css
www.18uhr40.de/wp-content/themes/twentyfifteen-child/ 2 KB
1005 B 80ms
61ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/themes/twentyfifteen-child/style.css?ver=20190507
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 488f0b82e203c077cf415681413762c58e1499f6e6cb7ced318ede0b90de4be2

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5c0ab47c-8ba"
Last-Modified: Fri, 07 Dec 2018 17:57:16 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK blocks.css
www.18uhr40.de/wp-content/themes/twentyfifteen/css/ 12 KB
3 KB 83ms
64ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/themes/twentyfifteen/css/blocks.css?ver=20190102
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: cb08b0ac26a69ae4d39259f8031337f81d943222432f08163cb5bdf2fec8b6c7

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5e852ee6-31a5"
Last-Modified: Thu, 02 Apr 2020 00:16:38 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK app.css
www.18uhr40.de/wp-content/plugins/simple-lightbox/client/css/ 232 B
537 B 129ms
48ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
ETag: "e8-5a078a8d18874"
Last-Modified: Tue, 10 Mar 2020 04:36:12 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Content-Type: text/css
X-Accel-Version: 0.01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 232

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/8.6.1/css/ 73 KB
12 KB 100ms
31ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.6.1/css/jetpack.css

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7002bd7e9131ec2b5d12c24a2cc181f046f5237addf358a93921055d3eda73a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Mon, 01 Jun 2020 14:24:36 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H2 200 jquery.js Show response
c0.wp.com/c/5.4.2/wp-includes/js/jquery/ 95 KB
32 KB 101ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery.js

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.4.2/wp-includes/js/jquery/ 10 KB
4 KB 101ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 113 KB
41 KB 28ms
20ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c6109a06b9f3d756c9b8cb88c996c581c26522dcb96b91062c55100ad803d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4975968547677784669
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 41316
X-XSS-Protection: 0
Expires: Sat, 04 Jul 2020 06:48:01 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
7 KB 68ms
48ms Script
application/x-javascript 185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: 21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Jun 2020 19:57:35 GMT
ETag: W/"5ee6812f-32f2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, private
Connection: keep-alive
Expires: Sun, 05 Jul 2020 06:48:01 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.18uhr40.de/wp-includes/js/ 14 KB
5 KB 44ms
43ms Script
application/javascript 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5e83e0e8-364d"
Last-Modified: Wed, 01 Apr 2020 00:31:36 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK gwolle-gb-frontend.css
www.18uhr40.de/wp-content/plugins/gwolle-gb/frontend/css/ 9 KB
3 KB 102ms
44ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/gwolle-gb/frontend/css/gwolle-gb-frontend.css?ver=4.0.4
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 036730cf6e2d7aecff496d853fa087aa480ab64cc7fb7dcf6cdefff16a7d8d4e

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5eef8cf7-23bf"
Last-Modified: Sun, 21 Jun 2020 16:38:15 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK shariff.min.css
www.18uhr40.de/wp-content/plugins/shariff/css/ 7 KB
2 KB 103ms
46ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/shariff/css/shariff.min.css?ver=4.6.5
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 0cdaa2c316f414a77bcc5a930e9dcd7668619faac80d6a424a35c8a81d29d1fb

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5e7cd9f9-1d97"
Last-Modified: Thu, 26 Mar 2020 16:36:09 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK gglcptch.css
www.18uhr40.de/wp-content/plugins/google-captcha/css/ 570 B
659 B 142ms
85ms Stylesheet
text/css 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.57
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 66bbde50f5b496cac67b3abd8f6b4bedde581687669189d57e54f51b6e0c0a2b

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"23a-5a7089f329565"
Last-Modified: Mon, 01 Jun 2020 16:52:36 GMT
X-Accel-Version: 0.01
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/8.6.1/_inc/build/photon/ 758 B
422 B 74ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.6.1/_inc/build/photon/photon.min.js

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H/1.1 200
OK front.js Show response
www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/js/ 6 KB
2 KB 123ms
47ms Script
application/javascript 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/js/front.js?ver=1593845278
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: e9d8fc5c8868db91a73323c320c2bb72188b0909c722e0a54e818fc1baf1d2b0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5c741965-1664"
Last-Modified: Mon, 25 Feb 2019 16:35:49 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
www.18uhr40.de/wp-content/themes/twentyfifteen/js/ 727 B
811 B 148ms
44ms Script
application/javascript 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/themes/twentyfifteen/js/skip-link-focus-fix.js?ver=20141028
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: c99b9b0e6f18e2095f1552d926fbb566e5cd18b3867672d84689ca97a69b9479

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"2d7-5a243b6ddee92"
Last-Modified: Thu, 02 Apr 2020 00:16:38 GMT
X-Accel-Version: 0.01
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.4.2/wp-includes/js/ 2 KB
1 KB 119ms
78ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/js/comment-reply.min.js

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Mon, 11 Nov 2019 11:51:03 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H/1.1 200
OK functions.js Show response
www.18uhr40.de/wp-content/themes/twentyfifteen/js/ 4 KB
2 KB 152ms
48ms Script
application/javascript 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/themes/twentyfifteen/js/functions.js?ver=20171218
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 587d7750baeff5b5d892d66142339d1af1f890567f57e9a28181503976cf19b2

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5e852ee6-117e"
Last-Modified: Thu, 02 Apr 2020 00:16:38 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 lazy-images.min.js Show response
c0.wp.com/p/jetpack/8.6.1/_inc/build/lazy-images/js/ 9 KB
3 KB 119ms
79ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.6.1/_inc/build/lazy-images/js/lazy-images.min.js

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a23dec87ea93f923ebe233e63f7c43d1a130ccf1578d97ea758157aae6d108e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.4.2/wp-includes/js/ 1 KB
721 B 119ms
79ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/js/wp-embed.min.js

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sun, 04 Jul 2021 06:48:01 GMT

GET
H/1.1 200
OK shariff.min.js Show response
www.18uhr40.de/wp-content/plugins/shariff/js/ 2 KB
1 KB 148ms
44ms Script
application/javascript 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/shariff/js/shariff.min.js?ver=4.6.5
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 8fc8462e119878e4b0e95460b6ae9eaf06151aecb5b9ca663bc775fca818cdf5

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5e7cd9f9-63c"
Last-Modified: Thu, 26 Mar 2020 16:36:09 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 676 B
539 B 16ms
15ms Script
text/javascript 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&ver=1.57

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad237fb737d307f25e314306d8ef8ebddb21d9e56b8521ca9eb89f52883f3bca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 447
x-xss-protection: 1; mode=block
expires: Sat, 04 Jul 2020 06:48:01 GMT

GET
H/1.1 200
OK script.js Show response
www.18uhr40.de/wp-content/plugins/google-captcha/js/ 9 KB
3 KB 151ms
47ms Script
application/javascript 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.18uhr40.de/wp-content/plugins/google-captcha/js/script.js?ver=1.57
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: d166.x-mailer.de
Software: nginx / PleskLin
Resource Hash: 71c9fd6fe534dea411ba11d42c30502a1006ea148c7bf73568e77e4b37003dff

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding: gzip
ETag: W/"5ed53254-231e"
Last-Modified: Mon, 01 Jun 2020 16:52:36 GMT
Server: nginx
X-Powered-By: PleskLin
X-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 e-202027.js Show response
stats.wp.com/ 9 KB
3 KB 93ms
30ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202027.js
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Mon, 28 Jun 2021 03:03:48 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v9/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v9/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin: http://www.18uhr40.de

Response headers

date: Wed, 10 Jun 2020 18:17:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:44 GMT
server: sffe
age: 2032249
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10116
x-xss-protection: 0
expires: Thu, 10 Jun 2021 18:17:12 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
fonts.gstatic.com/s/notoserif/v8/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v8/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin: http://www.18uhr40.de

Response headers

date: Wed, 10 Jun 2020 18:16:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:21 GMT
server: sffe
age: 2032269
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13192
x-xss-protection: 0
expires: Thu, 10 Jun 2021 18:16:52 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
fonts.gstatic.com/s/notoserif/v8/ 13 KB
13 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v8/ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin: http://www.18uhr40.de

Response headers

date: Wed, 10 Jun 2020 22:14:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:18 GMT
server: sffe
age: 2018014
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13660
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:14:27 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v9/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v9/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin: http://www.18uhr40.de

Response headers

date: Wed, 10 Jun 2020 04:27:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:41 GMT
server: sffe
age: 2082046
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
expires: Thu, 10 Jun 2021 04:27:15 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: http://www.18uhr40.de

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 share_counts Show response
www.18uhr40.de/wp-json/shariff/v1/ 111 B
604 B 1384ms
1319ms XHR
application/json 212.162.13.166
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.18uhr40.de/wp-json/shariff/v1/share_counts?url=https%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2F&services=facebook%7Ctwitter&timestamp=1582141596

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/wp-content/plugins/shariff/js/shariff.min.js?ver=4.6.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

d166.x-mailer.de

Software

nginx / PHP/7.2.31, PleskLin

Resource Hash

23d3e408068f10dadb2df294ea46ad822ad43e90f2daf3deba6b06fb39ce313d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 06:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: PHP/7.2.31, PleskLin
x-cache-status: BYPASS
status: 200
access-control-allow-headers: Authorization, Content-Type
allow: GET
server: nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://www.18uhr40.de
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
access-control-allow-credentials: true
x-robots-tag: noindex
link: <https://www.18uhr40.de/wp-json/>; rel="https://api.w.org/"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
887 B 27ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.18uhr40.de

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
887 B 28ms
16ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.18uhr40.de

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/ 218 KB
83 KB 38ms
27ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8140bf7ea45bfdc0f29a695bd93fc79c9388e63ddef0b5e5784e7faaf361c4a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83971
x-xss-protection: 0
server: cafe
etag: 9757296405404450426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jul 2020 06:48:01 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/ Frame 00C0 0
0 7ms
6ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200624/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 25 Jun 2020 04:47:33 GMT
expires: Thu, 09 Jul 2020 04:47:33 GMT
content-type: text/html; charset=UTF-8
etag: 4448614309292777386
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 784828
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1f609.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 1 KB
853 B 94ms
31ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f609.svg

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f642.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 525 B
347 B 94ms
31ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f642.svg

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f644.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 744 B
394 B 94ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f644.svg

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

4b8b6a46e16fcee41fa308ae59d18df5c0d74ed7dcc65661fabe17770a743155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 04 Jul 2020 06:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2764.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 368 B
430 B 94ms
31ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/2764.svg

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 04 Jul 2020 06:48:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 368
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/ 323 KB
127 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=1.57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 16:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Jun 2020 20:56:25 GMT
server: sffe
age: 914907
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129939
x-xss-protection: 0
expires: Wed, 23 Jun 2021 16:39:34 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 28 B
212 B 257ms
237ms Script
text/javascript 67.202.94.93
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=vm97j7xfgp&t=1758.%20Auf%20Wiedersehen%20(29.03.2020)%20-%2018Uhr40.de&c=d&y=&a=0&r=1168
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 39ab8d326bd65b3c366179aed2ae8392fc502eca7302c436d78aad7509de18aa

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 06:48:02 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
215 B 61ms
42ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.1&blog=158610119&post=2587&tz=2&srv=www.18uhr40.de&host=www.18uhr40.de&ref=&fcp=3767&rand=0.887345297835304
Requested by: Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 06:48:01 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1324 0
0 54ms
54ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&adk=1812271804&adf=3025194257&lmt=1593845281&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593845281841&bpp=17&bdt=324&idt=125&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2459571717947&frm=20&pv=2&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=12139902218444&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=147

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3806852959664410&output=html&adk=1812271804&adf=3025194257&lmt=1593845281&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593845281841&bpp=17&bdt=324&idt=125&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2459571717947&frm=20&pv=2&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=12139902218444&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=147
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Jul 2020 06:48:02 GMT
server: cafe
content-length: 786
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Jul 2020 06:48:02 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eb2a67b402b9d8fb0035220fb9a9221bf0cb27d1f57ae0ffd21246d93a6b03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 06:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1593663588964027"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
expires: Sat, 04 Jul 2020 06:48:02 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 96BE 0
0 54ms
54ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=600&slotname=4466619137&adk=1632686869&adf=769656191&w=120&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281858&bpp=6&bdt=341&idt=141&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=181&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=eV2632tzBQ&p=http%3A//www.18uhr40.de&dtd=147

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3806852959664410&output=html&h=600&slotname=4466619137&adk=1632686869&adf=769656191&w=120&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281858&bpp=6&bdt=341&idt=141&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=181&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=eV2632tzBQ&p=http%3A//www.18uhr40.de&dtd=147
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Jul 2020 06:48:02 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Jul 2020 06:48:02 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9F6E 0
0 51ms
51ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=2120401412&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281864&bpp=1&bdt=347&idt=157&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AjzRSMdu6W&p=http%3A//www.18uhr40.de&dtd=161

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=2120401412&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281864&bpp=1&bdt=347&idt=157&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AjzRSMdu6W&p=http%3A//www.18uhr40.de&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Jul 2020 06:48:02 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Jul 2020 06:48:02 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1FD3 0
0 52ms
52ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=3723755851&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281865&bpp=1&bdt=348&idt=164&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=2757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tXYKeBqE8G&p=http%3A//www.18uhr40.de&dtd=167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=3723755851&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281865&bpp=1&bdt=348&idt=164&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=2757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tXYKeBqE8G&p=http%3A//www.18uhr40.de&dtd=167
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Jul 2020 06:48:02 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Jul 2020 06:48:02 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 090F 0
0 92ms
92ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=280&adk=363429464&adf=4092320266&w=413&fwrn=4&fwrnh=100&lmt=1593845282&rafmt=1&to=qs&pwprc=4681199406&psa=0&guci=1.2.0.0.2.2.0.0&format=413x280&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593845282091&bpp=2&bdt=574&idt=3&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=99&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=R5FRbUapoj&p=http%3A//www.18uhr40.de&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3806852959664410&output=html&h=280&adk=363429464&adf=4092320266&w=413&fwrn=4&fwrnh=100&lmt=1593845282&rafmt=1&to=qs&pwprc=4681199406&psa=0&guci=1.2.0.0.2.2.0.0&format=413x280&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593845282091&bpp=2&bdt=574&idt=3&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=99&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=R5FRbUapoj&p=http%3A//www.18uhr40.de&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Jul 2020 06:48:02 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUmGElYrmSEijCAlViGDurrGmyIDR7JU3ECbukKpkveeyKNY1kPNm23mJWRt; expires=Thu, 29-Jul-2021 06:48:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Jul 2020 06:48:02 GMT
cache-control: private

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15IDhunA.woff2
fonts.gstatic.com/s/inconsolata/v20/ 26 KB
26 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v20/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15IDhunA.woff2

Requested by

Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

445c886f22d6c060ae057ce49f78941f138450a3a098c45941ea2013e0e66769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin: http://www.18uhr40.de

Response headers

date: Fri, 26 Jun 2020 05:42:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:22:19 GMT
server: sffe
age: 695106
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26568
x-xss-protection: 0
expires: Sat, 26 Jun 2021 05:42:56 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame F264 0
0 26ms
26ms Document
text/html 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&co=aHR0cDovL3d3dy4xOHVocjQwLmRlOjgw&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&theme=light&size=normal&cb=rexzk6f0uonf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hgUIrt0poHtqNoFWMtlv0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&co=aHR0cDovL3d3dy4xOHVocjQwLmRlOjgw&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&theme=light&size=normal&cb=rexzk6f0uonf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Jul 2020 06:48:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-hgUIrt0poHtqNoFWMtlv0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10564
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 29ms
17ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200624&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6faecad840a30e73fe776175c92ef1b9cc63498420b63e606dffd3c94d43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jul 2020 06:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5630
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 51ms
39ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 06:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sat, 04 Jul 2020 06:48:02 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A330 0
0 6ms
6ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 04 Jul 2020 03:31:18 GMT
expires: Sun, 04 Jul 2021 03:31:18 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11804
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 15ms
14ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200624&jk=3721037350081123&bg=!MTKlMipY6l9D1s684ecCAAAAV1IAAAANmQF-0uH9d1L-At308nQb_YZ-x3zQb19Slq5fYc91ZH8nldCljZpu0_0uvNABRsW3PuDQZdKKR99R09yGnMfrTEQ8SFb6n0UFJcp8P8c-MxojRH7QgZ6m_oic50skDwsMalupNHj_OCNqSm0J8IF7hb86wvL7V6pmqE0E2PBf7j8WoZyXLCZpsz4bC2AyUEZ5dHtE3lzHQMwhBfpGOqQNtCPpCeY5q8X0xulY3K3UL0FDbj8mHKXY6usIzIxxpeH2fchtxFXE0X61OZTX5YxH-fUZqhvCtaFsxfTRr0SUK67Eo18siKw_gJ9KopFcb36s7jIrii4sgtshmPCkebIgDEb3qXpZYua0FmBiAUfg2EYpymujYGc2-H779FCJYFvkxxwqgwfVjnKmWNfHoPw0-Zf4boF7IHvMQlK6jwWGFQsmRqnIOSmHQN9Amu67nXekH_vQcS0L8aG2o6DJJlxI7LgT3tgZkjjvI87pVjZ7E7Y_JoTxnhiXbGkEdcdPuA0RDg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jul 2020 06:48:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame E0A2 0
0 23ms
22ms Document
text/html 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&cb=hl40by8bkauk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rxfW3Ralce//XYPqLUYplQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&cb=hl40by8bkauk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Jul 2020 06:48:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-rxfW3Ralce//XYPqLUYplQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1176
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 20:05:41	Name: IDE Value: AHWqTUmGElYrmSEijCAlViGDurrGmyIDR7JU3ECbukKpkveeyKNY1kPNm23mJWRt

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c0.wp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
s.w.org
stats.wp.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.18uhr40.de
www.google.com
www.googletagservices.com
www.gstatic.com
185.225.208.133
192.0.76.3
192.0.77.37
192.0.77.48
212.162.13.166
2a00:1450:4001:801::200a
2a00:1450:4001:815::2001
2a00:1450:4001:815::2003
2a00:1450:4001:816::2002
2a00:1450:4001:818::2004
2a00:1450:4001:819::2003
2a00:1450:4001:825::2002
67.202.94.93
036730cf6e2d7aecff496d853fa087aa480ab64cc7fb7dcf6cdefff16a7d8d4e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0c6109a06b9f3d756c9b8cb88c996c581c26522dcb96b91062c55100ad803d51
0cdaa2c316f414a77bcc5a930e9dcd7668619faac80d6a424a35c8a81d29d1fb
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1eb2a67b402b9d8fb0035220fb9a9221bf0cb27d1f57ae0ffd21246d93a6b03f
21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a
23d3e408068f10dadb2df294ea46ad822ad43e90f2daf3deba6b06fb39ce313d
2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f
39ab8d326bd65b3c366179aed2ae8392fc502eca7302c436d78aad7509de18aa
445c886f22d6c060ae057ce49f78941f138450a3a098c45941ea2013e0e66769
488f0b82e203c077cf415681413762c58e1499f6e6cb7ced318ede0b90de4be2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8b6a46e16fcee41fa308ae59d18df5c0d74ed7dcc65661fabe17770a743155
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
587d7750baeff5b5d892d66142339d1af1f890567f57e9a28181503976cf19b2
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
66bbde50f5b496cac67b3abd8f6b4bedde581687669189d57e54f51b6e0c0a2b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
6faecad840a30e73fe776175c92ef1b9cc63498420b63e606dffd3c94d43454b
7002bd7e9131ec2b5d12c24a2cc181f046f5237addf358a93921055d3eda73a9
71c9fd6fe534dea411ba11d42c30502a1006ea148c7bf73568e77e4b37003dff
8140bf7ea45bfdc0f29a695bd93fc79c9388e63ddef0b5e5784e7faaf361c4a0
8fc8462e119878e4b0e95460b6ae9eaf06151aecb5b9ca663bc775fca818cdf5
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
a23dec87ea93f923ebe233e63f7c43d1a130ccf1578d97ea758157aae6d108e3
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
ace0dcf3d57835d61f2ef1647b238cc34f4054c6866d3e33f381b35776d8b484
ad237fb737d307f25e314306d8ef8ebddb21d9e56b8521ca9eb89f52883f3bca
b2b46270130afb036718f66a9bee9afb4a024573e278227aeafcf9f2137ff2fb
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a
c99b9b0e6f18e2095f1552d926fbb566e5cd18b3867672d84689ca97a69b9479
cb08b0ac26a69ae4d39259f8031337f81d943222432f08163cb5bdf2fec8b6c7
cdc01414d5a4d4a0ca5de3b694d53195cfff9bff8f3f9743bb648d91dfc3da3b
da8cafcbba85d85c43b8aee06bb89a4a085f733ff846c0ff173a9e91c9d8e768
ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
e7be98b44cfeff4fe548e4ce712fac1e09fd299e0dbae9feeec35bf2f43b86f2
e9d8fc5c8868db91a73323c320c2bb72188b0909c722e0a54e818fc1baf1d2b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fbdc61a0f42e55675a2c5a2e7bdcd9d98fd12679430bb4510108cd13f0045592

www.18uhr40.de Open in urlscan Pro 212.162.13.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

66 %HTTPS

54 %IPv6

12 Domains

17 Subdomains

14 IPs

2 Countries

538 kBTransfer

1451 kBSize

1 Cookies

7 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.18uhr40.de Open in urlscan Pro
212.162.13.166 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

66 %
HTTPS

54 %
IPv6

12
Domains

17
Subdomains

14
IPs

2
Countries

538 kB
Transfer

1451 kB
Size

1
Cookies

62 HTTP transactions
3 data transactions