URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Submission: On July 04 via api from US

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 62 HTTP transactions. The main IP is 212.162.13.166, located in Germany and belongs to PLUSSERVER-ASN1, DE. The main domain is www.18uhr40.de.
This is the only time www.18uhr40.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 212.162.13.166 61157 (PLUSSERVE...)
11 192.0.77.37 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 185.225.208.133 13213 (UK2NET-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 192.0.77.48 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.94.93 32748 (STEADFAST)
2 2a00:1450:400... 15169 (GOOGLE)
62 14
Domain Requested by
18 www.18uhr40.de www.18uhr40.de
11 c0.wp.com www.18uhr40.de
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 fonts.gstatic.com www.18uhr40.de
4 s.w.org www.18uhr40.de
4 pagead2.googlesyndication.com www.18uhr40.de
pagead2.googlesyndication.com
3 www.google.com www.18uhr40.de
www.gstatic.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 pixel.wp.com www.18uhr40.de
1 whos.amung.us waust.at
1 www.gstatic.com www.google.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 stats.wp.com www.18uhr40.de
1 waust.at www.18uhr40.de
1 fonts.googleapis.com www.18uhr40.de
62 17
Subject Issuer Validity Valid
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
www.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
18uhr40.de
Let's Encrypt Authority X3
2020-06-16 -
2020-09-14
3 months crt.sh
*.google.de
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA
2019-12-19 -
2021-12-18
2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh

This page contains 10 frames:

Primary Page: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Frame ID: 594B5171535BBB8BC22142A7C53998F5
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html
Frame ID: 00C0308E1F544E49FED18AA56C4202E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&adk=1812271804&adf=3025194257&lmt=1593845281&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593845281841&bpp=17&bdt=324&idt=125&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2459571717947&frm=20&pv=2&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=12139902218444&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=147
Frame ID: 1324334B521D74E1F57EB0F1F62B17F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=600&slotname=4466619137&adk=1632686869&adf=769656191&w=120&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281858&bpp=6&bdt=341&idt=141&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=181&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=eV2632tzBQ&p=http%3A//www.18uhr40.de&dtd=147
Frame ID: 96BEFDE57E067F3C57D6576E49C4F5D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=2120401412&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281864&bpp=1&bdt=347&idt=157&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AjzRSMdu6W&p=http%3A//www.18uhr40.de&dtd=161
Frame ID: 9F6E2BDA4C75AE622ECECF9CEED3D58E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=3723755851&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281865&bpp=1&bdt=348&idt=164&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=2757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tXYKeBqE8G&p=http%3A//www.18uhr40.de&dtd=167
Frame ID: 1FD3C5553DF694F0085FA35EF98C1A3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=280&adk=363429464&adf=4092320266&w=413&fwrn=4&fwrnh=100&lmt=1593845282&rafmt=1&to=qs&pwprc=4681199406&psa=0&guci=1.2.0.0.2.2.0.0&format=413x280&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593845282091&bpp=2&bdt=574&idt=3&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=99&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=R5FRbUapoj&p=http%3A//www.18uhr40.de&dtd=16
Frame ID: 090F598BA8EB16405A15603CCFA7EAE5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&co=aHR0cDovL3d3dy4xOHVocjQwLmRlOjgw&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&theme=light&size=normal&cb=rexzk6f0uonf
Frame ID: F2644731232BBFF6FBFC6AEEA11F4EFE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A3308DC1F72F98A1061172DFFC2DF054
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&cb=hl40by8bkauk
Frame ID: E0A2954DB78798D5D1E39FDC27BC86D8
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

62
Requests

66 %
HTTPS

54 %
IPv6

12
Domains

17
Subdomains

14
IPs

2
Countries

538 kB
Transfer

1451 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
96 KB
21 KB
Document
General
Full URL
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PHP/7.2.31 PleskLin
Resource Hash
cdc01414d5a4d4a0ca5de3b694d53195cfff9bff8f3f9743bb648d91dfc3da3b

Request headers

Host
www.18uhr40.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.31 PleskLin
Link
<https://www.18uhr40.de/wp-json/>; rel="https://api.w.org/", <https://wp.me/paJvJJ-FJ>; rel=shortlink
X-Cache-Status
BYPASS
Content-Encoding
gzip
twentyfifteen.css
c0.wp.com/p/jetpack/8.6.1/modules/theme-tools/compat/
14 KB
2 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/8.6.1/modules/theme-tools/compat/twentyfifteen.css
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ace0dcf3d57835d61f2ef1647b238cc34f4054c6866d3e33f381b35776d8b484
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Wed, 31 Oct 2018 13:13:30 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
style.min.css
c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/
52 KB
7 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Fri, 24 Apr 2020 15:32:14 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
theme.min.css
c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/
2 KB
610 B
Stylesheet
General
Full URL
https://c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/theme.min.css
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Thu, 06 Feb 2020 21:03:31 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
front.css
www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/css/
7 KB
2 KB
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/css/front.css?ver=1.0.9
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
fbdc61a0f42e55675a2c5a2e7bdcd9d98fd12679430bb4510108cd13f0045592

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5c741965-1b93"
Last-Modified
Mon, 25 Feb 2019 16:35:49 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
aalb_basics.css
www.18uhr40.de/wp-content/plugins/amazon-associates-link-builder/css/
3 KB
1 KB
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/plugins/amazon-associates-link-builder/css/aalb_basics.css?ver=1.9.3
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
e7be98b44cfeff4fe548e4ce712fac1e09fd299e0dbae9feeec35bf2f43b86f2

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5d485b25-aa3"
Last-Modified
Mon, 05 Aug 2019 16:36:53 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
style.css
www.18uhr40.de/wp-content/themes/twentyfifteen/
103 KB
16 KB
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/themes/twentyfifteen/style.css?ver=5.4.2
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
da8cafcbba85d85c43b8aee06bb89a4a085f733ff846c0ff173a9e91c9d8e768

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5e852ee6-19aed"
Last-Modified
Thu, 02 Apr 2020 00:16:38 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
style.css
www.18uhr40.de/wp-content/themes/twentyfifteen-child/
2 KB
1005 B
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/themes/twentyfifteen-child/style.css?ver=1.0.0
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
488f0b82e203c077cf415681413762c58e1499f6e6cb7ced318ede0b90de4be2

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5c0ab47c-8ba"
Last-Modified
Fri, 07 Dec 2018 17:57:16 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
css
fonts.googleapis.com/
25 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2b46270130afb036718f66a9bee9afb4a024573e278227aeafcf9f2137ff2fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Origin
http://www.18uhr40.de

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jul 2020 06:48:01 GMT
server
ESF
date
Sat, 04 Jul 2020 06:48:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jul 2020 06:48:01 GMT
genericons.css
c0.wp.com/p/jetpack/8.6.1/_inc/genericons/genericons/
28 KB
16 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/8.6.1/_inc/genericons/genericons/genericons.css
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Wed, 13 Jan 2016 23:09:07 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
style.css
www.18uhr40.de/wp-content/themes/twentyfifteen-child/
2 KB
1005 B
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/themes/twentyfifteen-child/style.css?ver=20190507
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
488f0b82e203c077cf415681413762c58e1499f6e6cb7ced318ede0b90de4be2

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5c0ab47c-8ba"
Last-Modified
Fri, 07 Dec 2018 17:57:16 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
blocks.css
www.18uhr40.de/wp-content/themes/twentyfifteen/css/
12 KB
3 KB
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/themes/twentyfifteen/css/blocks.css?ver=20190102
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
cb08b0ac26a69ae4d39259f8031337f81d943222432f08163cb5bdf2fec8b6c7

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5e852ee6-31a5"
Last-Modified
Thu, 02 Apr 2020 00:16:38 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
app.css
www.18uhr40.de/wp-content/plugins/simple-lightbox/client/css/
232 B
537 B
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
ETag
"e8-5a078a8d18874"
Last-Modified
Tue, 10 Mar 2020 04:36:12 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Content-Type
text/css
X-Accel-Version
0.01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
232
jetpack.css
c0.wp.com/p/jetpack/8.6.1/css/
73 KB
12 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/8.6.1/css/jetpack.css
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7002bd7e9131ec2b5d12c24a2cc181f046f5237addf358a93921055d3eda73a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Mon, 01 Jun 2020 14:24:36 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
jquery.js
c0.wp.com/c/5.4.2/wp-includes/js/jquery/
95 KB
32 KB
Script
General
Full URL
https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
jquery-migrate.min.js
c0.wp.com/c/5.4.2/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
113 KB
41 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c6109a06b9f3d756c9b8cb88c996c581c26522dcb96b91062c55100ad803d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4975968547677784669
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
41316
X-XSS-Protection
0
Expires
Sat, 04 Jul 2020 06:48:01 GMT
d.js
waust.at/
13 KB
7 KB
Script
General
Full URL
http://waust.at/d.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Jun 2020 19:57:35 GMT
ETag
W/"5ee6812f-32f2"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Sun, 05 Jul 2020 06:48:01 GMT
wp-emoji-release.min.js
www.18uhr40.de/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
http://www.18uhr40.de/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5e83e0e8-364d"
Last-Modified
Wed, 01 Apr 2020 00:31:36 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
gwolle-gb-frontend.css
www.18uhr40.de/wp-content/plugins/gwolle-gb/frontend/css/
9 KB
3 KB
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/plugins/gwolle-gb/frontend/css/gwolle-gb-frontend.css?ver=4.0.4
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
036730cf6e2d7aecff496d853fa087aa480ab64cc7fb7dcf6cdefff16a7d8d4e

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5eef8cf7-23bf"
Last-Modified
Sun, 21 Jun 2020 16:38:15 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
shariff.min.css
www.18uhr40.de/wp-content/plugins/shariff/css/
7 KB
2 KB
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/plugins/shariff/css/shariff.min.css?ver=4.6.5
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
0cdaa2c316f414a77bcc5a930e9dcd7668619faac80d6a424a35c8a81d29d1fb

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5e7cd9f9-1d97"
Last-Modified
Thu, 26 Mar 2020 16:36:09 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
gglcptch.css
www.18uhr40.de/wp-content/plugins/google-captcha/css/
570 B
659 B
Stylesheet
General
Full URL
http://www.18uhr40.de/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.57
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
66bbde50f5b496cac67b3abd8f6b4bedde581687669189d57e54f51b6e0c0a2b

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"23a-5a7089f329565"
Last-Modified
Mon, 01 Jun 2020 16:52:36 GMT
X-Accel-Version
0.01
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
photon.min.js
c0.wp.com/p/jetpack/8.6.1/_inc/build/photon/
758 B
422 B
Script
General
Full URL
https://c0.wp.com/p/jetpack/8.6.1/_inc/build/photon/photon.min.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
front.js
www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/js/
6 KB
2 KB
Script
General
Full URL
http://www.18uhr40.de/wp-content/plugins/adsimple-cookie-notice/js/front.js?ver=1593845278
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
e9d8fc5c8868db91a73323c320c2bb72188b0909c722e0a54e818fc1baf1d2b0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5c741965-1664"
Last-Modified
Mon, 25 Feb 2019 16:35:49 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
skip-link-focus-fix.js
www.18uhr40.de/wp-content/themes/twentyfifteen/js/
727 B
811 B
Script
General
Full URL
http://www.18uhr40.de/wp-content/themes/twentyfifteen/js/skip-link-focus-fix.js?ver=20141028
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
c99b9b0e6f18e2095f1552d926fbb566e5cd18b3867672d84689ca97a69b9479

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"2d7-5a243b6ddee92"
Last-Modified
Thu, 02 Apr 2020 00:16:38 GMT
X-Accel-Version
0.01
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
comment-reply.min.js
c0.wp.com/c/5.4.2/wp-includes/js/
2 KB
1 KB
Script
General
Full URL
https://c0.wp.com/c/5.4.2/wp-includes/js/comment-reply.min.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Mon, 11 Nov 2019 11:51:03 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
functions.js
www.18uhr40.de/wp-content/themes/twentyfifteen/js/
4 KB
2 KB
Script
General
Full URL
http://www.18uhr40.de/wp-content/themes/twentyfifteen/js/functions.js?ver=20171218
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
587d7750baeff5b5d892d66142339d1af1f890567f57e9a28181503976cf19b2

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5e852ee6-117e"
Last-Modified
Thu, 02 Apr 2020 00:16:38 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
lazy-images.min.js
c0.wp.com/p/jetpack/8.6.1/_inc/build/lazy-images/js/
9 KB
3 KB
Script
General
Full URL
https://c0.wp.com/p/jetpack/8.6.1/_inc/build/lazy-images/js/lazy-images.min.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a23dec87ea93f923ebe233e63f7c43d1a130ccf1578d97ea758157aae6d108e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
wp-embed.min.js
c0.wp.com/c/5.4.2/wp-includes/js/
1 KB
721 B
Script
General
Full URL
https://c0.wp.com/c/5.4.2/wp-includes/js/wp-embed.min.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
br
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
expires
Sun, 04 Jul 2021 06:48:01 GMT
shariff.min.js
www.18uhr40.de/wp-content/plugins/shariff/js/
2 KB
1 KB
Script
General
Full URL
http://www.18uhr40.de/wp-content/plugins/shariff/js/shariff.min.js?ver=4.6.5
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
8fc8462e119878e4b0e95460b6ae9eaf06151aecb5b9ca663bc775fca818cdf5

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5e7cd9f9-63c"
Last-Modified
Thu, 26 Mar 2020 16:36:09 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
api.js
www.google.com/recaptcha/
676 B
539 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=1.57
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad237fb737d307f25e314306d8ef8ebddb21d9e56b8521ca9eb89f52883f3bca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
447
x-xss-protection
1; mode=block
expires
Sat, 04 Jul 2020 06:48:01 GMT
script.js
www.18uhr40.de/wp-content/plugins/google-captcha/js/
9 KB
3 KB
Script
General
Full URL
http://www.18uhr40.de/wp-content/plugins/google-captcha/js/script.js?ver=1.57
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PleskLin
Resource Hash
71c9fd6fe534dea411ba11d42c30502a1006ea148c7bf73568e77e4b37003dff

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Content-Encoding
gzip
ETag
W/"5ed53254-231e"
Last-Modified
Mon, 01 Jun 2020 16:52:36 GMT
Server
nginx
X-Powered-By
PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
e-202027.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202027.js
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Mon, 28 Jun 2021 03:03:48 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v9/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v9/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin
http://www.18uhr40.de

Response headers

date
Wed, 10 Jun 2020 18:17:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:20:44 GMT
server
sffe
age
2032249
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10116
x-xss-protection
0
expires
Thu, 10 Jun 2021 18:17:12 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
fonts.gstatic.com/s/notoserif/v8/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notoserif/v8/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin
http://www.18uhr40.de

Response headers

date
Wed, 10 Jun 2020 18:16:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:21 GMT
server
sffe
age
2032269
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13192
x-xss-protection
0
expires
Thu, 10 Jun 2021 18:16:52 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
fonts.gstatic.com/s/notoserif/v8/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notoserif/v8/ga6Law1J5X9T9RW6j9bNdOwzfReece9LOoc.woff2
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin
http://www.18uhr40.de

Response headers

date
Wed, 10 Jun 2020 22:14:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:18 GMT
server
sffe
age
2018014
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13660
x-xss-protection
0
expires
Thu, 10 Jun 2021 22:14:27 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v9/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v9/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin
http://www.18uhr40.de

Response headers

date
Wed, 10 Jun 2020 04:27:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:20:41 GMT
server
sffe
age
2082046
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10292
x-xss-protection
0
expires
Thu, 10 Jun 2021 04:27:15 GMT
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
http://www.18uhr40.de

Response headers

Content-Type
application/x-font-woff;charset=utf-8
share_counts
www.18uhr40.de/wp-json/shariff/v1/
111 B
604 B
XHR
General
Full URL
https://www.18uhr40.de/wp-json/shariff/v1/share_counts?url=https%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2F&services=facebook%7Ctwitter&timestamp=1582141596
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/wp-content/plugins/shariff/js/shariff.min.js?ver=4.6.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.162.13.166 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
d166.x-mailer.de
Software
nginx / PHP/7.2.31, PleskLin
Resource Hash
23d3e408068f10dadb2df294ea46ad822ad43e90f2daf3deba6b06fb39ce313d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 04 Jul 2020 06:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
PHP/7.2.31, PleskLin
x-cache-status
BYPASS
status
200
access-control-allow-headers
Authorization, Content-Type
allow
GET
server
nginx
vary
Accept-Encoding, Origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.18uhr40.de
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://www.18uhr40.de/wp-json/>; rel="https://api.w.org/"
integrator.js
adservice.google.de/adsid/
109 B
887 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.18uhr40.de
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
887 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.18uhr40.de
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/
218 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8140bf7ea45bfdc0f29a695bd93fc79c9388e63ddef0b5e5784e7faaf361c4a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83971
x-xss-protection
0
server
cafe
etag
9757296405404450426
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Jul 2020 06:48:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/ Frame 00C0
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200624/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 25 Jun 2020 04:47:33 GMT
expires
Thu, 09 Jul 2020 04:47:33 GMT
content-type
text/html; charset=UTF-8
etag
4448614309292777386
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
cache-control
public, max-age=1209600
age
784828
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
1f609.svg
s.w.org/images/core/emoji/12.0.0-1/svg/
1 KB
853 B
Image
General
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/1f609.svg
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f642.svg
s.w.org/images/core/emoji/12.0.0-1/svg/
525 B
347 B
Image
General
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/1f642.svg
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f644.svg
s.w.org/images/core/emoji/12.0.0-1/svg/
744 B
394 B
Image
General
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/1f644.svg
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
4b8b6a46e16fcee41fa308ae59d18df5c0d74ed7dcc65661fabe17770a743155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Sat, 04 Jul 2020 06:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
2764.svg
s.w.org/images/core/emoji/12.0.0-1/svg/
368 B
430 B
Image
General
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/2764.svg
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Sat, 04 Jul 2020 06:48:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
368
expires
Thu, 31 Dec 2037 23:55:55 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/
323 KB
127 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=1.57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Jun 2020 16:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Jun 2020 20:56:25 GMT
server
sffe
age
914907
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129939
x-xss-protection
0
expires
Wed, 23 Jun 2021 16:39:34 GMT
/
whos.amung.us/pingjs/
28 B
212 B
Script
General
Full URL
http://whos.amung.us/pingjs/?k=vm97j7xfgp&t=1758.%20Auf%20Wiedersehen%20(29.03.2020)%20-%2018Uhr40.de&c=d&y=&a=0&r=1168
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
39ab8d326bd65b3c366179aed2ae8392fc502eca7302c436d78aad7509de18aa

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 04 Jul 2020 06:48:02 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
g.gif
pixel.wp.com/
50 B
215 B
Image
General
Full URL
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.6.1&blog=158610119&post=2587&tz=2&srv=www.18uhr40.de&host=www.18uhr40.de&ref=&fcp=3767&rand=0.887345297835304
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
HTTP/1.1
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 04 Jul 2020 06:48:01 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame 1324
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&adk=1812271804&adf=3025194257&lmt=1593845281&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593845281841&bpp=17&bdt=324&idt=125&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2459571717947&frm=20&pv=2&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=12139902218444&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3806852959664410&output=html&adk=1812271804&adf=3025194257&lmt=1593845281&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593845281841&bpp=17&bdt=324&idt=125&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2459571717947&frm=20&pv=2&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=12139902218444&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=147
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 04 Jul 2020 06:48:02 GMT
server
cafe
content-length
786
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 04 Jul 2020 06:48:02 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eb2a67b402b9d8fb0035220fb9a9221bf0cb27d1f57ae0ffd21246d93a6b03f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 04 Jul 2020 06:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1593663588964027"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
expires
Sat, 04 Jul 2020 06:48:02 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 96BE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=600&slotname=4466619137&adk=1632686869&adf=769656191&w=120&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281858&bpp=6&bdt=341&idt=141&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=181&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=eV2632tzBQ&p=http%3A//www.18uhr40.de&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3806852959664410&output=html&h=600&slotname=4466619137&adk=1632686869&adf=769656191&w=120&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281858&bpp=6&bdt=341&idt=141&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=181&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=eV2632tzBQ&p=http%3A//www.18uhr40.de&dtd=147
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 04 Jul 2020 06:48:02 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 04 Jul 2020 06:48:02 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 9F6E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=2120401412&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281864&bpp=1&bdt=347&idt=157&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AjzRSMdu6W&p=http%3A//www.18uhr40.de&dtd=161
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=2120401412&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281864&bpp=1&bdt=347&idt=157&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AjzRSMdu6W&p=http%3A//www.18uhr40.de&dtd=161
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 04 Jul 2020 06:48:02 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 04 Jul 2020 06:48:02 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1FD3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=3723755851&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281865&bpp=1&bdt=348&idt=164&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=2757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tXYKeBqE8G&p=http%3A//www.18uhr40.de&dtd=167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3806852959664410&output=html&h=90&slotname=9936740185&adk=1151338543&adf=3723755851&w=728&lmt=1593845282&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&wgl=1&adsid=NT&dt=1593845281865&bpp=1&bdt=348&idt=164&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=676&ady=2757&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tXYKeBqE8G&p=http%3A//www.18uhr40.de&dtd=167
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 04 Jul 2020 06:48:02 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 07:03:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 04 Jul 2020 06:48:02 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 090F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3806852959664410&output=html&h=280&adk=363429464&adf=4092320266&w=413&fwrn=4&fwrnh=100&lmt=1593845282&rafmt=1&to=qs&pwprc=4681199406&psa=0&guci=1.2.0.0.2.2.0.0&format=413x280&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593845282091&bpp=2&bdt=574&idt=3&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=99&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=R5FRbUapoj&p=http%3A//www.18uhr40.de&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3806852959664410&output=html&h=280&adk=363429464&adf=4092320266&w=413&fwrn=4&fwrnh=100&lmt=1593845282&rafmt=1&to=qs&pwprc=4681199406&psa=0&guci=1.2.0.0.2.2.0.0&format=413x280&url=http%3A%2F%2Fwww.18uhr40.de%2Fauf-wiedersehen-29-03-2020%2Fcomment-page-1%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593845282091&bpp=2&bdt=574&idt=3&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C728x90%2C728x90&nras=1&correlator=2459571717947&frm=20&pv=1&ga_vid=1895538879.1593845282&ga_sid=1593845282&ga_hid=32839865&ga_fc=0&iag=0&icsg=575089855639756&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=99&ady=1666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530494%2C42530496%2C42530499%2C42530501&oid=3&pvsid=3721037350081123&pem=954&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=R5FRbUapoj&p=http%3A//www.18uhr40.de&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 04 Jul 2020 06:48:02 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
IDE=AHWqTUmGElYrmSEijCAlViGDurrGmyIDR7JU3ECbukKpkveeyKNY1kPNm23mJWRt; expires=Thu, 29-Jul-2021 06:48:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sat, 04 Jul 2020 06:48:02 GMT
cache-control
private
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15IDhunA.woff2
fonts.gstatic.com/s/inconsolata/v20/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inconsolata/v20/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15IDhunA.woff2
Requested by
Host: www.18uhr40.de
URL: http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
445c886f22d6c060ae057ce49f78941f138450a3a098c45941ea2013e0e66769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A400italic%2C700italic%2C400%2C700%7CInconsolata%3A400%2C700&subset=latin%2Clatin-ext&display=fallback
Origin
http://www.18uhr40.de

Response headers

date
Fri, 26 Jun 2020 05:42:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:22:19 GMT
server
sffe
age
695106
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26568
x-xss-protection
0
expires
Sat, 26 Jun 2021 05:42:56 GMT
anchor
www.google.com/recaptcha/api2/ Frame F264
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&co=aHR0cDovL3d3dy4xOHVocjQwLmRlOjgw&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&theme=light&size=normal&cb=rexzk6f0uonf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hgUIrt0poHtqNoFWMtlv0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&co=aHR0cDovL3d3dy4xOHVocjQwLmRlOjgw&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&theme=light&size=normal&cb=rexzk6f0uonf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 04 Jul 2020 06:48:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-hgUIrt0poHtqNoFWMtlv0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10564
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200624&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6faecad840a30e73fe776175c92ef1b9cc63498420b63e606dffd3c94d43454b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Jul 2020 06:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5630
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 04 Jul 2020 06:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Sat, 04 Jul 2020 06:48:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A330
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Sat, 04 Jul 2020 03:31:18 GMT
expires
Sun, 04 Jul 2021 03:31:18 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11804
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
120 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200624&jk=3721037350081123&bg=!MTKlMipY6l9D1s684ecCAAAAV1IAAAANmQF-0uH9d1L-At308nQb_YZ-x3zQb19Slq5fYc91ZH8nldCljZpu0_0uvNABRsW3PuDQZdKKR99R09yGnMfrTEQ8SFb6n0UFJcp8P8c-MxojRH7QgZ6m_oic50skDwsMalupNHj_OCNqSm0J8IF7hb86wvL7V6pmqE0E2PBf7j8WoZyXLCZpsz4bC2AyUEZ5dHtE3lzHQMwhBfpGOqQNtCPpCeY5q8X0xulY3K3UL0FDbj8mHKXY6usIzIxxpeH2fchtxFXE0X61OZTX5YxH-fUZqhvCtaFsxfTRr0SUK67Eo18siKw_gJ9KopFcb36s7jIrii4sgtshmPCkebIgDEb3qXpZYua0FmBiAUfg2EYpymujYGc2-H779FCJYFvkxxwqgwfVjnKmWNfHoPw0-Zf4boF7IHvMQlK6jwWGFQsmRqnIOSmHQN9Amu67nXekH_vQcS0L8aG2o6DJJlxI7LgT3tgZkjjvI87pVjZ7E7Y_JoTxnhiXbGkEdcdPuA0RDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jul 2020 06:48:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame E0A2
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&cb=hl40by8bkauk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rxfW3Ralce//XYPqLUYplQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfTvWAUAAAAAIi5RbBnG7qaVteFgM7nyHCdezKd&cb=hl40by8bkauk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.18uhr40.de/auf-wiedersehen-29-03-2020/comment-page-1/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 04 Jul 2020 06:48:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-rxfW3Ralce//XYPqLUYplQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1176
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle object| _wau object| acnArgs object| jQuery1124011839241301190429 object| addComment object| screenReaderText function| jetpackLazyImagesModule object| wp function| shariff_share_counts function| shariff_get_share_counts function| shariff_add_share_counts object| gglcptch object| _stq object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars boolean| _gfp_p_ number| google_lpabyc number| google_unique_id object| twemoji object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady function| st_go function| linktracker_init object| wpcom function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| recaptcha function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| x string| x1 string| x2 object| closure_lm_210662 object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmGElYrmSEijCAlViGDurrGmyIDR7JU3ECbukKpkveeyKNY1kPNm23mJWRt

1 Console Messages

Source Level URL
Text
console-api log URL: https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c0.wp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
s.w.org
stats.wp.com
tpc.googlesyndication.com
waust.at
whos.amung.us
www.18uhr40.de
www.google.com
www.googletagservices.com
www.gstatic.com
185.225.208.133
192.0.76.3
192.0.77.37
192.0.77.48
212.162.13.166
2a00:1450:4001:801::200a
2a00:1450:4001:815::2001
2a00:1450:4001:815::2003
2a00:1450:4001:816::2002
2a00:1450:4001:818::2004
2a00:1450:4001:819::2003
2a00:1450:4001:825::2002
67.202.94.93
036730cf6e2d7aecff496d853fa087aa480ab64cc7fb7dcf6cdefff16a7d8d4e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0877239101cbff856743513b4ea69fbaf9c580c8ae526e0a8d2ef1b770414094
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0c6109a06b9f3d756c9b8cb88c996c581c26522dcb96b91062c55100ad803d51
0cdaa2c316f414a77bcc5a930e9dcd7668619faac80d6a424a35c8a81d29d1fb
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1eb2a67b402b9d8fb0035220fb9a9221bf0cb27d1f57ae0ffd21246d93a6b03f
21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a
23d3e408068f10dadb2df294ea46ad822ad43e90f2daf3deba6b06fb39ce313d
2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f
39ab8d326bd65b3c366179aed2ae8392fc502eca7302c436d78aad7509de18aa
445c886f22d6c060ae057ce49f78941f138450a3a098c45941ea2013e0e66769
488f0b82e203c077cf415681413762c58e1499f6e6cb7ced318ede0b90de4be2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8b6a46e16fcee41fa308ae59d18df5c0d74ed7dcc65661fabe17770a743155
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
587d7750baeff5b5d892d66142339d1af1f890567f57e9a28181503976cf19b2
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
66bbde50f5b496cac67b3abd8f6b4bedde581687669189d57e54f51b6e0c0a2b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
6faecad840a30e73fe776175c92ef1b9cc63498420b63e606dffd3c94d43454b
7002bd7e9131ec2b5d12c24a2cc181f046f5237addf358a93921055d3eda73a9
71c9fd6fe534dea411ba11d42c30502a1006ea148c7bf73568e77e4b37003dff
8140bf7ea45bfdc0f29a695bd93fc79c9388e63ddef0b5e5784e7faaf361c4a0
8fc8462e119878e4b0e95460b6ae9eaf06151aecb5b9ca663bc775fca818cdf5
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
a23dec87ea93f923ebe233e63f7c43d1a130ccf1578d97ea758157aae6d108e3
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
ace0dcf3d57835d61f2ef1647b238cc34f4054c6866d3e33f381b35776d8b484
ad237fb737d307f25e314306d8ef8ebddb21d9e56b8521ca9eb89f52883f3bca
b2b46270130afb036718f66a9bee9afb4a024573e278227aeafcf9f2137ff2fb
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a
c99b9b0e6f18e2095f1552d926fbb566e5cd18b3867672d84689ca97a69b9479
cb08b0ac26a69ae4d39259f8031337f81d943222432f08163cb5bdf2fec8b6c7
cdc01414d5a4d4a0ca5de3b694d53195cfff9bff8f3f9743bb648d91dfc3da3b
da8cafcbba85d85c43b8aee06bb89a4a085f733ff846c0ff173a9e91c9d8e768
ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
e7be98b44cfeff4fe548e4ce712fac1e09fd299e0dbae9feeec35bf2f43b86f2
e9d8fc5c8868db91a73323c320c2bb72188b0909c722e0a54e818fc1baf1d2b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fbdc61a0f42e55675a2c5a2e7bdcd9d98fd12679430bb4510108cd13f0045592