services.timesleader.com Open in urlscan Pro
62.151.179.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://services.timesleader.com/
Submission: On October 13 via automatic, source certstream-suspicious (October 13th 2021, 9:40:12 pm UTC) — Scanned from DE

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 78 HTTP transactions. The main IP is 62.151.179.126, located in Spain and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is services.timesleader.com.
TLS certificate: Issued by R3 on October 13th 2021. Valid for: 3 months.

This is the only time services.timesleader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	62.151.179.126 62.151.179.126	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
16	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
2	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	74.208.21.154 74.208.21.154	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
14	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
78	7

31 62.151.179.126 (Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: cldsrv73.wehaaserver.com

services.timesleader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.208.21.154 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

static.wehaacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	timesleader.com services.timesleader.com	1 MB
17	googleapis.com ajax.googleapis.com fonts.googleapis.com	105 KB
14	google-analytics.com www.google-analytics.com	20 KB
12	wehaacdn.com static.wehaacdn.com	2 MB
2	gstatic.com fonts.gstatic.com	60 KB
2	cloudflare.com cdnjs.cloudflare.com	72 KB
78	6

	Domain	Requested by
31	services.timesleader.com	services.timesleader.com
16	fonts.googleapis.com	services.timesleader.com
14	www.google-analytics.com	services.timesleader.com www.google-analytics.com
12	static.wehaacdn.com	services.timesleader.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	services.timesleader.com cdnjs.cloudflare.com
1	ajax.googleapis.com	services.timesleader.com
78	7

This site contains no links.

Subject Issuer	Validity	Valid
services.timesleader.com R3	`2021-10-13` - `2022-01-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
static.wehaacdn.com R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://services.timesleader.com/
Frame ID: 2E23F8544E8B420D350C72B78E577AD5
Requests: 78 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Local Services from Wilkes Barre Services

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

script.aculo.us (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

78
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

3795 kB
Transfer

4544 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
services.timesleader.com/ 69 KB
11 KB 611ms
205ms Document
text/html 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PHP/5.3.3 PleskLin
Resource Hash: 438af496d2f84f408354eee9803414adac782db5ca2549a89327484809e93c71

Request headers

Host: services.timesleader.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 13 Oct 2021 21:40:04 GMT
Server: Apache
X-Powered-By: PHP/5.3.3 PleskLin
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
Pragma: no-cache
Set-Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK en.js Show response
services.timesleader.com/scripts/language/ 463 B
663 B 784ms
126ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/scripts/language/en.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: dab0e2ce739ba85be52bc43ceb71a809591d8098eb57c0f25ea9f0dfce5b59d8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:05 GMT
Content-Encoding: gzip
ETag: "6803ec-1cf-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 266
Expires: Thu, 13 Oct 2022 21:40:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
95 KB 64ms
17ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 10:11:16 GMT
x-content-type-options: nosniff
age: 41328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96381
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 13 Oct 2022 10:11:16 GMT

GET
H/1.1 200
OK prototype.js Show response
services.timesleader.com/js/prototype/ 159 KB
37 KB 814ms
142ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/prototype/prototype.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: dedea3aa22a087b3745c9635e7a3d65e772d57ce590b541a6a32069a0b1d60b9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:05 GMT
Content-Encoding: gzip
ETag: "641093-27df1-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 37405
Expires: Thu, 13 Oct 2022 21:40:05 GMT

GET
H/1.1 200
OK scriptaculous.js Show response
services.timesleader.com/js/prototype/ 3 KB
2 KB 844ms
147ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/prototype/scriptaculous.js?load=effects,dragdrop,controls,slider,builder
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 249ea254b5f40568dc750fa3004aa011f9d0771bfed0f5a8484c49fef0eb5838

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:05 GMT
Content-Encoding: gzip
ETag: "641094-b78-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1498
Expires: Thu, 13 Oct 2022 21:40:05 GMT

GET
H/1.1 200
OK action:index.js Show response
services.timesleader.com/scripts/load/controller:places/ 219 KB
54 KB 872ms
169ms Script
application/x-javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/scripts/load/controller:places/action:index.js?v=4.0.6
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PHP/5.3.3 PleskLin
Resource Hash: 5401f0505a5077eaf12bff1ed8dfb266ed3074b4109889e66d0ddf87a79df9c8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 21:40:05 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3 PleskLin
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
697 B 43ms
16ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

8f9d8e123da2427ed3abbd7895f2f5a827cc3d35a718f159744266b9a832bf5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 20:04:17 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 760 B
1 KB 42ms
15ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,300,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

b8a42f16f72934294cd2f7affaf56b72e7bc9785f666dd488729f2458bc2c2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:40:04 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
489 B 47ms
21ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,300

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:38:10 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
610 B 43ms
16ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

73dc95375c0c18cc78101f90219d8d2b0089fe2c9ff4bbeef1618a9ef4c57b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 20:14:47 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
656 B 51ms
25ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

c86a517b26d9399d4ceac51a13d0c6407ef49edb58c7d66db161f4c8fe5ea0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:09:15 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
449 B 49ms
23ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Neuton:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

e1addfb5239d20aae621dfae62b5998e1591913ec4bbf54d20d3be0ededb0252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:40:04 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
779 B 50ms
24ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:06:48 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
644 B 48ms
23ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,300,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 20:16:37 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
576 B 47ms
22ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

05dae748a374ff9d2ed080b26e10f63ab60dbfd1257bfb3db10b6673957b4e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 20:04:27 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
581 B 48ms
22ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 19:46:41 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
601 B 46ms
21ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

f3b0319616d2db97a57fe05ed551a5329251a9eccc9e0d437f0fb472b97e40e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 20:46:03 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
744 B 47ms
22ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 19:40:28 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
769 B 42ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:05:23 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
717 B 41ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

42278ef9ee92a70aaf5c017f7434f355ad6443c1920dde369063fc0a86f1dd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 20:01:55 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
694 B 42ms
18ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Serif+Pro:400,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

aee24bd9132a267881e3e66c672064ae8887c5b95c711791203d7c2843c0aa14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:33:56 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
705 B 48ms
24ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tinos:400,300,700

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

d607f4fd4b6f9bb36fcdaa54f4df8ee57abf6ef6d171b048e0d34eda86911335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:40:04 GMT
server: ESF
date: Wed, 13 Oct 2021 21:40:04 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:40:04 GMT

GET
H/1.1 200
OK normalize.css
services.timesleader.com/css/themes/web/ 8 KB
3 KB 400ms
135ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/themes/web/normalize.css
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:04 GMT
Content-Encoding: gzip
ETag: "640ecb-1e1c-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2578
Expires: Thu, 13 Oct 2022 21:40:04 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
6 KB 40ms
21ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2659926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4972
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6b4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAnb8IegLROrcDFlKCqHM8AF0KwEl2JuUku9%2F6ELMFLzvv%2FexM0Yfo7d%2BmIShZBp%2FrX%2BAi861vUBvoPPu3eW1mcoijMfJnoYUAJpD9yGFBYeWtkgVvI8mTCQ5GcanJSoSd1Xrmqu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69dbb968fc6596ce-FRA
expires: Mon, 03 Oct 2022 21:40:04 GMT

GET
H/1.1 200
OK classic.css
services.timesleader.com/css/window/ 2 KB
1 KB 401ms
135ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/window/classic.css
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 2034ba7b2b61ac62148903796b58df48cf4f7d4ce33972fc07cf633ed2663aed

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:04 GMT
Content-Encoding: gzip
ETag: "640f57-8e2-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 776
Expires: Thu, 13 Oct 2022 21:40:04 GMT

GET
H/1.1 200
OK design.css
services.timesleader.com/css/themes/web/ 99 KB
13 KB 406ms
139ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/themes/web/design.css?v=4.0.6
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 6a41ef8e3e08fa083f6e77123bab13c568f6475311aafd204ce9e370beafa8a9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:04 GMT
Content-Encoding: gzip
ETag: "640ec3-18c51-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 12822
Expires: Thu, 13 Oct 2022 21:40:04 GMT

GET
H/1.1 200
OK templates.css
services.timesleader.com/css/themes/web/ 26 KB
4 KB 402ms
135ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/themes/web/templates.css?v=4.0.6
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 26ad1e1029a43c70a31f748c803d0eee2243e7cc0296bda021c153af595cf265

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:04 GMT
Content-Encoding: gzip
ETag: "640ecf-69a6-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 3359
Expires: Thu, 13 Oct 2022 21:40:04 GMT

GET
H/1.1 200
OK lightbox.css
services.timesleader.com/css/lightbox/ 2 KB
1 KB 403ms
134ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/lightbox/lightbox.css
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: e28000400a1208b1bc13e608f4415e579df3a7e3b288b339f1f88bfebd7db389

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:04 GMT
Content-Encoding: gzip
ETag: "6409c0-666-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 662
Expires: Thu, 13 Oct 2022 21:40:04 GMT

GET
H/1.1 200
OK prototip.css
services.timesleader.com/css/prototip/ 4 KB
1 KB 405ms
136ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/prototip/prototip.css
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 0045b7f77069770517a3f23d532ddcc332d4d486902d27c4b361195670f52a1b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:04 GMT
Content-Encoding: gzip
ETag: "6409cb-fe4-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1055
Expires: Thu, 13 Oct 2022 21:40:04 GMT

GET
H/1.1 200
OK custom.css
services.timesleader.com/css/themes/web/ 7 KB
2 KB 778ms
126ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/themes/web/custom.css?v=4.0.6
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: bcb757d12f080c2c1893b74ab5914f2bde944e04884a2860be38695c94c36964

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:05 GMT
Content-Encoding: gzip
ETag: "640ec1-1b47-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1655
Expires: Thu, 13 Oct 2022 21:40:05 GMT

GET
H/1.1 200
OK logo-xl.png
services.timesleader.com/web/img/ 352 KB
353 KB 342ms
125ms Image
image/png 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.timesleader.com/web/img/logo-xl.png
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: d4017a3a0e779064f41c4bd0be0a55938fb0eb4fd1a80f1780e0bcdee7ec4385

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
ETag: "6410ac-580b7-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 360631
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK logo-lg.png
services.timesleader.com/web/img/ 301 KB
302 KB 414ms
137ms Image
image/png 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.timesleader.com/web/img/logo-lg.png
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: eebfc82d452df9d9a72b5a52c3d31f76b99df5eba957f09922e8983bbeec1536

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
ETag: "6410a9-4b552-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 308562
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK logo-md.png
services.timesleader.com/web/img/ 225 KB
226 KB 432ms
146ms Image
image/png 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.timesleader.com/web/img/logo-md.png
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 78af21be3b2d143f498fea232997f2308d24aeb339657ce045f3cecb872e3193

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
ETag: "6410aa-384f1-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 230641
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK logo-sm.png
services.timesleader.com/web/img/ 155 KB
155 KB 376ms
125ms Image
image/png 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.timesleader.com/web/img/logo-sm.png
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 213b241bbd143561eff15a6bc987218a286bee21c93e6fa99b1a95e4e592ff83

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
ETag: "6410ab-26c98-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 158872
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK logo-xs.png
services.timesleader.com/web/img/ 10 KB
10 KB 405ms
135ms Image
image/png 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.timesleader.com/web/img/logo-xs.png
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 8c31c4e4aadea2c80dd9a21e4aa58d7c55bebf9965242f80390dcdccaf60e011

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
ETag: "6410ad-264d-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 9805
Expires: Thu, 13 Oct 2022 21:40:07 GMT

GET
H/1.1 200
OK fk:917,907,916,918,914,924,909,928,919,912,925,906 Show response
services.timesleader.com/places/track/homeview/no-cache:81f98110481a3459023a52dd85a99c7d/ 11 B
423 B 501ms
146ms Script
text/html 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/places/track/homeview/no-cache:81f98110481a3459023a52dd85a99c7d/fk:917,907,916,918,914,924,909,928,919,912,925,906
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PHP/5.3.3 PleskLin
Resource Hash: bf6e68c02c78e6d9e65622991e517df720c68c03619dbc06af053883480743db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3 PleskLin
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
Connection: close
Content-Length: 31
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK feedback.jpg
services.timesleader.com/css/themes/web/img/ 3 KB
3 KB 316ms
136ms Image
image/jpeg 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.timesleader.com/css/themes/web/img/feedback.jpg
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 89fce6d65ad639a5add5188f4d1f5d3b679f2afa3f0e5e476eac44c909ed8e9b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
ETag: "640ed3-bd0-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 3024
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK jquery.fitvids.js Show response
services.timesleader.com/js/ 3 KB
2 KB 421ms
135ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/jquery.fitvids.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 33741df001b1e97d1eb765d9a0c081678fdde564c373931580afa3a232b5db2f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "641073-cbe-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1319
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK jquery.dotdotdot.min.js Show response
services.timesleader.com/js/ 6 KB
3 KB 406ms
136ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/jquery.dotdotdot.min.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "641071-1805-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2503
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK jquery.wookmark.min.js Show response
services.timesleader.com/js/ 9 KB
4 KB 411ms
137ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/jquery.wookmark.min.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: d59bb710facc819f06eb59d83099121d658defd4effd21c9d73daad2579ef09d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "641075-2544-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 3479
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK imagesloaded.pkgd.min.js Show response
services.timesleader.com/js/ 5 KB
2 KB 493ms
136ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/imagesloaded.pkgd.min.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: bc6141baf0bde0e41c12e9311f5a97c158a7cb99f923afeb67d13abeaacb652b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "64106e-15db-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1812
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK iframeResizer.min.js Show response
services.timesleader.com/js/ 12 KB
5 KB 811ms
136ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/iframeResizer.min.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 735d4197a36ae8aac8e20b8840de872cd708e0fa0257feb3e6b384e53f758981

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "64106d-31ec-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 5070
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK twitter.widgets.js Show response
services.timesleader.com/js/ 113 KB
32 KB 411ms
141ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/twitter.widgets.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: e15d61089a9769461d192005da0eb42265efde4694590f433971a6817796237c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "641080-1c391-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 32876
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK effects.js Show response
services.timesleader.com/js/prototype/ 38 KB
9 KB 361ms
127ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/prototype/effects.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/js/prototype/scriptaculous.js?load=effects,dragdrop,controls,slider,builder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 5db3226177f4a31678f60d404d592831a74c6533b9e0d858d0d1a1369081597b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "641090-9647-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 8725
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK dragdrop.js Show response
services.timesleader.com/js/prototype/ 30 KB
8 KB 367ms
123ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/prototype/dragdrop.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/js/prototype/scriptaculous.js?load=effects,dragdrop,controls,slider,builder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: ebc56045f199391ad34d706e4453e775c2e1d5815bca374dc26616610834723c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "64108f-7950-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 7556
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK controls.js Show response
services.timesleader.com/js/prototype/ 34 KB
9 KB 376ms
127ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/prototype/controls.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/js/prototype/scriptaculous.js?load=effects,dragdrop,controls,slider,builder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 1b81cd76f75c64a660fcb6cdeab9703da4047905d9941f541b880570ae290f3f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "64108d-87e2-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 9038
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK slider.js Show response
services.timesleader.com/js/prototype/ 10 KB
3 KB 376ms
127ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/prototype/slider.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/js/prototype/scriptaculous.js?load=effects,dragdrop,controls,slider,builder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: b0ff95361e15629bc9fd5d6a266349e3573765c3fc5f53bb0fc0362e53985955

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "641095-27b2-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 2675
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK builder.js Show response
services.timesleader.com/js/prototype/ 5 KB
2 KB 376ms
126ms Script
text/javascript 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/js/prototype/builder.js
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/js/prototype/scriptaculous.js?load=effects,dragdrop,controls,slider,builder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 859e0e31dbebcac39f1df0126eb00c7efaa6d7caa51f6b5943c1b5d547b5124a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
Content-Encoding: gzip
ETag: "64108c-1288-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1840
Expires: Thu, 13 Oct 2022 21:40:06 GMT

GET
H/1.1 200
OK print.css
services.timesleader.com/css/themes/web/ 5 KB
2 KB 439ms
147ms Stylesheet
text/css 62.151.179.126
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.timesleader.com/css/themes/web/print.css
Requested by: Host: services.timesleader.com
URL: https://services.timesleader.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.179.126 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv73.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: 9649b6ecf1c5bb78ad08fb8a2e4cd420495b87e8bc4fe6b2709dcd3ab8a2ef6b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://services.timesleader.com/
Cookie: PHPSESSID=kf2lkbfso0u4110rtsdv6nc7j4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
Content-Encoding: gzip
ETag: "640ecd-158d-5ce41b3207c40"
Last-Modified: Wed, 13 Oct 2021 20:20:57 GMT
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 1431
Expires: Thu, 13 Oct 2022 21:40:07 GMT

GET
H/1.1 200
OK 917.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/917/images/ 160 KB
161 KB 777ms
316ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/917/images/917.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

3fe8e4ed911911633d2d6d37aa24816bc84c9d93fafd95bc7b57d45144839d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Oct 2021 09:20:26 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="917.jpg"
Connection: keep-alive
Expires: Sat, 09 Oct 2021 16:32:26 GMT

GET
H/1.1 200
OK 907.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/907/images/ 176 KB
176 KB 1199ms
132ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/907/images/907.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef63af1ef25e989559c0f76776c17ad4ba172a9bf90f70e7b92f898b45faff8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 11:54:03 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="907.jpg"
Connection: keep-alive
Expires: Fri, 08 Oct 2021 19:06:03 GMT

GET
H/1.1 200
OK 916.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/916/images/ 184 KB
184 KB 1274ms
145ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/916/images/916.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

84031d590f45e796d1f889ed155384b93c7fa9fa7b24e79d48a386e4878eaa96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 20:06:55 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="916.jpg"
Connection: keep-alive
Expires: Sat, 09 Oct 2021 03:18:55 GMT

GET
H/1.1 200
OK 918.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/918/images/ 168 KB
168 KB 1293ms
151ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/918/images/918.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8100c09e74e9941cada7a76a3e18a9e08f217b07ad7119b7d5d810fdb61a7afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 11:54:04 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="918.jpg"
Connection: keep-alive
Expires: Fri, 08 Oct 2021 19:06:04 GMT

GET
H/1.1 200
OK 914.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/914/images/ 211 KB
212 KB 661ms
261ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/914/images/914.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

d03fd7b5b88d5404b89868f01163070f87db1aff7025a1a2a8dc8b1858a4fe10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 14:21:47 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="914.jpg"
Connection: keep-alive
Expires: Fri, 08 Oct 2021 21:33:47 GMT

GET
H/1.1 200
OK 924.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/924/images/ 225 KB
226 KB 710ms
284ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/924/images/924.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

d3d67f406cedfc1b319e73d36c82c930e42404303d8f2b424595b17d662a18e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 11:54:03 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="924.jpg"
Connection: keep-alive
Expires: Fri, 08 Oct 2021 19:06:03 GMT

GET
H/1.1 200
OK 909.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/909/images/ 208 KB
208 KB 707ms
281ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/909/images/909.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

756d978b1878cd3a70c98379f0ad067074539484b58139cbbdfc3ede01becfe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 20:06:54 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="909.jpg"
Connection: keep-alive
Expires: Sat, 09 Oct 2021 03:18:54 GMT

GET
H/1.1 200
OK 928.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/928/images/ 190 KB
190 KB 708ms
283ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/928/images/928.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ed9f34c901e44d4dce2f99a10182c569e2bf4671330fbdb2c79aec64d7ae13cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 14:21:36 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="928.jpg"
Connection: keep-alive
Expires: Fri, 08 Oct 2021 21:33:36 GMT

GET
H/1.1 200
OK 919.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/919/images/ 182 KB
182 KB 711ms
285ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/919/images/919.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

412e644349ce8d16c00e93838f309eac39f7019b731b00d3672d9f9d80f1ce38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 19:19:09 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="919.jpg"
Connection: keep-alive
Expires: Sat, 09 Oct 2021 02:31:09 GMT

GET
H/1.1 200
OK 912.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/912/images/ 160 KB
161 KB 129ms
128ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/912/images/912.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

87da7dfea34599994e8a022a3ebef342e43daebd9c14da89e2d64fc832b353a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 11:54:03 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="912.jpg"
Connection: keep-alive
Expires: Fri, 08 Oct 2021 19:06:03 GMT

GET
H/1.1 200
OK 925.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/925/images/ 182 KB
182 KB 154ms
153ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/925/images/925.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

52260639b4972ee187c76a43a75c7a45bc22e8968eceeb325373bf7d90f440d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 11:54:04 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="925.jpg"
Connection: keep-alive
Expires: Fri, 08 Oct 2021 19:06:04 GMT

GET
H/1.1 200
OK 906.jpg
static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/906/images/ 228 KB
228 KB 137ms
137ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/services-timesleader-com/imgs/media-images/normal/906/images/906.jpg

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9b3f7b323046d23abb53da15ebbd3656e00e4941cf9805176fabb8fccb6ebc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Oct 2021 19:19:09 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="906.jpg"
Connection: keep-alive
Expires: Sat, 09 Oct 2021 02:31:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 32ms
11ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 534935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 17:04:31 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 65 KB
66 KB 27ms
13ms Font
application/octet-stream 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:40:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1734800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-10440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaKScIarU80Qs3IY7NzXEkUorUuMlKySwUD0Rdi7UTfPTxIVyfpdyrbMxvLMyEkfMHxvHzkRuZHbLrRynBZlK%2FywQwBsiFxsM%2F%2F%2Be61HmTHfdKmhuwbK14OaJdoQlYsi5b%2Ft8YEI"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69dbb9725ae6430f-FRA
expires: Mon, 03 Oct 2022 21:40:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 28ms
7ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://services.timesleader.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 187949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 17:27:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 5941
date: Wed, 13 Oct 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 22:01:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
13ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1396089427&t=pageview&_s=1&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=101435676&gjid=1078605354&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&_r=1&_slc=1&z=1503609769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.timesleader.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:40:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://services.timesleader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
7ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=2&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(917)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=917&cd1=9&z=1499288083

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
7ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=3&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(907)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=907&cd1=1&z=1894574786

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
6ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=4&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(916)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=916&cd1=44&z=733526454

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
7ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=5&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(918)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=918&cd1=31&z=1042402240

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
7ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=6&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(914)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=914&cd1=78&z=1757748029

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
7ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=7&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(924)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=924&cd1=29&z=1465328464

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
7ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=8&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(909)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=909&cd1=74&z=290412269

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
8ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=9&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(928)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=928&cd1=76&z=1008330783

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
8ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=10&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(919)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=919&cd1=68&z=1579413879

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
8ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=11&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(912)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=912&cd1=32&z=615228462

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
9ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=12&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(925)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=925&cd1=17&z=1495096221

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
9ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1396089427&t=event&_s=13&dl=https%3A%2F%2Fservices.timesleader.com%2F&ul=en-us&de=UTF-8&dt=Local%20Services%20from%20Wilkes%20Barre%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Home&ea=View&el=Shown%20in%20home%20page%20(906)&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=585511069.1634161207&tid=UA-68711189-12&_gid=1540452883.1634161207&cd2=906&cd1=62&z=1994173251

Requested by

Host: services.timesleader.com
URL: https://services.timesleader.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.timesleader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 12:02:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34681
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
services.timesleader.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: kf2lkbfso0u4110rtsdv6nc7j4
.timesleader.com/	1970-01-20 15:27:13	Name: _ga Value: GA1.2.585511069.1634161207
.timesleader.com/	1970-01-19 21:57:27	Name: _gid Value: GA1.2.1540452883.1634161207
.timesleader.com/	1970-01-19 21:56:01	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
services.timesleader.com
static.wehaacdn.com
www.google-analytics.com
104.16.19.94
142.250.184.202
142.250.185.131
142.250.186.110
142.250.186.138
62.151.179.126
74.208.21.154
0045b7f77069770517a3f23d532ddcc332d4d486902d27c4b361195670f52a1b
05dae748a374ff9d2ed080b26e10f63ab60dbfd1257bfb3db10b6673957b4e98
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05
1b81cd76f75c64a660fcb6cdeab9703da4047905d9941f541b880570ae290f3f
2034ba7b2b61ac62148903796b58df48cf4f7d4ce33972fc07cf633ed2663aed
213b241bbd143561eff15a6bc987218a286bee21c93e6fa99b1a95e4e592ff83
249ea254b5f40568dc750fa3004aa011f9d0771bfed0f5a8484c49fef0eb5838
26ad1e1029a43c70a31f748c803d0eee2243e7cc0296bda021c153af595cf265
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
33741df001b1e97d1eb765d9a0c081678fdde564c373931580afa3a232b5db2f
3fe8e4ed911911633d2d6d37aa24816bc84c9d93fafd95bc7b57d45144839d62
412e644349ce8d16c00e93838f309eac39f7019b731b00d3672d9f9d80f1ce38
42278ef9ee92a70aaf5c017f7434f355ad6443c1920dde369063fc0a86f1dd2c
438af496d2f84f408354eee9803414adac782db5ca2549a89327484809e93c71
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
52260639b4972ee187c76a43a75c7a45bc22e8968eceeb325373bf7d90f440d2
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5401f0505a5077eaf12bff1ed8dfb266ed3074b4109889e66d0ddf87a79df9c8
5db3226177f4a31678f60d404d592831a74c6533b9e0d858d0d1a1369081597b
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6a41ef8e3e08fa083f6e77123bab13c568f6475311aafd204ce9e370beafa8a9
735d4197a36ae8aac8e20b8840de872cd708e0fa0257feb3e6b384e53f758981
73dc95375c0c18cc78101f90219d8d2b0089fe2c9ff4bbeef1618a9ef4c57b39
756d978b1878cd3a70c98379f0ad067074539484b58139cbbdfc3ede01becfe2
78af21be3b2d143f498fea232997f2308d24aeb339657ce045f3cecb872e3193
8100c09e74e9941cada7a76a3e18a9e08f217b07ad7119b7d5d810fdb61a7afd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84031d590f45e796d1f889ed155384b93c7fa9fa7b24e79d48a386e4878eaa96
859e0e31dbebcac39f1df0126eb00c7efaa6d7caa51f6b5943c1b5d547b5124a
87da7dfea34599994e8a022a3ebef342e43daebd9c14da89e2d64fc832b353a5
89fce6d65ad639a5add5188f4d1f5d3b679f2afa3f0e5e476eac44c909ed8e9b
8c31c4e4aadea2c80dd9a21e4aa58d7c55bebf9965242f80390dcdccaf60e011
8f9d8e123da2427ed3abbd7895f2f5a827cc3d35a718f159744266b9a832bf5a
9649b6ecf1c5bb78ad08fb8a2e4cd420495b87e8bc4fe6b2709dcd3ab8a2ef6b
9b3f7b323046d23abb53da15ebbd3656e00e4941cf9805176fabb8fccb6ebc3b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
aee24bd9132a267881e3e66c672064ae8887c5b95c711791203d7c2843c0aa14
b0ff95361e15629bc9fd5d6a266349e3573765c3fc5f53bb0fc0362e53985955
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b8a42f16f72934294cd2f7affaf56b72e7bc9785f666dd488729f2458bc2c2e8
bc6141baf0bde0e41c12e9311f5a97c158a7cb99f923afeb67d13abeaacb652b
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
bcb757d12f080c2c1893b74ab5914f2bde944e04884a2860be38695c94c36964
bf6e68c02c78e6d9e65622991e517df720c68c03619dbc06af053883480743db
c86a517b26d9399d4ceac51a13d0c6407ef49edb58c7d66db161f4c8fe5ea0ad
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77
d03fd7b5b88d5404b89868f01163070f87db1aff7025a1a2a8dc8b1858a4fe10
d3d67f406cedfc1b319e73d36c82c930e42404303d8f2b424595b17d662a18e8
d4017a3a0e779064f41c4bd0be0a55938fb0eb4fd1a80f1780e0bcdee7ec4385
d59bb710facc819f06eb59d83099121d658defd4effd21c9d73daad2579ef09d
d607f4fd4b6f9bb36fcdaa54f4df8ee57abf6ef6d171b048e0d34eda86911335
dab0e2ce739ba85be52bc43ceb71a809591d8098eb57c0f25ea9f0dfce5b59d8
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dedea3aa22a087b3745c9635e7a3d65e772d57ce590b541a6a32069a0b1d60b9
e15d61089a9769461d192005da0eb42265efde4694590f433971a6817796237c
e1addfb5239d20aae621dfae62b5998e1591913ec4bbf54d20d3be0ededb0252
e28000400a1208b1bc13e608f4415e579df3a7e3b288b339f1f88bfebd7db389
eb2631a273e438a2a4eecf22f4272d4abf5b4cd2564506c0597ccacdc318ea3d
ebc56045f199391ad34d706e4453e775c2e1d5815bca374dc26616610834723c
ed9f34c901e44d4dce2f99a10182c569e2bf4671330fbdb2c79aec64d7ae13cb
eebfc82d452df9d9a72b5a52c3d31f76b99df5eba957f09922e8983bbeec1536
ef63af1ef25e989559c0f76776c17ad4ba172a9bf90f70e7b92f898b45faff8b
f3b0319616d2db97a57fe05ed551a5329251a9eccc9e0d437f0fb472b97e40e3
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

services.timesleader.com Open in urlscan Pro 62.151.179.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

3795 kBTransfer

4544 kBSize

4 Cookies

0 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

services.timesleader.com Open in urlscan Pro
62.151.179.126 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

3795 kB
Transfer

4544 kB
Size

4
Cookies

78 HTTP transactions
0 data transactions