hallo.post-dein-marketing.de Open in urlscan Pro
185.225.208.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hallo.post-dein-marketing.de/
Submission: On August 30 via automatic, source certstream-suspicious (August 30th 2021, 10:18:42 am UTC)

Summary HTTP 130 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 15 domains to perform 130 HTTP transactions. The main IP is 185.225.208.56, located in Frankfurt am Main, Germany and belongs to UK2NET-AS, GB. The main domain is hallo.post-dein-marketing.de.
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.

This is the only time hallo.post-dein-marketing.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	185.225.208.56 185.225.208.56	13213 (UK2NET-AS) (UK2NET-AS)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:31d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:1c9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	65.111.191.235 65.111.191.235	15083 (INFOLINK-...) (INFOLINK-MIA-)
3	35.158.148.11 35.158.148.11	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:1::8	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
130	23

35 185.225.208.56 (Frankfurt am Main, Germany)

ASN13213 (UK2NET-AS, GB)
PTR: mail.mailchimporange.com

hallo.post-dein-marketing.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:31d (United States)

ASN13335 (CLOUDFLARENET, US)

builderall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.builderall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1c9e (United States)

ASN13335 (CLOUDFLARENET, US)

cheetah-api.builderall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.111.191.235 (United States)

ASN15083 (INFOLINK-MIA-, US)
PTR: webinar.eb4us.com

videotag.eb4us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.158.148.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-148-11.eu-central-1.compute.amazonaws.com

share.mindmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:1::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nzz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	post-dein-marketing.de hallo.post-dein-marketing.de	978 KB
29	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
25	youtube.com www.youtube.com	1 MB
9	googlevideo.com r3---sn-4g5e6nzz.googlevideo.com	2 MB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net	798 B
4	builderall.com builderall.com cheetah-api.builderall.com storage.builderall.com	119 KB
4	google.com www.google.com apis.google.com	27 KB
3	ytimg.com i.ytimg.com	191 KB
3	mindmanager.com share.mindmanager.com	1 MB
3	eb4us.com videotag.eb4us.com	30 KB
3	cloudflare.com cdnjs.cloudflare.com	65 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	ggpht.com yt3.ggpht.com	4 KB
2	jsdelivr.net cdn.jsdelivr.net	355 KB
1	jquery.com code.jquery.com	30 KB
130	15

	Domain	Requested by
35	hallo.post-dein-marketing.de	hallo.post-dein-marketing.de
28	fonts.gstatic.com	www.youtube.com fonts.googleapis.com share.mindmanager.com
25	www.youtube.com	hallo.post-dein-marketing.de www.youtube.com videotag.eb4us.com
9	r3---sn-4g5e6nzz.googlevideo.com	www.youtube.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
3	i.ytimg.com	www.youtube.com
3	share.mindmanager.com	hallo.post-dein-marketing.de share.mindmanager.com
3	videotag.eb4us.com	hallo.post-dein-marketing.de code.jquery.com videotag.eb4us.com
3	cdnjs.cloudflare.com	hallo.post-dein-marketing.de videotag.eb4us.com
3	fonts.googleapis.com	hallo.post-dein-marketing.de videotag.eb4us.com
3	www.google.com	hallo.post-dein-marketing.de www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	storage.builderall.com	hallo.post-dein-marketing.de
2	cdn.jsdelivr.net	hallo.post-dein-marketing.de cdn.jsdelivr.net
1	code.jquery.com	videotag.eb4us.com
1	apis.google.com	share.mindmanager.com
1	cheetah-api.builderall.com	hallo.post-dein-marketing.de
1	www.gstatic.com	www.google.com
1	builderall.com	hallo.post-dein-marketing.de
130	20

This site contains no links.

Subject Issuer	Validity	Valid
post-dein-marketing.de R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
eb4us.com R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
cloud.mindjet.com Amazon	`2021-06-25` - `2022-07-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://hallo.post-dein-marketing.de/
Frame ID: DA89E445D40D4903B184110C3CF2D84B
Requests: 46 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
Frame ID: B16DD3E44A09A3B36F1A58FEFC5BBE6C
Requests: 32 HTTP requests in this frame

Frame: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE
Frame ID: 2BD5C46E95B154EDCFC20969EC2AE164
Requests: 10 HTTP requests in this frame

Frame: https://share.mindmanager.com/
Frame ID: 2F499B9CA39E588B299BDBBB5E6F0E2C
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
Frame ID: 65378C6A301023EB54E66463A4D28657
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webinar_BA | Startseite_BA

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

130
Requests

100 %
HTTPS

87 %
IPv6

15
Domains

20
Subdomains

23
IPs

3
Countries

8012 kB
Transfer

19045 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 117

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

130 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hallo.post-dein-marketing.de/ 46 KB
9 KB 1519ms
1416ms Document
text/html 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

a3b59ef65e3c0806047d8e2624ea51ef274b27b2911ecc633b7d7aa54bc1cf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW

Request headers

:method: GET
:authority: hallo.post-dein-marketing.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Mon, 30 Aug 2021 10:18:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
set-cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate no-store, no-cache, must-revalidate
pragma: no-cache no-cache
strict-transport-security: max-age=63072000;includeSubDomains
x-frame-options: ALLOW
x-content-type-options: nosniff
content-encoding: gzip

GET
H2 200 app.321895ff.css
hallo.post-dein-marketing.de/css/ 427 KB
60 KB 44ms
43ms Stylesheet
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/css/app.321895ff.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

40192950a7f48e9139767e6126c892ee879f9e5ceedb270758186692586991bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /css/app.321895ff.css
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 27 Aug 2021 16:38:57 GMT
server: nginx
etag: W/"61291521-6aaef"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-vendors.27c712ba.css
hallo.post-dein-marketing.de/css/ 81 KB
10 KB 72ms
71ms Stylesheet
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/css/chunk-vendors.27c712ba.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

340c8177b54d8fff23a21d737c2624ae42b15feaff4bb015ac5016432f018b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /css/chunk-vendors.27c712ba.css
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 18 Sep 2020 12:54:50 GMT
server: nginx
etag: W/"5f64ae1a-14438"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 app.801a8f3a.js Show response
hallo.post-dein-marketing.de/js/ 816 KB
167 KB 76ms
75ms Script
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/app.801a8f3a.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

f6e08420aa35080490e6176044662a4320eaee6c69208a7de261f0b1e9ee2bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /js/app.801a8f3a.js
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 27 Aug 2021 16:38:50 GMT
server: nginx
etag: W/"6129151a-cc025"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-vendors.24418182.js Show response
hallo.post-dein-marketing.de/js/ 709 KB
247 KB 102ms
102ms Script
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

4f35c47fbfa1b7888cf0ea835b7645374e269a99e9f0eadc5b688d4da338471e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /js/chunk-vendors.24418182.js
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:54 GMT
server: nginx
etag: W/"60c88dca-b12b4"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 FontList.css
hallo.post-dein-marketing.de/static/ 3 KB
918 B 98ms
93ms Stylesheet
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/FontList.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

faa5031ec3068e5e35508201a5108ae4ab7ff3389a205fe528f5a0f0c403346b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/FontList.css
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 23:26:30 GMT
server: nginx
etag: W/"5f73c2a6-d23"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 bootstrap.css
hallo.post-dein-marketing.de/static/bootstrap-carousel/css/ 6 KB
2 KB 98ms
93ms Stylesheet
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/bootstrap-carousel/css/bootstrap.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

510777961141274a168ff535aec1454572b8f975a4c0a3cfa2618ce20f3182ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/bootstrap-carousel/css/bootstrap.css
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 28 May 2020 20:01:46 GMT
server: nginx
etag: W/"5ed018aa-177c"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 916 B
696 B 22ms
18ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b3a94c5e1197288010e63264b88b583f9fb571dff862a797d0d416653a47664

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H2 200 3484811.png
builderall.com//franquias/2/73748/editor-html/ 14 KB
15 KB 49ms
20ms Image
image/png 2606:4700:10::6816:31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://builderall.com//franquias/2/73748/editor-html/3484811.png

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f563ab3983dee03afcb37022f065a4cdbb1256fa33a23b148d0d352379a7432b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1016011
cf-polished: origSize=14694
vary: Accept-Encoding
content-length: 14672
last-modified: Sat, 26 Jun 2021 04:13:48 GMT
server: cloudflare
x-frame-options: ALLOW
etag: "60d6a97c-3966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: image/png
expires: Thu, 18 Aug 2022 16:04:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 686d464a3bb54414-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 jquery-1.12.4.min.js Show response
hallo.post-dein-marketing.de/static/ 95 KB
37 KB 98ms
94ms Script
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/jquery-1.12.4.min.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/jquery-1.12.4.min.js
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 22:05:52 GMT
server: nginx
etag: W/"5eab4bc0-17b93"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 bootstrap.min.js Show response
hallo.post-dein-marketing.de/static/bootstrap/dist/js/ 57 KB
17 KB 98ms
94ms Script
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/bootstrap/dist/js/bootstrap.min.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: cors
origin: https://hallo.post-dein-marketing.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: script
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /static/bootstrap/dist/js/bootstrap.min.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://hallo.post-dein-marketing.de
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 22:04:51 GMT
server: nginx
etag: W/"5eab4b83-e2d8"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 jquery.ihavecookies.min.js Show response
hallo.post-dein-marketing.de/static/GDPRPlugin/ 4 KB
2 KB 98ms
94ms Script
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/GDPRPlugin/jquery.ihavecookies.min.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

ca4519debaef9ff5c2c7b275b324238949277ced2b03bd6fea48dca99cee3d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/GDPRPlugin/jquery.ihavecookies.min.js
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 22:05:49 GMT
server: nginx
etag: W/"5eab4bbd-ff7"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 jarallax.min.js Show response
hallo.post-dein-marketing.de/static/jarallax/ 15 KB
6 KB 98ms
94ms Script
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/jarallax/jarallax.min.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

88657838a7c1595fd358051dceb1619cd44afa923c22ee397420d677fb5cf196

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/jarallax/jarallax.min.js
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 22:04:43 GMT
server: nginx
etag: W/"5eab4b7b-3b6b"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 jquery-ui.js Show response
hallo.post-dein-marketing.de/static/ 509 KB
141 KB 98ms
94ms Script
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/jquery-ui.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/jquery-ui.js
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 22:07:14 GMT
server: nginx
etag: W/"5eab4c12-7f20a"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 bootstrap.min.css
hallo.post-dein-marketing.de/static/ 152 KB
27 KB 98ms
95ms Stylesheet
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/bootstrap.min.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/bootstrap.min.css
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 22:05:48 GMT
server: nginx
etag: W/"5eab4bbc-2606e"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 material-icon.css
hallo.post-dein-marketing.de/static/ 567 B
558 B 98ms
95ms Stylesheet
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/material-icon.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

bb3b0f946522971d37e0f063fc1335102c7db9936874782fcf2a5a3eca90059b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

:path: /static/material-icon.css
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 22:05:50 GMT
server: nginx
etag: W/"5eab4bbe-237"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/ 263 KB
43 KB 9ms
6ms Stylesheet
text/css 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/materialdesignicons.min.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2189331
x-jsd-version: 5.8.55
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 43447
etag: W/"41c3a-V0/1rmiSzFfK1zStZ4TO8mjD9Pg"
x-served-by: cache-fra19177-FRA
x-jsd-version-type: version
date: Mon, 30 Aug 2021 10:18:21 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chunk-2dd787e0.7afbd1c0.css
hallo.post-dein-marketing.de/css/ 0
335 B 99ms
95ms Other
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/css/chunk-2dd787e0.7afbd1c0.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /css/chunk-2dd787e0.7afbd1c0.css
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
last-modified: Fri, 18 Sep 2020 12:55:39 GMT
server: nginx
etag: "5f64ae4b-58"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 88
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-4d52ae6a.adf4b81e.css
hallo.post-dein-marketing.de/css/ 0
31 KB 98ms
95ms Other
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/css/chunk-4d52ae6a.adf4b81e.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /css/chunk-4d52ae6a.adf4b81e.css
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 04 Oct 2020 17:19:04 GMT
server: nginx
etag: W/"5f7a0408-31a4e"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-74c4c99f.57631ef5.css
hallo.post-dein-marketing.de/css/ 0
480 B 98ms
95ms Other
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/css/chunk-74c4c99f.57631ef5.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /css/chunk-74c4c99f.57631ef5.css
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
last-modified: Fri, 18 Sep 2020 12:55:49 GMT
server: nginx
etag: "5f64ae55-e8"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 232
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-7c3acea6.9d979586.css
hallo.post-dein-marketing.de/css/ 0
612 B 99ms
96ms Other
text/css 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/css/chunk-7c3acea6.9d979586.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /css/chunk-7c3acea6.9d979586.css
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 30 Apr 2020 20:49:38 GMT
server: nginx
etag: W/"5eab39e2-2ef"
x-frame-options: ALLOW
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-2d0a3203.c0b79d8b.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
96ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-2d0a3203.c0b79d8b.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-2d0a3203.c0b79d8b.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:40 GMT
server: nginx
etag: W/"60c88dbc-d55"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-2d0dd430.a3adc479.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
96ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-2d0dd430.a3adc479.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-2d0dd430.a3adc479.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:57 GMT
server: nginx
etag: W/"60c88dcd-c75"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-2d0e24f8.9c67e282.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
96ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-2d0e24f8.9c67e282.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-2d0e24f8.9c67e282.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:40 GMT
server: nginx
etag: W/"60c88dbc-b9f"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-2d0e4e8d.a38861ca.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
97ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-2d0e4e8d.a38861ca.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-2d0e4e8d.a38861ca.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:24:09 GMT
server: nginx
etag: W/"60c88dd9-e9a"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-2d230809.af2d0fc1.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
97ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-2d230809.af2d0fc1.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-2d230809.af2d0fc1.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:56 GMT
server: nginx
etag: W/"60c88dcc-c68"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-2d230e94.132ebb4a.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
97ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-2d230e94.132ebb4a.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-2d230e94.132ebb4a.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:39 GMT
server: nginx
etag: W/"60c88dbb-d47"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-2dd787e0.aebbc153.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
97ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-2dd787e0.aebbc153.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-2dd787e0.aebbc153.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:41 GMT
server: nginx
etag: W/"60c88dbd-c57"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-4d52ae6a.6e2dc22c.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
97ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-4d52ae6a.6e2dc22c.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-4d52ae6a.6e2dc22c.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:40 GMT
server: nginx
etag: W/"60c88dbc-cb3"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-74c4c99f.82364fed.js
hallo.post-dein-marketing.de/js/ 0
1 KB 99ms
97ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-74c4c99f.82364fed.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-74c4c99f.82364fed.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:42 GMT
server: nginx
etag: W/"60c88dbe-b1b"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 chunk-7c3acea6.d478e14a.js
hallo.post-dein-marketing.de/js/ 0
1 KB 97ms
97ms Other
application/javascript 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/js/chunk-7c3acea6.d478e14a.js

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /js/chunk-7c3acea6.d478e14a.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 15 Jun 2021 11:23:43 GMT
server: nginx
etag: W/"60c88dbf-cc6"
x-frame-options: ALLOW
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ 340 KB
133 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hallo.post-dein-marketing.de
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 19:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 19:24:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
835 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,400,400i,600,700,800

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/css/app.321895ff.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ddc7dbeae325fa6792bf32c33f05aa87627770cf255e0c554962c4c6a35a2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 10:16:25 GMT
server: ESF
date: Mon, 30 Aug 2021 10:18:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 727 B
461 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kaushan+Script

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/css/app.321895ff.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3231b8fcd1ad30432e713f1cdbc02e6bd5bde6746239a2073658673148a2c73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 08:28:40 GMT
server: ESF
date: Mon, 30 Aug 2021 10:18:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 57 KB
10 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/css/app.321895ff.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 308448
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10301
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-e4d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wkbILxGJoDGEm5erT8MJtEh3by%2BzwQ8YJ8jZIajigm%2BsLASqaNGvKzjjU1WvrxZygbkSgOKzzKS7TL926Nf6AYnT3%2BcBJhdJ5DmeCwfLDz66lp7wsXv3hHjRlqwxV6zxKI0uMQGc77W3apf0KqsKPiN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 686d464a6c494ece-FRA
expires: Sat, 20 Aug 2022 10:18:21 GMT

GET
H2 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@5.8.55/fonts/ 312 KB
313 KB 7ms
7ms Font
font/woff2 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@5.8.55/fonts/materialdesignicons-webfont.woff2?v=5.8.55

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/materialdesignicons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://hallo.post-dein-marketing.de
Referer: https://cdn.jsdelivr.net/npm/@mdi/font@5.8.55/css/materialdesignicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 376557
x-jsd-version: 5.8.55
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 319984
etag: W/"4e1f0-JNd6J60Dw44EbJH81IAR8WxyQps"
x-served-by: cache-fra19157-FRA
x-jsd-version-type: version
date: Mon, 30 Aug 2021 10:18:21 GMT
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6111478 Show response
cheetah-api.builderall.com/get-plan/ 77 B
1 KB 558ms
533ms XHR
application/json 2606:4700:10::ac43:1c9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cheetah-api.builderall.com/get-plan/6111478

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1c9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

526775e99130d1123d2816741643db599ce31f31a253be5a7068c88a2389d301

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache, public
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate, public
access-control-allow-credentials: true
cf-ray: 686d464be8d54ed9-FRA
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
expires: -1

GET
H2 200 _2u-ZpBIHVE Show response
www.youtube.com/embed/ Frame B16D 56 KB
24 KB 108ms
108ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b81e8e5c2899f8b9fd2e888b8b8f37dd7dc32b59e34cffb0fc2db55d8df773b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hallo.post-dein-marketing.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://hallo.post-dein-marketing.de/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Aug 2021 10:18:21 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=DL9PBKjNj08; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=mKE35MV30e0; Domain=.youtube.com; Expires=Sat, 26-Feb-2022 10:18:21 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+645; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 get Show response
hallo.post-dein-marketing.de/cheetah/pixel/ 2 B
429 B 33ms
32ms XHR
application/json 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/cheetah/pixel/get

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW

Request headers

:path: /cheetah/pixel/get
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: ALLOW
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;includeSubDomains
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 version Show response
hallo.post-dein-marketing.de/cheetah/ 52 B
486 B 4108ms
4108ms XHR
text/html 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/cheetah/version

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

bb3ac9ed197fe549eb9ae042bfc6bbe1c3aeba639e0095ece8210b58f30711aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW

Request headers

:path: /cheetah/version
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 10:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: ALLOW
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;includeSubDomains
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 get_iframe_content Show response
hallo.post-dein-marketing.de/ 271 B
717 B 37ms
36ms XHR
text/html 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/get_iframe_content?iframe_id=1591363289073

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

0e1a20513a8f85dbb809c02c1eb7a5eb3e1793a4f9f91bf187d367eedf8a2479

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW

Request headers

:path: /get_iframe_content?iframe_id=1591363289073
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache no-cache
date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: ALLOW
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate no-store, no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;includeSubDomains
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 get_iframe_content Show response
hallo.post-dein-marketing.de/ 155 B
654 B 38ms
37ms XHR
text/html 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/get_iframe_content?iframe_id=1595605662048

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

d36cb790c7849529cddd977ff22c106a28b14cbd45e7e57577d45ba85e1ee49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW

Request headers

:path: /get_iframe_content?iframe_id=1595605662048
pragma: no-cache
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache no-cache
date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-frame-options: ALLOW
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate no-store, no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;includeSubDomains
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 2700563.jpeg
storage.builderall.com/franquias/2/181114/editor-html/ 51 KB
51 KB 37ms
26ms Image
image/jpeg 2606:4700:10::6816:31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage.builderall.com/franquias/2/181114/editor-html/2700563.jpeg

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71267f1da5682ea862db9681b08018bc06eae955c55379cee69a439fc46944bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Frame-Options	ALLOW

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
cf-cache-status: HIT
age: 9685
cf-polished: origSize=54699
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 52407
last-modified: Fri, 25 Jan 2019 23:12:11 GMT
server: cloudflare
x-frame-options: ALLOW
etag: "5c4b97cb-d5ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 30 Aug 2022 07:36:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 686d464c19a84414-FRA
access-control-allow-headers: *
cf-bgj: imgq:100,h2pri

GET
H2 200 Muli.woff2
hallo.post-dein-marketing.de/static/FontList/Muli/ 24 KB
25 KB 29ms
29ms Font
application/octet-stream 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/FontList/Muli/Muli.woff2

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/static/FontList.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: cors
origin: https://hallo.post-dein-marketing.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /static/FontList/Muli/Muli.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/static/FontList.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://hallo.post-dein-marketing.de
Referer: https://hallo.post-dein-marketing.de/static/FontList.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
last-modified: Thu, 30 Apr 2020 22:06:21 GMT
server: nginx
etag: "5eab4bdd-6134"
x-frame-options: ALLOW
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 24884
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 Lato-Black.woff2
hallo.post-dein-marketing.de/static/FontList/Lato/ 13 KB
14 KB 30ms
29ms Font
application/octet-stream 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/FontList/Lato/Lato-Black.woff2

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/static/FontList.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: cors
origin: https://hallo.post-dein-marketing.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /static/FontList/Lato/Lato-Black.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/static/FontList.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://hallo.post-dein-marketing.de
Referer: https://hallo.post-dein-marketing.de/static/FontList.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
last-modified: Thu, 30 Apr 2020 22:06:38 GMT
server: nginx
etag: "5eab4bee-35a4"
x-frame-options: ALLOW
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 13732
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 Roboto-Regular.ttf
hallo.post-dein-marketing.de/static/FontList/Roboto/ 167 KB
168 KB 32ms
31ms Font
application/octet-stream 185.225.208.56
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.post-dein-marketing.de/static/FontList/Roboto/Roboto-Regular.ttf

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/static/FontList.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.225.208.56 Frankfurt am Main, Germany, ASN13213 (UK2NET-AS, GB),

Reverse DNS

mail.mailchimporange.com

Software

nginx /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	ALLOW

Request headers

sec-fetch-mode: cors
origin: https://hallo.post-dein-marketing.de
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=gvemkk1scqathclo95psuilm8t
:path: /static/FontList/Roboto/Roboto-Regular.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: hallo.post-dein-marketing.de
referer: https://hallo.post-dein-marketing.de/static/FontList.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://hallo.post-dein-marketing.de
Referer: https://hallo.post-dein-marketing.de/static/FontList.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
last-modified: Thu, 30 Apr 2020 22:05:55 GMT
server: nginx
etag: "5eab4bc3-29d08"
x-frame-options: ALLOW
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
content-length: 171272
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 200 player.php Show response
videotag.eb4us.com/ Frame 2BD5 17 KB
4 KB 388ms
126ms Document
text/html 65.111.191.235
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to

Full URL: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE
Requested by: Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/app.801a8f3a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.111.191.235 , United States, ASN15083 (INFOLINK-MIA-, US),
Reverse DNS: webinar.eb4us.com
Software: nginx /
Resource Hash: 479b481f3194d52b3657389a63a11a2347803230283bb502fa0a944c18c61304

Request headers

:method: GET
:authority: videotag.eb4us.com
:scheme: https
:path: /player.php?id=6848&secret=aWWrCu5dqE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hallo.post-dein-marketing.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://hallo.post-dein-marketing.de/

Response headers

server: nginx
date: Mon, 30 Aug 2021 10:18:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Mon, 30 Aug 2021 10:18:20 GMT
cache-control: no-cache
content-encoding: gzip

GET
H2 200 / Show response
share.mindmanager.com/ Frame 2F49 3 KB
1 KB 124ms
35ms Document
text/html 35.158.148.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://share.mindmanager.com/
Requested by: Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/js/app.801a8f3a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.148.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-148-11.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2f3404a162a8ae232ef1b42c010f1f545a18448ee6766af0b2c9878fb01c5bdf

Request headers

:method: GET
:authority: share.mindmanager.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hallo.post-dein-marketing.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://hallo.post-dein-marketing.de/

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-type: text/html
set-cookie: AWSALB=ZSkPFAWP6W4qUWVhD0HJkZXR8OQFaNH7NJUm6itY+eu+WlBVNPD4WOyl8oZmT9wbXPmkqLEqVbKWryzreKpqMZJEugmaBU9SZPR+QVnQb9NKCEbtBr1OJKOK65vV; Expires=Mon, 06 Sep 2021 10:18:21 GMT; Path=/ AWSALBCORS=ZSkPFAWP6W4qUWVhD0HJkZXR8OQFaNH7NJUm6itY+eu+WlBVNPD4WOyl8oZmT9wbXPmkqLEqVbKWryzreKpqMZJEugmaBU9SZPR+QVnQb9NKCEbtBr1OJKOK65vV; Expires=Mon, 06 Sep 2021 10:18:21 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 07 Jul 2021 00:55:08 GMT
content-encoding: gzip

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/528656c7/ Frame B16D 328 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c078314a86a672618d86d4f82ac05c5de9fd0c4761a411f762b4609a54d5f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 12:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 164747
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46217
x-xss-protection: 0
expires: Sun, 28 Aug 2022 12:32:34 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/528656c7/www-embed-player.vflset/ Frame B16D 193 KB
64 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b94653f1c7dfbf7e217387d8551ded7227ec76cc0874097622f354cbf0c6c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 140980
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65344
x-xss-protection: 0
expires: Sun, 28 Aug 2022 19:08:41 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame B16D 2 MB
498 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aff7ee8e719e5bd3bd5bd4df69d236787d750bbf9d9786b68fa1298b42065e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 321205
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510079
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:56 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/ Frame B16D 8 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 321250
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B16D 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:18:02 GMT
x-content-type-options: nosniff
age: 489619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 18:18:02 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B16D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

24ms
23ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2de2995f3ce253c1b5c79cf9a9b895a8b53b5c48efeee38c91a8cbd2cacdb4f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Aug 2021 10:18:21 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B16D 29 B
91 B 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:12:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 323
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 30 Aug 2021 10:27:58 GMT

GET
H3-29 200 u7VSrL2vzvCSHp-xGnQw7TgH-M4lvADc4CuUaJueRfA.js Show response
www.google.com/js/th/ Frame B16D 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/u7VSrL2vzvCSHp-xGnQw7TgH-M4lvADc4CuUaJueRfA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb552acbdafcef0921e9fb11a7430ed3807f8ce25bc00dce02b94689b9e45f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 16:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 16:46:32 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame B16D 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85fb5079e16d13b344437f48d856c37aeddfb16f50a139f3520821a6eeed670f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 321205
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7286
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:56 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame B16D 92 KB
23 KB 108ms
108ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ce3fd8ec6d91c6c517e68f83d5c03d712028840cdc5d52f102a0cfea33b7e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210825.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgttS0UzNU1WMzBlMCjt4LKJBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23466
x-xss-protection: 0
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
DATA 200
OK truncated
/ Frame B16D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLThyczlDUox5MgT3At2UcSKz6sbgJQs7DOXeGgvkw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B16D 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLThyczlDUox5MgT3At2UcSKz6sbgJQs7DOXeGgvkw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b5fd6a737b49673b495204053c9f8ed60706961de775be3e6a927589d77db64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 08:13:31 GMT
x-content-type-options: nosniff
age: 7490
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1949
x-xss-protection: 0
server: fife
etag: "v5566"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 15:42:44 GMT

GET
H2 200 app.min.css
share.mindmanager.com/css/ Frame 2F49 671 KB
167 KB 42ms
39ms Stylesheet
text/css 35.158.148.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://share.mindmanager.com/css/app.min.css?v=5.4.100

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.148.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-148-11.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1efb7788a91a3ed10ee780a295e238b1f87cf96877e937385155b987bd2f6362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://share.mindmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Jul 2021 00:55:08 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, Public
strict-transport-security: max-age=31536000
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H2 403 client.js
apis.google.com/js/ Frame 2F49 0
0 464ms
462ms Script
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/client.js
Requested by: Host: share.mindmanager.com
URL: https://share.mindmanager.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://share.mindmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 app.min.js Show response
share.mindmanager.com/js/ Frame 2F49 5 MB
1 MB 94ms
92ms Script
application/javascript 35.158.148.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://share.mindmanager.com/js/app.min.js?v=5.4.100

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.148.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-148-11.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7fa266540ceea1416fe8218d9cbff2f76134ef6c9de4561354d5cab0cd048d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://share.mindmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Jul 2021 00:55:08 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, Public
strict-transport-security: max-age=31536000
expires: Tue, 30 Aug 2022 10:18:21 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame B16D 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?HwASVA
Requested by: Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 204 qoe Show response
www.youtube.com/api/stats/ Frame B16D 0
19 B 15ms
15ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=Cc3VTcpXTX0PcuNj&ei=bbAsYbqYMJex1wKBs6_oDQ&el=embedded&docid=_2u-ZpBIHVE&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064677%2C24065682%2C24080738%2C24082662%2C24084197%2C24090769&cl=393130916&seq=1&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.152:B,0.152:B&cmt=0.007:0.000,0.152:0.000&ctmp=cc:t.135;useVodTrack&afs=0.152:251::i&vfs=0.152:243:243::r&view=0.152:474:267&bwe=0.152:130000&bat=0.152:1:1&vis=0.152:0&bh=0.152:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1630318701694&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C474%2C267&vis=1&wgl=true&ca_type=image&bid=ANyPxKqJamXkiE9QwTRtPmiw4bZRcKQdEYK3jO5UEC_NFSwizByP4kWFQJBofiJXpp3RDHPpZsY1get-wcWdR8xcrjf8sFK_EA

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 10:18:21 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 99 KB
101 KB 47ms
31ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1630340301&ei=bbAsYbqYMJex1wKBs6_oDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AMtc7m2DCEALqi0iaOjke3C3FvEpQWvK6rTn10n0PXBu&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=AA&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnedn7z&ms=au%2Conr&mv=u&mvi=3&pl=52&vprv=1&mime=video%2Fwebm&ns=zVlZEdAaWEFUgzrxQigq5SAG&gir=yes&clen=5623032&dur=137.600&lmt=1577494196661813&mt=1630318417&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=pptILbwch4baeQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAMQIQBZidJ-cxbdZIfg9lLtI8UX3oIwofueHzlFuST3wAiAVzgEPhXxzdF5dr2an5I87zoE93DfYNupJPU2yuu0r_A%3D%3D&alr=yes&sig=AOq0QJ8wRQIgAVAt8ickEJfZ4QSAhqkzNM9IE8vF68F1N9AOTsI5DPQCIQDRLOvYNm2U_lSH8raqbSZUPsYl0CHMU5xbGczt06N1Jw%3D%3D&cpn=Cc3VTcpXTX0PcuNj&cver=1.20210825.0.1&range=0-101818&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

00a335a6d2dc355cd6103a0e0a3cd4cecf79a696f7e4cae54c52557a22658521

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 10:18:21 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 101819
Last-Modified: Sat, 28 Dec 2019 00:49:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 64 KB
66 KB 24ms
8ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1630340301&ei=bbAsYbqYMJex1wKBs6_oDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AMtc7m2DCEALqi0iaOjke3C3FvEpQWvK6rTn10n0PXBu&itag=251&source=youtube&requiressl=yes&mh=AA&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnedn7z&ms=au%2Conr&mv=u&mvi=3&pl=52&vprv=1&mime=audio%2Fwebm&ns=zVlZEdAaWEFUgzrxQigq5SAG&gir=yes&clen=2520096&dur=137.621&lmt=1577493199721529&mt=1630318417&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=pptILbwch4baeQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgMxvEHo0r3PpNc5n-4pZUH8kale0dCpMTJG3JFmR9nNYCIEVmy6LtEjZi4bpA8jT9l4_zqPWqqMT1sGe-jfY1uaMZ&alr=yes&sig=AOq0QJ8wRgIhAPJ4_zjHfW7m6RjIort64Mh5NjVnTwqHaJ-aqYiVMO1JAiEAuK8J-1o0sRKvcN3sfwsaD92mFku5LNpZ3G2zZ8R5rhU%3D&cpn=Cc3VTcpXTX0PcuNj&cver=1.20210825.0.1&range=0-66036&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b1714309247d278abe259a2d281077dc932a593332f9f8e2c08be3b73c4abc37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 10:18:21 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66037
Last-Modified: Sat, 28 Dec 2019 00:33:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H3-29 200 captions.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame B16D 63 KB
24 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eea8daf840b0cddd393b01340c8550fc46b6c23777f4007bce8d78ce949f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 321205
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24307
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:56 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame B16D 26 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1fdb077ce4750084871daea443f7db5e10891c0b6262c3bc31be6cd8de0e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 17:04:56 GMT

GET
H3-29 200 annotations_module.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame B16D 66 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70038b4e44057ef135c02813f11b9a67fd73e9e2f7ddd97c576169531f704821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 320902
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19754
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:09:59 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame B16D 62 KB
5 KB 264ms
264ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e509e7ab494c7466e68d4f8662b32b4c965bd8e47c10785760b51932ec8f91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210825.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgttS0UzNU1WMzBlMCjt4LKJBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5118
x-xss-protection: 0
expires: Mon, 30 Aug 2021 10:18:22 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/_2u-ZpBIHVE/ Frame B16D 40 KB
40 KB 8ms
7ms Image
image/webp 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/_2u-ZpBIHVE/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e1f2037a61532d22c2a0d5517c3b738a63db179ad42350c395694308feae083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:47:31 GMT
x-content-type-options: nosniff
server: sffe
age: 1850
etag: "1529326215"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40838
x-xss-protection: 0
expires: Mon, 30 Aug 2021 11:47:31 GMT

GET
H3-29 200 sddefault.webp
i.ytimg.com/vi_webp/GcAbXO7LjSU/ Frame B16D 40 KB
40 KB 31ms
16ms Image
image/webp 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/GcAbXO7LjSU/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d91af069f1a11274f4829efbfe690b98a467ed49263e2248d172b81c464f15bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1529327169"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41162
x-xss-protection: 0
expires: Mon, 30 Aug 2021 12:18:21 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 99 KB
99 KB 15ms
7ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6bd2af0dc8ea4fe6f76eccadb4583e52acb09d9a524113f7fe78a4a992dc165f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101150
client-protocol: quic
last-modified: Sat, 28 Dec 2019 00:49:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H3-29 200 icon
fonts.googleapis.com/ Frame 2BD5 568 B
365 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: videotag.eb4us.com
URL: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://videotag.eb4us.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 10:18:21 GMT
server: ESF
date: Mon, 30 Aug 2021 10:18:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ Frame 2BD5 85 KB
30 KB 26ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: videotag.eb4us.com
URL: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://videotag.eb4us.com
Referer: https://videotag.eb4us.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1630318702.dop242.fr8.t,1630318702.cds219.fr8.hc,1630318702.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H3-29 200 materialize.min.css
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/ Frame 2BD5 139 KB
18 KB 25ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css

Requested by

Host: videotag.eb4us.com
URL: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://videotag.eb4us.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3296523
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17475
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03efe-22a11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNtaldWh%2FJbiN%2B8xq745Z67fF9JCPo%2B5Ow6rhM5Cw0H0%2BYzz4Q5v7Fg8aT%2Fre1BiSw8lwAbnX5qAzHLqYI94zSHe1m7RysLtOZqkvpHkY1wx8EMWdKkiexfuCAjkdXaPhhvDVA%2B9EfiTeW%2BWWF9HMzJU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 686d464f7e1c5b38-FRA
expires: Sat, 20 Aug 2022 10:18:22 GMT

GET
H3-29 200 materialize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/ Frame 2BD5 177 KB
37 KB 32ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js

Requested by

Host: videotag.eb4us.com
URL: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://videotag.eb4us.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1769944
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 36877
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03efe-2c375"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdCajwI93NGeweqzn1r%2F5IPLlH%2BqJ%2F1MstN%2Bw4yMZJ85fO84%2B2nrP%2FltjKOmaEIIPHHv%2Bwf%2F38BJkPdGrje2aaWsatqCpSgAc8xeVxJI9rkT%2Fn8a0ZJ3aC%2FcPzbm7YiY16Zvyd5%2B3mEhEujzJaW6Hbb5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 686d464f7e185b38-FRA
expires: Sat, 20 Aug 2022 10:18:22 GMT

GET
H3-29 200 iframe_api Show response
www.youtube.com/ Frame 2BD5 980 B
513 B 21ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: videotag.eb4us.com
URL: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f8361895e5a7405efe980b5dd1ba4dcdffdbfabfb895af4fe675f54786dec72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://videotag.eb4us.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 64 KB
64 KB 11ms
8ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1630340301&ei=bbAsYbqYMJex1wKBs6_oDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AMtc7m2DCEALqi0iaOjke3C3FvEpQWvK6rTn10n0PXBu&itag=251&source=youtube&requiressl=yes&mh=AA&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnedn7z&ms=au%2Conr&mv=u&mvi=3&pl=52&vprv=1&mime=audio%2Fwebm&ns=zVlZEdAaWEFUgzrxQigq5SAG&gir=yes&clen=2520096&dur=137.621&lmt=1577493199721529&mt=1630318417&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=pptILbwch4baeQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgMxvEHo0r3PpNc5n-4pZUH8kale0dCpMTJG3JFmR9nNYCIEVmy6LtEjZi4bpA8jT9l4_zqPWqqMT1sGe-jfY1uaMZ&alr=yes&sig=AOq0QJ8wRgIhAPJ4_zjHfW7m6RjIort64Mh5NjVnTwqHaJ-aqYiVMO1JAiEAuK8J-1o0sRKvcN3sfwsaD92mFku5LNpZ3G2zZ8R5rhU%3D&cpn=Cc3VTcpXTX0PcuNj&cver=1.20210825.0.1&range=66037-131739&rn=4&rbuf=3323

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fdfdf903bf9242110ba56e33c96effbf64423be7e45bd642834350121286c48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65703
client-protocol: quic
last-modified: Sat, 28 Dec 2019 00:33:19 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Aug 2021 10:18:22 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/528656c7/www-widgetapi.vflset/ Frame 2BD5 125 KB
42 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7a5a53379be40febc32a3991574b89d1f489a3f7ce0593c0203ae5b0b9bdba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://videotag.eb4us.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 09:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42804
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 09:02:21 GMT

GET
H3-29 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v98/ Frame 2BD5 108 KB
108 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v98/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a26885fa790a28741d66db5d23dafe4bf6475cc38f92a5060bed877ab3bb981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://videotag.eb4us.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 23:18:44 GMT
x-content-type-options: nosniff
age: 385178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110212
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 00:49:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 23:18:44 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 207 KB
207 KB 7ms
6ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

456d89844b520a4cfefac5b67300d803dbb558d6ef2fe8fbeecbfb9226835743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212153
client-protocol: quic
last-modified: Sat, 28 Dec 2019 00:49:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 30 Aug 2021 10:18:22 GMT

GET
H2 200 tag.php Show response
videotag.eb4us.com/components/ Frame 2BD5 2 KB
949 B 123ms
122ms XHR
text/html 65.111.191.235
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to

Full URL: https://videotag.eb4us.com/components/tag.php?live=1&tag_id=xOf1ZlK6b4&type=website&title=Hier%20bekomme%20ich%20meine%20Tipps&image_url=https://videotag.eb4us.com/images/std_link.png&href=https://dein-marketing.net&start_time=4&duration=10&x=441&y=417&scale=0.46
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.111.191.235 , United States, ASN15083 (INFOLINK-MIA-, US),
Reverse DNS: webinar.eb4us.com
Software: nginx /
Resource Hash: c6cbf4fe9c877ec33073c3653f1cebc22cd07d1a7743e380339de54fb62bfc01

Request headers

Accept: */*
Referer: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
cache-control: no-cache
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Mon, 30 Aug 2021 10:18:21 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 128 KB
129 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1630340301&ei=bbAsYbqYMJex1wKBs6_oDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AMtc7m2DCEALqi0iaOjke3C3FvEpQWvK6rTn10n0PXBu&itag=251&source=youtube&requiressl=yes&mh=AA&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnedn7z&ms=au%2Conr&mv=u&mvi=3&pl=52&vprv=1&mime=audio%2Fwebm&ns=zVlZEdAaWEFUgzrxQigq5SAG&gir=yes&clen=2520096&dur=137.621&lmt=1577493199721529&mt=1630318417&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=pptILbwch4baeQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgMxvEHo0r3PpNc5n-4pZUH8kale0dCpMTJG3JFmR9nNYCIEVmy6LtEjZi4bpA8jT9l4_zqPWqqMT1sGe-jfY1uaMZ&alr=yes&sig=AOq0QJ8wRgIhAPJ4_zjHfW7m6RjIort64Mh5NjVnTwqHaJ-aqYiVMO1JAiEAuK8J-1o0sRKvcN3sfwsaD92mFku5LNpZ3G2zZ8R5rhU%3D&cpn=Cc3VTcpXTX0PcuNj&cver=1.20210825.0.1&range=131740-263312&rn=6&rbuf=6655

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5804adeb96bd0edaa9e2333ce48570e80b814d60134a6644d0b925c06d2ac65f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131573
client-protocol: quic
last-modified: Sat, 28 Dec 2019 00:33:19 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Aug 2021 10:18:22 GMT

GET
H3-29 200 UlZGQq_Gxfo Show response
www.youtube.com/embed/ Frame 6537 55 KB
23 KB 61ms
60ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b43c2ad14d388fc323cc5b88b85da4bf1f58a2c183a1726d4a688c03a6d6b9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://videotag.eb4us.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=DL9PBKjNj08; VISITOR_INFO1_LIVE=mKE35MV30e0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://videotag.eb4us.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Aug 2021 10:18:22 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+005; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 427 KB
427 KB 7ms
6ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c938dab51b7aea7ae85b4b9f842b96b26440d9ce03e5d267c20751d0c536414f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 437642
client-protocol: quic
last-modified: Sat, 28 Dec 2019 00:49:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 30 Aug 2021 10:18:22 GMT

GET
H2 200 std_link.png
videotag.eb4us.com/images/ Frame 2BD5 25 KB
25 KB 128ms
127ms Image
image/png 65.111.191.235
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videotag.eb4us.com/images/std_link.png
Requested by: Host: videotag.eb4us.com
URL: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.111.191.235 , United States, ASN15083 (INFOLINK-MIA-, US),
Reverse DNS: webinar.eb4us.com
Software: nginx /
Resource Hash: 2dcf0f2d6d532cb46c982d171c8e4e2541d67ae879d2e43d13afe0799570dd38

Request headers

Referer: https://videotag.eb4us.com/player.php?id=6848&secret=aWWrCu5dqE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
last-modified: Fri, 14 Jun 2019 13:12:47 GMT
server: nginx
etag: "5d039d4f-6508"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25864
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 ODelI1aHBYDBqgeIAH2zlNHq-FFgoDNV3GTKpHwuvtI.woff
fonts.gstatic.com/s/sourcesanspro/v9/ Frame 2F49 14 KB
14 KB 7ms
7ms Font
font/woff 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v9/ODelI1aHBYDBqgeIAH2zlNHq-FFgoDNV3GTKpHwuvtI.woff

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8bd573e74e632733b4573270b4dc31de30f7905d3a083f9a474d11a1ad99f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:06:10 GMT
x-content-type-options: nosniff
age: 511932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13964
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:53:32 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:06:10 GMT

GET
H3-29 200 toadOcfmlt9b38dHJxOBGIqjGYJUyOXcBwUQbRaNH6c.woff
fonts.gstatic.com/s/sourcesanspro/v9/ Frame 2F49 13 KB
13 KB 8ms
7ms Font
font/woff 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v9/toadOcfmlt9b38dHJxOBGIqjGYJUyOXcBwUQbRaNH6c.woff

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af9653b027bc5650df35c12c038f015962ccaf0ae7955d248880ec12c3907b84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:25:28 GMT
x-content-type-options: nosniff
age: 503574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13688
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:51:25 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:25:28 GMT

GET
H3-29 200 r_tUZNl0G8xCoOmp_JkSCqRDOzjiPcYnFooOUGCOsRk.woff
fonts.gstatic.com/s/comfortaa/v7/ Frame 2F49 22 KB
22 KB 8ms
8ms Font
font/woff 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v7/r_tUZNl0G8xCoOmp_JkSCqRDOzjiPcYnFooOUGCOsRk.woff

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9024cae56ae14d502fda040db250f70c5b04ccaa7ade5910b86065859543959a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:47:26 GMT
x-content-type-options: nosniff
age: 444656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22892
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 14:49:41 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 06:47:26 GMT

GET
H3-29 200 fND5XPYKrF2tQDwwfWZJI6RDOzjiPcYnFooOUGCOsRk.woff
fonts.gstatic.com/s/comfortaa/v7/ Frame 2F49 20 KB
20 KB 10ms
10ms Font
font/woff 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v7/fND5XPYKrF2tQDwwfWZJI6RDOzjiPcYnFooOUGCOsRk.woff

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5626adf4f1517456778a712d2100b11acc242acdde4068eb39585bea677f6a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:20:03 GMT
x-content-type-options: nosniff
age: 503899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20756
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 14:57:30 GMT
server: sffe
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:20:03 GMT

GET
H3-29 200 dFa6ZfeM_74wlPZtksIFajo6_V6LVlA.woff2
fonts.gstatic.com/s/zillaslab/v4/ Frame 2F49 15 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v4/dFa6ZfeM_74wlPZtksIFajo6_V6LVlA.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8557157acdb4702ef3f3b238d6337fbc17a05ed2a03ba7a4125c6467ac1bfbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:04:26 GMT
x-content-type-options: nosniff
age: 170036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15076
x-xss-protection: 0
last-modified: Tue, 15 Jan 2019 20:00:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:04:26 GMT

GET
H3-29 200 dFa5ZfeM_74wlPZtksIFYoEf6HOpW3pwfa0.woff2
fonts.gstatic.com/s/zillaslab/v4/ Frame 2F49 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v4/dFa5ZfeM_74wlPZtksIFYoEf6HOpW3pwfa0.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80faeaa4ef41addafb3040450f0ddbc9985524bfa441d57f5a26ed769d06dc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 20:40:54 GMT
x-content-type-options: nosniff
age: 394648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14980
x-xss-protection: 0
last-modified: Tue, 15 Jan 2019 19:57:41 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:40:54 GMT

GET
H3-29 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2lv0tKk.woff2
fonts.gstatic.com/s/barlowcondensed/v3/ Frame 2F49 13 KB
13 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v3/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2lv0tKk.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

962fdc4774ca0e95f0e3c3f9a413e44975f324371509f9d55dbe47a4cf420f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:20:57 GMT
x-content-type-options: nosniff
age: 511045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13140
x-xss-protection: 0
last-modified: Tue, 15 Jan 2019 19:58:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:20:57 GMT

GET
H3-29 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuYMBYro.woff2
fonts.gstatic.com/s/barlowcondensed/v3/ Frame 2F49 13 KB
13 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v3/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuYMBYro.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca2992d354532013b78f5db40ac0f65a9f6fb83343b43a7cbb066cc52c9b24c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:44:26 GMT
x-content-type-options: nosniff
age: 480836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13320
x-xss-protection: 0
last-modified: Tue, 15 Jan 2019 19:59:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 20:44:26 GMT

GET
H3-29 200 wEO8EBXBk8hBIDi0cgwge9gH1A.woff2
fonts.gstatic.com/s/barrio/v4/ Frame 2F49 26 KB
26 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barrio/v4/wEO8EBXBk8hBIDi0cgwge9gH1A.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21c8811b1468c95cb212e2f141c5bfe21b3c53715b2072d39f794f06618be8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:20:03 GMT
x-content-type-options: nosniff
age: 503899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26348
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:20:03 GMT

GET
H3-29 200 pe0qMImKOZ1V62ZwbVY9dce9I9tAcVwo.woff2
fonts.gstatic.com/s/vastshadow/v9/ Frame 2F49 22 KB
22 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vastshadow/v9/pe0qMImKOZ1V62ZwbVY9dce9I9tAcVwo.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3ea3ac6e0560bfceb046512e110fc150b5759303648578053ee0f576bde2c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 19:38:27 GMT
x-content-type-options: nosniff
age: 398395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22900
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:44:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 19:38:27 GMT

GET
H3-29 200 AYCSpXb_Z9EORv1M5QTjEzMEteaAxILtbKR5.woff2
fonts.gstatic.com/s/bubblegumsans/v8/ Frame 2F49 14 KB
14 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bubblegumsans/v8/AYCSpXb_Z9EORv1M5QTjEzMEteaAxILtbKR5.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d2936766c964651576ddedb0eb52a7bc8550cc29dd79ffd5946f84a7605c2fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:42:28 GMT
x-content-type-options: nosniff
age: 509754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14180
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:42:28 GMT

GET
H3-29 200 QGYpz_kZZAGCONcK2A4bGOj8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/cabinsketch/v13/ Frame 2F49 77 KB
77 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabinsketch/v13/QGYpz_kZZAGCONcK2A4bGOj8mNhNy_r-Kw.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fc083085e3850c0ac0553b832d7e51969c45a8b6c6db5a8ba4f7031d29d8e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 07:17:14 GMT
x-content-type-options: nosniff
age: 97268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78364
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:36:58 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 07:17:14 GMT

GET
H3-29 200 QGY2z_kZZAGCONcK2A4bGOj0I_1Y5tjzAYOcFg.woff2
fonts.gstatic.com/s/cabinsketch/v13/ Frame 2F49 132 KB
132 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabinsketch/v13/QGY2z_kZZAGCONcK2A4bGOj0I_1Y5tjzAYOcFg.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45b79f62808da54f211530659c30974e1dd6450a044ec4b84f71a0801e706bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 06:57:50 GMT
x-content-type-options: nosniff
age: 444032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134896
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:34:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 06:57:50 GMT

GET
H3-29 200 k3kUo8kEI-tA1RRcTZGmTlHGCaen8wf-.woff2
fonts.gstatic.com/s/fredokaone/v7/ Frame 2F49 15 KB
15 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fredokaone/v7/k3kUo8kEI-tA1RRcTZGmTlHGCaen8wf-.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92d8a6ee13c7e1df306a1ccfb7809c9ef0bd9117926b7195a7f54147cdad3e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:44:14 GMT
x-content-type-options: nosniff
age: 513248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15516
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:01:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 11:44:14 GMT

GET
H3-29 200 46kulbz5WjvLqJZVam_hVUdI1w.woff2
fonts.gstatic.com/s/megrim/v10/ Frame 2F49 6 KB
6 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/megrim/v10/46kulbz5WjvLqJZVam_hVUdI1w.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45be5c616704303cdd6546fd1f2e5f71b18dfac615b535443f50e0cfe6c107df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 15:07:01 GMT
x-content-type-options: nosniff
age: 501081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6284
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 02:45:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 15:07:01 GMT

GET
H3-29 200 5h1aiZUrOngCibe4TkHLQka4BU4.woff2
fonts.gstatic.com/s/monoton/v9/ Frame 2F49 16 KB
16 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/monoton/v9/5h1aiZUrOngCibe4TkHLQka4BU4.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f6bb25768f5754f22440d9d66a609377a33e591156dfbb37036396696965c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:18:13 GMT
x-content-type-options: nosniff
age: 511209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16492
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:42:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:18:13 GMT

GET
H3-29 200 1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsXy6KHHg.woff2
fonts.gstatic.com/s/juliussansone/v8/ Frame 2F49 10 KB
10 KB 26ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/juliussansone/v8/1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsXy6KHHg.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511bbb89cd1a265e908f14eacfc3df40ea6946b1a396994e2283cf6c3191f323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:41:04 GMT
x-content-type-options: nosniff
age: 358638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10640
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:53:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 06:41:04 GMT

GET
H3-29 200 9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--SjxbcHcQ2K.woff2
fonts.gstatic.com/s/frederickathegreat/v8/ Frame 2F49 199 KB
199 KB 27ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frederickathegreat/v8/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--SjxbcHcQ2K.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30780e109114a59be999d1283a3b04d0a0001b4cd3bcfd22eef0fe67072ae7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:20:03 GMT
x-content-type-options: nosniff
age: 503899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203420
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 02:57:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:20:03 GMT

GET
H3-29 200 cY9GfjGcW0FPpi-tWMfN79z4i6BH.woff2
fonts.gstatic.com/s/pangolin/v5/ Frame 2F49 37 KB
37 KB 22ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pangolin/v5/cY9GfjGcW0FPpi-tWMfN79z4i6BH.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f92219d54e009a45d88770fdbac4a291c05ff3555560558c33dd7f83875f8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 09:00:47 GMT
x-content-type-options: nosniff
age: 177455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38144
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 02:48:47 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 09:00:47 GMT

GET
H3-29 200 UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD55TecYQ.woff2
fonts.gstatic.com/s/shadowsintolight/v8/ Frame 2F49 16 KB
16 KB 19ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shadowsintolight/v8/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD55TecYQ.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08779ea8ea4bab16a0834b186ea300c23881937a93945778efd3511e8b787fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:30:41 GMT
x-content-type-options: nosniff
age: 488861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15988
x-xss-protection: 0
last-modified: Tue, 19 Feb 2019 22:39:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 18:30:41 GMT

GET
H3-29 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v13/ Frame 2F49 13 KB
13 KB 20ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v13/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 02:29:52 GMT
x-content-type-options: nosniff
age: 373710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13428
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 02:29:52 GMT

GET
H3-29 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v13/ Frame 2F49 13 KB
13 KB 19ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v13/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:51:06 GMT
x-content-type-options: nosniff
age: 484036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 19:51:06 GMT

GET
H3-29 200 HhyaU5sn9vOmLzloC_WoEoZK.woff2
fonts.gstatic.com/s/dosis/v8/ Frame 2F49 14 KB
14 KB 19ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v8/HhyaU5sn9vOmLzloC_WoEoZK.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d568385e79e3cc5c068f85d94ff786f2eee12432cd2110145ca58ba173bbb31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 15:07:01 GMT
x-content-type-options: nosniff
age: 501081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14012
x-xss-protection: 0
last-modified: Tue, 19 Feb 2019 22:41:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 15:07:01 GMT

GET
H3-29 200 HhyXU5sn9vOmLzHTLuCFMItgT7kJ.woff2
fonts.gstatic.com/s/dosis/v8/ Frame 2F49 14 KB
14 KB 18ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v8/HhyXU5sn9vOmLzHTLuCFMItgT7kJ.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a485eee2132607b09b57131d88965f47cbd2ca80bf444703050b32e6d70d5fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:12:53 GMT
x-content-type-options: nosniff
age: 486329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14120
x-xss-protection: 0
last-modified: Tue, 19 Feb 2019 22:42:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 19:12:53 GMT

GET
H3-29 200 PN_xRfK0pW_9e1rdZsg_rz7b_g.woff2
fonts.gstatic.com/s/delius/v9/ Frame 2F49 16 KB
16 KB 18ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/delius/v9/PN_xRfK0pW_9e1rdZsg_rz7b_g.woff2

Requested by

Host: share.mindmanager.com
URL: https://share.mindmanager.com/css/app.min.css?v=5.4.100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

362683fa1d9e01688f73f42c6eaf61d660984ed95897097f2f5e8e9e7e71b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://share.mindmanager.com
Referer: https://share.mindmanager.com/css/app.min.css?v=5.4.100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 10:13:21 GMT
x-content-type-options: nosniff
age: 518701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16776
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 02:48:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 10:13:21 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/528656c7/ Frame 6537 328 KB
45 KB 7ms
5ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c078314a86a672618d86d4f82ac05c5de9fd0c4761a411f762b4609a54d5f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 12:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 164748
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46217
x-xss-protection: 0
expires: Sun, 28 Aug 2022 12:32:34 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/528656c7/www-embed-player.vflset/ Frame 6537 193 KB
64 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b94653f1c7dfbf7e217387d8551ded7227ec76cc0874097622f354cbf0c6c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 140981
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65344
x-xss-protection: 0
expires: Sun, 28 Aug 2022 19:08:41 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame 6537 2 MB
498 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aff7ee8e719e5bd3bd5bd4df69d236787d750bbf9d9786b68fa1298b42065e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 321206
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510079
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/ Frame 6537 8 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 321251
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6537 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:18:02 GMT
x-content-type-options: nosniff
age: 489620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 18:18:02 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6537
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

15ms
14ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf6fd24f30ba96f28734d50d452cb2e4a1c82e7dd0a5b819c4581ac19ff7eeb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Aug 2021 10:18:22 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6537 29 B
91 B 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:12:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 324
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 30 Aug 2021 10:27:58 GMT

GET
H2 200 u7VSrL2vzvCSHp-xGnQw7TgH-M4lvADc4CuUaJueRfA.js Show response
www.google.com/js/th/ Frame 6537 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/u7VSrL2vzvCSHp-xGnQw7TgH-M4lvADc4CuUaJueRfA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbb552acbdafcef0921e9fb11a7430ed3807f8ce25bc00dce02b94689b9e45f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 16:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 16:46:32 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/ Frame 6537 24 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85fb5079e16d13b344437f48d856c37aeddfb16f50a139f3520821a6eeed670f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 321206
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7286
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:04:56 GMT

GET
DATA 200
OK truncated
/ Frame 6537 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRQn1RkdysLABCT20seT8DQzuGnlaCINCFRY0DJ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6537 2 KB
2 KB 146ms
145ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRQn1RkdysLABCT20seT8DQzuGnlaCINCFRY0DJ=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e6186d6251812841bfbc097d3eda435496f95062251e3ee300950eea40bcb8d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v241"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1973
x-xss-protection: 0
expires: Tue, 31 Aug 2021 10:18:22 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/UlZGQq_Gxfo/ Frame 6537 111 KB
111 KB 45ms
43ms Image
image/webp 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/UlZGQq_Gxfo/maxresdefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea220a70992f0ddada0cba676a91dda29d29b5dbe4082c534d7cd01fb46e89bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113544
x-xss-protection: 0
expires: Mon, 30 Aug 2021 12:18:22 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 6537 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?V74AHQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 2700563.jpeg
storage.builderall.com/franquias/2/181114/editor-html/ 51 KB
51 KB 27ms
26ms Image
image/jpeg 2606:4700:10::6816:31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage.builderall.com/franquias/2/181114/editor-html/2700563.jpeg

Requested by

Host: hallo.post-dein-marketing.de
URL: https://hallo.post-dein-marketing.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71267f1da5682ea862db9681b08018bc06eae955c55379cee69a439fc46944bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Frame-Options	ALLOW

Request headers

Referer: https://hallo.post-dein-marketing.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:23 GMT
cf-cache-status: HIT
age: 9687
cf-polished: origSize=54699
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 52407
last-modified: Fri, 25 Jan 2019 23:12:11 GMT
server: cloudflare
x-frame-options: ALLOW
etag: "5c4b97cb-d5ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 30 Aug 2022 07:36:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 686d46586cd74414-FRA
access-control-allow-headers: *
cf-bgj: imgq:100,h2pri

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B16D 28 B
197 B 22ms
21ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgttS0UzNU1WMzBlMCjt4LKJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630318701641&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C474%2C267&vis=1&wgl=true&ca_type=image&bid=ANyPxKqJamXkiE9QwTRtPmiw4bZRcKQdEYK3jO5UEC_NFSwizByP4kWFQJBofiJXpp3RDHPpZsY1get-wcWdR8xcrjf8sFK_EA

Response headers

date: Mon, 30 Aug 2021 10:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 30 Aug 2021 10:18:23 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6537 28 B
55 B 22ms
21ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/UlZGQq_Gxfo?color=white&controls=0&autoplay=0&disablekb=1&modestbranding=1&rel=0&playsinline=1&widget_referrer=https%3A%2F%2Fhallo.post-dein-marketing.de%2F&enablejsapi=1&origin=https%3A%2F%2Fvideotag.eb4us.com&widgetid=1
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgttS0UzNU1WMzBlMCju4LKJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630318702777&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1280%2C720&vis=1&wgl=true&ca_type=image&bid=ANyPxKqePzYTCrnMhrn7MfBLtgykYlyMQAfP8_V_ET6vM-UK1Fggl-AyR7U6EvYGlloRnmLUJtrZDtV2hxnKKiYdSz86LKvieg

Response headers

date: Mon, 30 Aug 2021 10:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 30 Aug 2021 10:18:24 GMT

POST
H2 204 qoe Show response
www.youtube.com/api/stats/ Frame B16D 0
56 B 14ms
14ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=Cc3VTcpXTX0PcuNj&ei=bbAsYbqYMJex1wKBs6_oDQ&el=embedded&docid=_2u-ZpBIHVE&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064677%2C24065682%2C24080738%2C24082662%2C24084197%2C24090769&cl=393130916&seq=2&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210825.0.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&cmt=0.164:0.000,10.006:0.000&vps=0.164:N&ctmp=dompaused:t.164;promise;m.NotAllowedError&bwm=10.006:1116077:0.286&bwe=10.006:2560759&bat=10.006:1:1&bh=10.006:13.161&df=10.006:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_2u-ZpBIHVE?&playlist=_2u-ZpBIHVE&loop=1&autoplay=1&mute=0&controls=0&start=0&end=0
X-YouTube-Client-Version: 1.20210825.0.1
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1630318701694&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C474%2C267&vis=1&wgl=true&ca_type=image&bid=ANyPxKqJamXkiE9QwTRtPmiw4bZRcKQdEYK3jO5UEC_NFSwizByP4kWFQJBofiJXpp3RDHPpZsY1get-wcWdR8xcrjf8sFK_EA

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 10:18:31 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 257 KB
258 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1630340301&ei=bbAsYbqYMJex1wKBs6_oDQ&ip=2a01%3A4f8%3A121%3A131a%3A%3A2&id=o-AMtc7m2DCEALqi0iaOjke3C3FvEpQWvK6rTn10n0PXBu&itag=251&source=youtube&requiressl=yes&mh=AA&mm=31%2C26&mn=sn-4g5e6nzz%2Csn-5hnedn7z&ms=au%2Conr&mv=u&mvi=3&pl=52&vprv=1&mime=audio%2Fwebm&ns=zVlZEdAaWEFUgzrxQigq5SAG&gir=yes&clen=2520096&dur=137.621&lmt=1577493199721529&mt=1630318417&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=pptILbwch4baeQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgMxvEHo0r3PpNc5n-4pZUH8kale0dCpMTJG3JFmR9nNYCIEVmy6LtEjZi4bpA8jT9l4_zqPWqqMT1sGe-jfY1uaMZ&alr=yes&sig=AOq0QJ8wRgIhAPJ4_zjHfW7m6RjIort64Mh5NjVnTwqHaJ-aqYiVMO1JAiEAuK8J-1o0sRKvcN3sfwsaD92mFku5LNpZ3G2zZ8R5rhU%3D&cpn=Cc3VTcpXTX0PcuNj&cver=1.20210825.0.1&range=263313-526887&rn=8&rbuf=13332

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5c9114624e01afd30ea9a846f14fece0aa81fc9dd2cd64f706852ddbc860f7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 10:18:31 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 263575
Last-Modified: Sat, 28 Dec 2019 00:33:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21290
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 30 Aug 2021 10:18:31 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzz.googlevideo.com/ Frame B16D 991 KB
991 KB 7ms
6ms XHR
video/webm 2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/528656c7/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

19015a6503c8794049e2e2a79ccd2b51c1d85e1b53b35e8f58c1ed2912ef8c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 10:18:33 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1015134
client-protocol: quic
last-modified: Sat, 28 Dec 2019 00:49:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21288
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 30 Aug 2021 10:18:33 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://hallo.post-dein-marketing.de/js/app.801a8f3a.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://hallo.post-dein-marketing.de/js/app.801a8f3a.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://hallo.post-dein-marketing.de/js/app.801a8f3a.js(Line 1) Message: TypeError: Cannot read property 'removeItem' of null
console-api	error	URL: https://hallo.post-dein-marketing.de/js/chunk-vendors.24418182.js(Line 63) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://hallo.post-dein-marketing.de/js/app.801a8f3a.js(Line 1) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
builderall.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cheetah-api.builderall.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hallo.post-dein-marketing.de
i.ytimg.com
r3---sn-4g5e6nzz.googlevideo.com
share.mindmanager.com
static.doubleclick.net
storage.builderall.com
videotag.eb4us.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
185.225.208.56
2001:4de0:ac18::1:a:1b
2606:4700:10::6816:31d
2606:4700:10::ac43:1c9e
2606:4700::6810:135e
2a00:1450:4001:1::8
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:828::2016
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2016
2a04:4e42:3::485
35.158.148.11
65.111.191.235
00a335a6d2dc355cd6103a0e0a3cd4cecf79a696f7e4cae54c52557a22658521
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
08779ea8ea4bab16a0834b186ea300c23881937a93945778efd3511e8b787fbd
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0e1a20513a8f85dbb809c02c1eb7a5eb3e1793a4f9f91bf187d367eedf8a2479
0e1f2037a61532d22c2a0d5517c3b738a63db179ad42350c395694308feae083
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19015a6503c8794049e2e2a79ccd2b51c1d85e1b53b35e8f58c1ed2912ef8c2c
1d2936766c964651576ddedb0eb52a7bc8550cc29dd79ffd5946f84a7605c2fd
1efb7788a91a3ed10ee780a295e238b1f87cf96877e937385155b987bd2f6362
1f8361895e5a7405efe980b5dd1ba4dcdffdbfabfb895af4fe675f54786dec72
1fc083085e3850c0ac0553b832d7e51969c45a8b6c6db5a8ba4f7031d29d8e7c
21c8811b1468c95cb212e2f141c5bfe21b3c53715b2072d39f794f06618be8c3
2dcf0f2d6d532cb46c982d171c8e4e2541d67ae879d2e43d13afe0799570dd38
2de2995f3ce253c1b5c79cf9a9b895a8b53b5c48efeee38c91a8cbd2cacdb4f5
2f3404a162a8ae232ef1b42c010f1f545a18448ee6766af0b2c9878fb01c5bdf
30780e109114a59be999d1283a3b04d0a0001b4cd3bcfd22eef0fe67072ae7ce
3231b8fcd1ad30432e713f1cdbc02e6bd5bde6746239a2073658673148a2c73e
340c8177b54d8fff23a21d737c2624ae42b15feaff4bb015ac5016432f018b02
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
362683fa1d9e01688f73f42c6eaf61d660984ed95897097f2f5e8e9e7e71b6e4
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f6bb25768f5754f22440d9d66a609377a33e591156dfbb37036396696965c76
40192950a7f48e9139767e6126c892ee879f9e5ceedb270758186692586991bc
456d89844b520a4cfefac5b67300d803dbb558d6ef2fe8fbeecbfb9226835743
4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01
45be5c616704303cdd6546fd1f2e5f71b18dfac615b535443f50e0cfe6c107df
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
479b481f3194d52b3657389a63a11a2347803230283bb502fa0a944c18c61304
4c078314a86a672618d86d4f82ac05c5de9fd0c4761a411f762b4609a54d5f94
4f35c47fbfa1b7888cf0ea835b7645374e269a99e9f0eadc5b688d4da338471e
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f92219d54e009a45d88770fdbac4a291c05ff3555560558c33dd7f83875f8d6
4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd
510777961141274a168ff535aec1454572b8f975a4c0a3cfa2618ce20f3182ff
511bbb89cd1a265e908f14eacfc3df40ea6946b1a396994e2283cf6c3191f323
526775e99130d1123d2816741643db599ce31f31a253be5a7068c88a2389d301
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
5626adf4f1517456778a712d2100b11acc242acdde4068eb39585bea677f6a97
5804adeb96bd0edaa9e2333ce48570e80b814d60134a6644d0b925c06d2ac65f
5a26885fa790a28741d66db5d23dafe4bf6475cc38f92a5060bed877ab3bb981
5b94653f1c7dfbf7e217387d8551ded7227ec76cc0874097622f354cbf0c6c4b
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5c9114624e01afd30ea9a846f14fece0aa81fc9dd2cd64f706852ddbc860f7f7
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bd2af0dc8ea4fe6f76eccadb4583e52acb09d9a524113f7fe78a4a992dc165f
6e509e7ab494c7466e68d4f8662b32b4c965bd8e47c10785760b51932ec8f91a
70038b4e44057ef135c02813f11b9a67fd73e9e2f7ddd97c576169531f704821
71267f1da5682ea862db9681b08018bc06eae955c55379cee69a439fc46944bf
7b3a94c5e1197288010e63264b88b583f9fb571dff862a797d0d416653a47664
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7fa266540ceea1416fe8218d9cbff2f76134ef6c9de4561354d5cab0cd048d4a
80faeaa4ef41addafb3040450f0ddbc9985524bfa441d57f5a26ed769d06dc7c
8557157acdb4702ef3f3b238d6337fbc17a05ed2a03ba7a4125c6467ac1bfbc7
85fb5079e16d13b344437f48d856c37aeddfb16f50a139f3520821a6eeed670f
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
88657838a7c1595fd358051dceb1619cd44afa923c22ee397420d677fb5cf196
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
8ce3fd8ec6d91c6c517e68f83d5c03d712028840cdc5d52f102a0cfea33b7e08
8ddc7dbeae325fa6792bf32c33f05aa87627770cf255e0c554962c4c6a35a2e2
8e1fdb077ce4750084871daea443f7db5e10891c0b6262c3bc31be6cd8de0e92
9024cae56ae14d502fda040db250f70c5b04ccaa7ade5910b86065859543959a
92d8a6ee13c7e1df306a1ccfb7809c9ef0bd9117926b7195a7f54147cdad3e29
962fdc4774ca0e95f0e3c3f9a413e44975f324371509f9d55dbe47a4cf420f27
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9aff7ee8e719e5bd3bd5bd4df69d236787d750bbf9d9786b68fa1298b42065e2
9b5fd6a737b49673b495204053c9f8ed60706961de775be3e6a927589d77db64
9b81e8e5c2899f8b9fd2e888b8b8f37dd7dc32b59e34cffb0fc2db55d8df773b
a3b59ef65e3c0806047d8e2624ea51ef274b27b2911ecc633b7d7aa54bc1cf94
a485eee2132607b09b57131d88965f47cbd2ca80bf444703050b32e6d70d5fad
af9653b027bc5650df35c12c038f015962ccaf0ae7955d248880ec12c3907b84
b1714309247d278abe259a2d281077dc932a593332f9f8e2c08be3b73c4abc37
b43c2ad14d388fc323cc5b88b85da4bf1f58a2c183a1726d4a688c03a6d6b9e8
bb3ac9ed197fe549eb9ae042bfc6bbe1c3aeba639e0095ece8210b58f30711aa
bb3b0f946522971d37e0f063fc1335102c7db9936874782fcf2a5a3eca90059b
bbb552acbdafcef0921e9fb11a7430ed3807f8ce25bc00dce02b94689b9e45f0
c6cbf4fe9c877ec33073c3653f1cebc22cd07d1a7743e380339de54fb62bfc01
c7eea8daf840b0cddd393b01340c8550fc46b6c23777f4007bce8d78ce949f6f
c8bd573e74e632733b4573270b4dc31de30f7905d3a083f9a474d11a1ad99f12
c938dab51b7aea7ae85b4b9f842b96b26440d9ce03e5d267c20751d0c536414f
ca2992d354532013b78f5db40ac0f65a9f6fb83343b43a7cbb066cc52c9b24c1
ca4519debaef9ff5c2c7b275b324238949277ced2b03bd6fea48dca99cee3d3b
cf6fd24f30ba96f28734d50d452cb2e4a1c82e7dd0a5b819c4581ac19ff7eeb7
d36cb790c7849529cddd977ff22c106a28b14cbd45e7e57577d45ba85e1ee49f
d568385e79e3cc5c068f85d94ff786f2eee12432cd2110145ca58ba173bbb31a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d91af069f1a11274f4829efbfe690b98a467ed49263e2248d172b81c464f15bd
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea3ac6e0560bfceb046512e110fc150b5759303648578053ee0f576bde2c44
e6186d6251812841bfbc097d3eda435496f95062251e3ee300950eea40bcb8d5
ea220a70992f0ddada0cba676a91dda29d29b5dbe4082c534d7cd01fb46e89bc
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f45b79f62808da54f211530659c30974e1dd6450a044ec4b84f71a0801e706bb
f563ab3983dee03afcb37022f065a4cdbb1256fa33a23b148d0d352379a7432b
f6e08420aa35080490e6176044662a4320eaee6c69208a7de261f0b1e9ee2bf4
f7a5a53379be40febc32a3991574b89d1f489a3f7ce0593c0203ae5b0b9bdba0
faa5031ec3068e5e35508201a5108ae4ab7ff3389a205fe528f5a0f0c403346b
fdfdf903bf9242110ba56e33c96effbf64423be7e45bd642834350121286c48c

hallo.post-dein-marketing.de Open in urlscan Pro 185.225.208.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

100 %HTTPS

87 %IPv6

15 Domains

20 Subdomains

23 IPs

3 Countries

8012 kBTransfer

19045 kBSize

0 Cookies

0 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hallo.post-dein-marketing.de Open in urlscan Pro
185.225.208.56 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

100 %
HTTPS

87 %
IPv6

15
Domains

20
Subdomains

23
IPs

3
Countries

8012 kB
Transfer

19045 kB
Size

0
Cookies

130 HTTP transactions
2 data transactions