helden.de Open in urlscan Pro
2606:4700:10::6816:4c41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bossaa.pl/
Effective URL:
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Submission: On February 07 via manual (February 7th 2022, 2:18:42 pm UTC) from PL — Scanned from DE

Summary HTTP 192 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 20 domains to perform 192 HTTP transactions. The main IP is 2606:4700:10::6816:4c41, located in United States and belongs to CLOUDFLARENET, US. The main domain is helden.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time helden.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.242 103.224.182.242	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:4700:20:... 2606:4700:20::681a:a29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
87	2606:4700:10:... 2606:4700:10::6816:4c41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	34.102.224.29 34.102.224.29	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	143.204.215.12 143.204.215.12	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	108.156.255.177 108.156.255.177	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 2	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
4	54.147.21.139 54.147.21.139	() ()
2	50.16.7.188 50.16.7.188	() ()
1	143.204.215.111 143.204.215.111	() ()
192	21

1 103.224.182.242 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com

bossaa.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a29 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

haftpflichthelden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 2606:4700:10::6816:4c41 (United States)

ASN13335 (CLOUDFLARENET, US)

helden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.224.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.224.102.34.bc.googleusercontent.com

images.provenexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

w.likebtn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.215.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-12.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.38.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.147.21.139 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.111 (None, )

ASN- ()

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	helden.de helden.de	2 MB
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 5914	751 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	443 KB
6	drift.com metrics.api.drift.com bootstrap.api.drift.com	433 B
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	14 KB
5	1redirb.com 1 redirects 1redirb.com — Cisco Umbrella Rank: 552700	8 KB
4	google.com www.google.com — Cisco Umbrella Rank: 13	38 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 281 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565	9 KB
2	likebtn.com w.likebtn.com — Cisco Umbrella Rank: 101295	62 KB
2	lookandfind.me lookandfind.me	1 KB
1	driftcdn.com embeds.driftcdn.com	5 KB
1	t.co t.co — Cisco Umbrella Rank: 487	338 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 537	458 B
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 16617	676 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 630	6 KB
1	provenexpert.com images.provenexpert.com — Cisco Umbrella Rank: 243479	14 KB
1	haftpflichthelden.de 1 redirects haftpflichthelden.de	554 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14385	750 B
1	clever-redirect.com 1 redirects clever-redirect.com	437 B
1	bossaa.pl 1 redirects bossaa.pl	1 KB
192	20

	Domain	Requested by
87	helden.de	lookandfind.me helden.de
64	js.driftt.com	helden.de js.driftt.com
6	fonts.gstatic.com	fonts.googleapis.com
5	1redirb.com	1 redirects 1redirb.com
4	metrics.api.drift.com	js.driftt.com
4	www.google.com	helden.de www.gstatic.com
4	fonts.googleapis.com	helden.de
3	www.gstatic.com	www.google.com
2	bootstrap.api.drift.com	js.driftt.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	w.likebtn.com	helden.de w.likebtn.com
2	ajax.googleapis.com	helden.de
2	lookandfind.me	1redirb.com
1	embeds.driftcdn.com	js.driftt.com
1	t.co	helden.de
1	analytics.twitter.com	static.ads-twitter.com
1	ipapi.co	helden.de
1	c.amazon-adsystem.com	helden.de
1	static.ads-twitter.com	helden.de
1	images.provenexpert.com	helden.de
1	haftpflichthelden.de	1 redirects
1	www.awin1.com	1 redirects
1	clever-redirect.com	1 redirects
1	bossaa.pl	1 redirects
192	24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.pinterest.de
my.helden.de
www.provenexpert.com
twitter.com
www.linkedin.com
www.xing.com
themeforest.net
acoda.com

Subject Issuer	Validity	Valid
lookandfind.me R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
developer.provenexpert.com GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-01-30` - `2022-12-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Frame ID: 3C49CA3C0CDE437F0013E3F27A5F5004
Requests: 117 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644243518167&dcc=t
Frame ID: 850FC01F193F5625468BFBDF6B17FE2A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=lzh3ljr1kva8
Frame ID: 46082B6EA0DE2963B391F25CC01DDC0F
Requests: 5 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
Frame ID: 84809F6452EE8B112B39C4BC09AB6231
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
Frame ID: ED5067484A894E7AB994055C2E11572C
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🥇Premiumschutz für deinen Lifestyle // helden.decockadecloud-miningmagnifierspaceshiptime-machineb-love

Page URL History Show full URLs

https://bossaa.pl/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofa... Page URL
http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D16368... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1636892725&sid=20220208011834739244b22e837cef7b HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%... Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=19859fdf63a4142d827bf611f001755c&pref2=DE HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d1... HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d1... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

192
Requests

98 %
HTTPS

38 %
IPv6

20
Domains

24
Subdomains

21
IPs

4
Countries

3471 kB
Transfer

7655 kB
Size

19
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/helden.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helden.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4A1U61t-ttoV0amitX3ERw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/helden_de/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://my.helden.de/
Title: Login

Search URL Search Domain Scan URL

URL: https://my.helden.de/signup
Title: ABSCHLIESSEN

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/?utm_source=Widget&utm_medium=Widget&utm_campaign=Widget

Search URL Search Domain Scan URL

URL: https://twitter.com/heldende_

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/helden-de/

Search URL Search Domain Scan URL

URL: https://www.xing.com/pages/helden-de

Search URL Search Domain Scan URL

URL: http://themeforest.net/item/you-multipurpose-responsive-wordpress-theme/15175900?ref=-ACODA-
Title: You WordPress Theme

Search URL Search Domain Scan URL

URL: http://acoda.com/
Title: Acoda

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/
Title: Insurance Hero GmbH Versicherungen Anonym hat 4,84 von 5 Sternen 400 Bewertungen auf ProvenExpert.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bossaa.pl/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d Page URL
http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1636892725%26sid%3D20220208011834739244b22e837cef7b&s=j&enc=d0dkZlFXeGttOXBERnRhRDlhSndmWDQ5Zmt4cVEySlBSbFZtSzBaTVJXdHlkMFpyV1U1UVUwdFZWMlJyS3pONFl6aEphMEZSU2k5clEwbG1TVFJWVUM5aFVVczNaakJTYjFKWlExUkxVSHBhVlRCME5rRjVZMm80WlRGbk9HTjBaa1ZSUmpKV1YwSnJXVVZRUW5vNWVFaDVaSHB6ZFZsaVRXUlBlV3AyTVZvemQzbEhaMmMxVFhKVldrNTNkV1IwVjFOcmR6VmFhRFI0V0ZkcE5GVkJaamsxY1dkamQwVTRNbFIxU0haQ1drUkJLMm9yVDBGdFYyZDFkRTV6ZVhaVk9WSlVWM0ZzYVdWbWIzUjVlbmxIYjJ4U2NFMW5RMEZJTmpaR2NFVXdVVkl2UjNFMVJrczVlazkyY0Zod2VESnVaMjlFV0ZvNGVIcGpValZNV0RCeFF6QkJaek5DYmpoak16RjROR0UzUWxaV2Ewd3lVR1JsWmtrMlUzRXlielZrV1ZsNU56ZzVVakprZW5Od2RIVkxja3NyVjBwRk9VWlZSR1ZYTmtkc1NEbEJaV2RoTm05RmJuVnlTbFF3Y0RKR1dVeExObTlxYkRaQ1duUlRjemt2TlV0ck1VMVlURTVQTkVKMmVYTkhPWGNyT1VGWlRUZGhObmM0WVRCTk1UaEpWbWRQY1d4U2JuVjJNRU5PTWk4MldFaFFlRU5uUTNvMFIyaEtOMDV1YUd0NU0wa3JkVWN5UW5GTFNWWjJlRGR6WmxKTWNsaHNOR0V4YWtOc1J6WjBVR3hGTHprdmJtMUlSVkJOV0VsNGEzUjNWRFo2VFM5bk1sbGFRV0V2TDNwbVVYcEZXWG8zU0N0dFowcFJkWEU0ZVZOWWEwNDBjRGxyVWxWMmQwOUNMMHN6T0VSeGJHOXhhM05IUVVnek5XcEtObXgzTWpORVVucHRjQ3RrTUdGMU1XczJabXRzY2pCUVZsaDJRV2xJYmpOVFVXUXJjaXMwWTNacVVHaHFTMlZVSzFscWNIVlpha2hOTjI5SFIycERhRzh5YTB4aWFuUnNZV2xtTjJsMVUyOXlRVlpUZFZrd05qUnlUVXh6WVZjNU9WSkRRMFpaZVRGR1pGTldkREJYZEhaMldWVm1hRVJSUzBOVFVIVkdVbW80T1ZaWlNFUkJSVTlXTW1oWWRFZEZWamwwVm5rMVMwcGpVV3htT0c1SGJ6WjFja0p1Vms5bFNYbDRTMFJGTjNaYWNWSlFUVEIzWldwcE16Rkxaa3BvZGtReFZHTXdNakpZY1RWSGIzaG9OMEp2T1V0NGEzaFllV2MwZDIxR1pWbEpNWFJEWWl0dllVaHVaVVJoVFRsU1JqTTRUVGhNTVRGSlpWRXdhMUZsUkZwUlZIUnJNV2hEUmxGd1ozaGFObFp0TDA5dVJtRlVNa3BrWkdoVlEyWnRLMUJvVEVOck1scEtRVkZRVjFodFlUWm5ZamxQYldJek5rdDNaa3A2WW5KdlQwUT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1636892725&sid=20220208011834739244b22e837cef7b HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1636892725&s5=wc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D19859fdf63a4142d827bf611f001755c%26pref2%3DDE&h=05aff42d0d36cdfbaf0e9c0096c6d521 Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=19859fdf63a4142d827bf611f001755c&pref2=DE HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bossaa.pl/ HTTP 302
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d

Request Chain 4

http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1636892725%26sid%3D20220208011834739244b22e837cef7b&s=j&enc=d0dkZlFXeGttOXBERnRhRDlhSndmWDQ5Zmt4cVEySlBSbFZtSzBaTVJXdHlkMFpyV1U1UVUwdFZWMlJyS3pONFl6aEphMEZSU2k5clEwbG1TVFJWVUM5aFVVczNaakJTYjFKWlExUkxVSHBhVlRCME5rRjVZMm80WlRGbk9HTjBaa1ZSUmpKV1YwSnJXVVZRUW5vNWVFaDVaSHB6ZFZsaVRXUlBlV3AyTVZvemQzbEhaMmMxVFhKVldrNTNkV1IwVjFOcmR6VmFhRFI0V0ZkcE5GVkJaamsxY1dkamQwVTRNbFIxU0haQ1drUkJLMm9yVDBGdFYyZDFkRTV6ZVhaVk9WSlVWM0ZzYVdWbWIzUjVlbmxIYjJ4U2NFMW5RMEZJTmpaR2NFVXdVVkl2UjNFMVJrczVlazkyY0Zod2VESnVaMjlFV0ZvNGVIcGpValZNV0RCeFF6QkJaek5DYmpoak16RjROR0UzUWxaV2Ewd3lVR1JsWmtrMlUzRXlielZrV1ZsNU56ZzVVakprZW5Od2RIVkxja3NyVjBwRk9VWlZSR1ZYTmtkc1NEbEJaV2RoTm05RmJuVnlTbFF3Y0RKR1dVeExObTlxYkRaQ1duUlRjemt2TlV0ck1VMVlURTVQTkVKMmVYTkhPWGNyT1VGWlRUZGhObmM0WVRCTk1UaEpWbWRQY1d4U2JuVjJNRU5PTWk4MldFaFFlRU5uUTNvMFIyaEtOMDV1YUd0NU0wa3JkVWN5UW5GTFNWWjJlRGR6WmxKTWNsaHNOR0V4YWtOc1J6WjBVR3hGTHprdmJtMUlSVkJOV0VsNGEzUjNWRFo2VFM5bk1sbGFRV0V2TDNwbVVYcEZXWG8zU0N0dFowcFJkWEU0ZVZOWWEwNDBjRGxyVWxWMmQwOUNMMHN6T0VSeGJHOXhhM05IUVVnek5XcEtObXgzTWpORVVucHRjQ3RrTUdGMU1XczJabXRzY2pCUVZsaDJRV2xJYmpOVFVXUXJjaXMwWTNacVVHaHFTMlZVSzFscWNIVlpha2hOTjI5SFIycERhRzh5YTB4aWFuUnNZV2xtTjJsMVUyOXlRVlpUZFZrd05qUnlUVXh6WVZjNU9WSkRRMFpaZVRGR1pGTldkREJYZEhaMldWVm1hRVJSUzBOVFVIVkdVbW80T1ZaWlNFUkJSVTlXTW1oWWRFZEZWamwwVm5rMVMwcGpVV3htT0c1SGJ6WjFja0p1Vms5bFNYbDRTMFJGTjNaYWNWSlFUVEIzWldwcE16Rkxaa3BvZGtReFZHTXdNakpZY1RWSGIzaG9OMEp2T1V0NGEzaFllV2MwZDIxR1pWbEpNWFJEWWl0dllVaHVaVVJoVFRsU1JqTTRUVGhNTVRGSlpWRXdhMUZsUkZwUlZIUnJNV2hEUmxGd1ozaGFObFp0TDA5dVJtRlVNa3BrWkdoVlEyWnRLMUJvVEVOck1scEtRVkZRVjFodFlUWm5ZamxQYldJek5rdDNaa3A2WW5KdlQwUT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1636892725&sid=20220208011834739244b22e837cef7b HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1636892725&s5=wc

Request Chain 116

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644243518167 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644243518167&dcc=t

192 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirb.com/
Redirect Chain

https://bossaa.pl/
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSF...

4 KB
3 KB

503ms
177ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: be969b8e7198021c946d37afc84171af645d00c7ae9b9460d183e617b6d89f6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 07 Feb 2022 14:18:35 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2267
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 07 Feb 2022 14:18:34 GMT
Server: Apache/2.4.25 (Debian)
Location: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jscheck.js Show response
1redirb.com/javascript/ 899 B
718 B 177ms
176ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/javascript/jscheck.js
Requested by: Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 14:18:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Jan 2022 13:27:28 GMT
Server: Apache/2.4.25 (Debian)
ETag: "383-5d58ac3a31000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirb.com/javascript/ 10 KB
4 KB 354ms
178ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/javascript/swfobject.js
Requested by: Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 14:18:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Jan 2022 13:27:28 GMT
Server: Apache/2.4.25 (Debian)
ETag: "27ef-5d58ac3a31000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirb.com/ 0
166 B 375ms
203ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirb.com/jscheck.php?enc=d0dkZlFXeGttOXBERnRhRDlhSndmWDQ5Zmt4cVEySlBSbFZtSzBaTVJXdHlkMFpyV1U1UVUwdFZWMlJyS3pONFl6aEphMEZSU2k5clEwbG1TVFJWVUM5aFVVczNaakJTYjFKWlExUkxVSHBhVlRCME5rRjVZMm80WlRGbk9HTjBaa1ZSUmpKV1YwSnJXVVZRUW5vNWVFaDVaSHB6ZFZsaVRXUlBlV3AyTVZvemQzbEhaMmMxVFhKVldrNTNkV1IwVjFOcmR6VmFhRFI0V0ZkcE5GVkJaamsxY1dkamQwVTRNbFIxU0haQ1drUkJLMm9yVDBGdFYyZDFkRTV6ZVhaVk9WSlVWM0ZzYVdWbWIzUjVlbmxIYjJ4U2NFMW5RMEZJTmpaR2NFVXdVVkl2UjNFMVJrczVlazkyY0Zod2VESnVaMjlFV0ZvNGVIcGpValZNV0RCeFF6QkJaek5DYmpoak16RjROR0UzUWxaV2Ewd3lVR1JsWmtrMlUzRXlielZrV1ZsNU56ZzVVakprZW5Od2RIVkxja3NyVjBwRk9VWlZSR1ZYTmtkc1NEbEJaV2RoTm05RmJuVnlTbFF3Y0RKR1dVeExObTlxYkRaQ1duUlRjemt2TlV0ck1VMVlURTVQTkVKMmVYTkhPWGNyT1VGWlRUZGhObmM0WVRCTk1UaEpWbWRQY1d4U2JuVjJNRU5PTWk4MldFaFFlRU5uUTNvMFIyaEtOMDV1YUd0NU0wa3JkVWN5UW5GTFNWWjJlRGR6WmxKTWNsaHNOR0V4YWtOc1J6WjBVR3hGTHprdmJtMUlSVkJOV0VsNGEzUjNWRFo2VFM5bk1sbGFRV0V2TDNwbVVYcEZXWG8zU0N0dFowcFJkWEU0ZVZOWWEwNDBjRGxyVWxWMmQwOUNMMHN6T0VSeGJHOXhhM05IUVVnek5XcEtObXgzTWpORVVucHRjQ3RrTUdGMU1XczJabXRzY2pCUVZsaDJRV2xJYmpOVFVXUXJjaXMwWTNacVVHaHFTMlZVSzFscWNIVlpha2hOTjI5SFIycERhRzh5YTB4aWFuUnNZV2xtTjJsMVUyOXlRVlpUZFZrd05qUnlUVXh6WVZjNU9WSkRRMFpaZVRGR1pGTldkREJYZEhaMldWVm1hRVJSUzBOVFVIVkdVbW80T1ZaWlNFUkJSVTlXTW1oWWRFZEZWamwwVm5rMVMwcGpVV3htT0c1SGJ6WjFja0p1Vms5bFNYbDRTMFJGTjNaYWNWSlFUVEIzWldwcE16Rkxaa3BvZGtReFZHTXdNakpZY1RWSGIzaG9OMEp2T1V0NGEzaFllV2MwZDIxR1pWbEpNWFJEWWl0dllVaHVaVVJoVFRsU1JqTTRUVGhNTVRGSlpWRXdhMUZsUkZwUlZIUnJNV2hEUmxGd1ozaGFObFp0TDA5dVJtRlVNa3BrWkdoVlEyWnRLMUJvVEVOck1scEtRVkZRVjFodFlUWm5ZamxQYldJek5rdDNaa3A2WW5KdlQwUT0%3D&rand=0.8375914360021361
Requested by: Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDWJ2usmejiQF0kvB5CjTYJ%2B7z1qwthh3czOFQd6FPofaq%2BpCsF5rJETZ67cCslfSR9%2BKpyBZK%2Fw0wYJo3zl2%2BKeNqlMmYgHxrMrgU8QvZ9Mo4%2BaaW58HDQrTPA2CycYfdEVLxVSFJ2sxMEJp8CRQF6TueGfXm2HOXFuQYk5JNBcpmCVlfsW2U1B2d2w3H8qt9TXGHbT7TYJzMtRgnHHeLra6C%2FBAuWQhYv1E%2BG9%2FO21XuNC4DSLOmpScoqr76RNi4mspKAsi%2B%2FKB6%2FDhtsZOCme0dFFUDoBMezWsbJvaOjh3bXcMHG4GNlx7Epx2fKZAB56LDjQHbFnQCzVY0nRv3BLjdMooDDAZG58eEFY4uv870339lWfuOzbMpPAI2bruQN4M6PIdLV2zWUsSMstJPdISAFlRDI7rJ%2FG50YNsXfQ3KNL%2Bgtlvfk4dHPz7wt4v1SE%2F5MCx5rJKBFUYcVOaSTckYVnyqXCV8AdGPQ9KOoWg0eVdk%2Br9B4RJKwc8Gotxa9D7Llin5WRtTsmnY3r%2BAJkLtLKjklw4VQdh%2BABT51oOazodRnyCXbmqRg1e4FAwDsbTVVUacw77XyZXLwmLxLpZ1YwnQdWEvLf%2FF9dsmOs3Ezc2yuzBhVOWkVS3c4WnMMW12K5kRFz8Ouzehphzehz914DnVETiF%2BlEcd3TofpQIY8UydKSx3M%2FC0rq2Dq3%2BERVNi9Kx5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 14:18:36 GMT
Server: Apache/2.4.25 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

a Show response
lookandfind.me/s/
Redirect Chain

http://1redirb.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1636892725%26sid%3D20220208011834739244b22e837cef7b&s=j&enc=d0dkZlFXeGttOXBERnRhRDlhSndmWDQ5Zmt4cVEySlBSbFZ...
https://clever-redirect.com/s/r6?s=721614&s3=1636892725&sid=20220208011834739244b22e837cef7b
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1636892725&s5=wc

376 B
741 B

70ms
31ms

Document
text/html

157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1636892725&s5=wc
Requested by: Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: fe6f3d116f908c426622882b79c5985dd45c155068badbdd807d2be64825c801

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 376
content-type: text/html; charset=UTF-8
date: Mon, 07 Feb 2022 14:18:36 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
location: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1636892725&s5=wc
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 07 Feb 2022 14:18:36 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27

GET
H2 200 r
lookandfind.me/s/ 306 B
359 B 23ms
23ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D19859fdf63a4142d827bf611f001755c%26pref2%3DDE&h=05aff42d0d36cdfbaf0e9c0096c6d521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1636892725&s5=wc

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 306
content-type: text/html; charset=UTF-8
date: Mon, 07 Feb 2022 14:18:37 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

GET
H2

200

Primary Request / Show response
helden.de/
Redirect Chain

https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=19859fdf63a4142d827bf611f001755c&pref2=DE
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

275 KB
48 KB

804ms
667ms

Document
text/html

2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Requested by: Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D19859fdf63a4142d827bf611f001755c%26pref2%3DDE&h=05aff42d0d36cdfbaf0e9c0096c6d521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c173a80ff2905f93cd94dc5bf6cd210e5d2306e0354a88423ba60372d14035

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D19859fdf63a4142d827bf611f001755c%26pref2%3DDE&h=05aff42d0d36cdfbaf0e9c0096c6d521

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://helden.de/wp-json/>; rel="https://api.w.org/" <https://helden.de/>; rel=shortlink
cache-control: max-age=0
expires: Mon, 07 Feb 2022 14:18:37 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d9d3f9faf6f9104-FRA
content-encoding: gzip

Redirect headers

date: Mon, 07 Feb 2022 14:18:37 GMT
content-type: text/html; charset=iso-8859-1
location: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRtUCwrqCwyXg6v63m%2FiMAcMTWiUNFKpqmWimJ1bi8c4HGzCOtKF%2FV7GEycqETtzXoAbMdjtOWJoPqy%2FIvJBZrfzAIbeL19htU569sJYGD4u1JJGlB%2BWK9Xd5LfZK8YnApXU%2BOui5z4WOwO5wVUcNSi1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d9d3f9e78e28fd6-FRA

GET
H2 200 helden-custom.css
helden.de/wp-content/themes/you/css/ 1 KB
641 B 39ms
37ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/helden-custom.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 09:04:16 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=2130
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3e9049104-FRA
cf-bgj: minify

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/ 31 KB
6 KB 61ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 22:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5770
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2023 22:56:54 GMT

GET
H2 200 wp-notification-bars-public.css
helden.de/wp-content/plugins/wp-notification-bars/public/css/ 4 KB
1 KB 33ms
29ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 1056963
cf-polished: origSize=4192
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:35 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3e90a9104-FRA
cf-bgj: minify

GET
H2 200 acoda_counters.min.css
helden.de/wp-content/plugins/acoda-counters/assets/ 797 B
341 B 54ms
51ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056963
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3e90d9104-FRA
content-length: 278
expires: Thu, 26 Jan 2023 08:42:35 GMT

GET
H2 200 acoda_gigatools.min.css
helden.de/wp-content/plugins/acoda-gigatools/assets/ 695 B
327 B 43ms
40ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-gigatools/assets/acoda_gigatools.min.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3e9109104-FRA
content-length: 264
expires: Thu, 26 Jan 2023 08:42:35 GMT

GET
H2 200 style.css
helden.de/wp-content/plugins/likebtn-like-button/public/css/ 2 KB
801 B 54ms
50ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/css/style.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 1056963
cf-polished: origSize=2476
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:35 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3e9119104-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-public.css
helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 3 KB
1 KB 58ms
55ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.0
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc6b9f591f8a9a592258150d30296b9a224ee2d938cecc5e8ba347535e360dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Aug 2020 12:16:56 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=3959
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3e9159104-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-gdpr.css
helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 17 KB
3 KB 47ms
44ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.0
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fa40176cf7621f894c7645f6162825006cee47b52776058cc2fa7f3b7bcae2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Aug 2020 12:16:56 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=21346
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3e9169104-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 30 KB
7 KB 45ms
42ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3e9199104-FRA
content-length: 7036
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 dynamic-mobmenu.css
helden.de/wp-content/uploads/ 8 KB
2 KB 37ms
34ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/uploads/dynamic-mobmenu.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 14:13:59 GMT
server: cloudflare
age: 1056963
cf-polished: status=cannot_optimize
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:35 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3e91b9104-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 1 KB
502 B 79ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:25:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 14:18:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 14:18:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
897 B 77ms
33ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7edee88862109a0b709cb1801cccd10f6460971dbb1afc945abb81c17bfca85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 14:18:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 14:18:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 14:18:38 GMT

GET
H2 200 js_composer.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 451 KB
44 KB 38ms
36ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3e91d9104-FRA
content-length: 44917
expires: Thu, 26 Jan 2023 08:42:35 GMT

GET
H2 200 mobmenu-icons.css
helden.de/wp-content/plugins/mobile-menu/includes/css/ 2 KB
757 B 52ms
50ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 1056963
cf-polished: origSize=3886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:35 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f93d9104-FRA
cf-bgj: minify

GET
H2 200 style.css
helden.de/wp-content/themes/helden/ 376 KB
60 KB 68ms
67ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/style.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6928cc4d50cb193b1c5d09343ecae72c20af5da0483e28b7c48a4c77e0f6d3c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 14:51:16 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=448108
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f9429104-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
helden.de/wp-includes/js/jquery/ 95 KB
33 KB 80ms
79ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 22:08:51 GMT
server: cloudflare
age: 885470
cf-polished: origSize=96873
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 28 Jan 2023 08:20:48 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f9449104-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
helden.de/wp-includes/js/jquery/ 10 KB
4 KB 49ms
48ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3f9479104-FRA
content-length: 4014
expires: Thu, 26 Jan 2023 08:42:35 GMT

GET
H2 200 main.js Show response
helden.de/wp-content/themes/helden/ 122 KB
35 KB 60ms
59ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 09 Aug 2021 14:46:59 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=179649
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f9489104-FRA
cf-bgj: minify

GET
H2 200 countid.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 5 KB
2 KB 58ms
57ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/countid.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3f9499104-FRA
content-length: 1975
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 acoda_counters.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 1 KB
586 B 44ms
43ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3f94b9104-FRA
content-length: 523
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 frontend.js Show response
helden.de/wp-content/plugins/likebtn-like-button/public/js/ 5 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 1056963
cf-polished: origSize=7114
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:35 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f94d9104-FRA
cf-bgj: minify

GET
H2 200 cookie-law-info-public.js Show response
helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 35 KB
9 KB 52ms
51ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.0
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499f5d894e680015c299c3707e38a9b65074b888ed8e8380854a782a71c4ebd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Aug 2020 12:16:56 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=46549
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f94f9104-FRA
cf-bgj: minify

GET
H2 200 wpgmza_data.js Show response
helden.de/wp-content/plugins/wp-google-maps/ 0
66 B 44ms
43ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 13:26:08 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3f9519104-FRA
content-length: 0
cf-bgj: minify

GET
H2 200 wp-notification-bars-public.js Show response
helden.de/wp-content/plugins/wp-notification-bars/public/js/ 689 B
381 B 43ms
42ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=1041
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f9529104-FRA
cf-bgj: minify

GET
H2 200 mobmenu.js Show response
helden.de/wp-content/plugins/mobile-menu/includes/js/ 6 KB
1 KB 52ms
51ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=8712
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f9549104-FRA
cf-bgj: minify

GET
H2 200 waypoints.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/ 8 KB
3 KB 66ms
65ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056963
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3f9569104-FRA
content-length: 2615
expires: Thu, 26 Jan 2023 08:42:35 GMT

GET
H2 200 waypoints-sticky.min.js Show response
helden.de/wp-content/themes/you/js/ 3 KB
1 KB 52ms
52ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/waypoints-sticky.min.js?ver=1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa3f95e9104-FRA
content-length: 1282
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 helden_de_custom.js Show response
helden.de/wp-content/themes/you/js/ 6 KB
2 KB 52ms
51ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/helden_de_custom.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Mar 2021 13:18:15 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=7385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa3f9619104-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
665 B 72ms
33ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:26:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 14:18:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 14:18:38 GMT

GET
H2 200 helden.de_Logo.svg
helden.de/wp-content/uploads/2021/02/ 5 KB
2 KB 69ms
59ms Image
image/svg+xml 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/02/helden.de_Logo.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Feb 2021 09:49:41 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb7e9104-FRA
content-length: 1845
expires: Fri, 25 Feb 2022 08:42:36 GMT

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
helden.de/wp-content/assets/profly_dji/ 33 KB
8 KB 63ms
52ms Image
image/svg+xml 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/profly_dji/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6d9d3fa4cb8b9104-FRA
date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 05:21:52 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/svg+xml
content-length: 8356
expires: Fri, 25 Feb 2022 08:42:36 GMT

GET
H2 200 Kundenvertrauen_helden_de.svg
helden.de/wp-content/uploads/2021/07/ 32 KB
8 KB 63ms
53ms Image
image/svg+xml 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/Kundenvertrauen_helden_de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 08:21:20 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d9d3fa4cb939104-FRA
content-length: 8129
expires: Fri, 25 Feb 2022 08:42:36 GMT

GET
H2 200 widget_square_165_1.png
images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/ 14 KB
14 KB 100ms
21ms Image
image/png 34.102.224.29
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/widget_square_165_1.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.224.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.224.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48a2156abaed07fa73ed289ca1e45a818cdf7ca5d8aa6e6d31b64b2bf3850753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
via: 1.1 google
last-modified: Mon, 07 Feb 2022 13:41:31 GMT
server: nginx
age: 0
etag: "6201218b-37bf"
content-type: image/png
cache-control: max-age=86400,no-cache
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14271
expires: Tue, 08 Feb 2022 14:18:38 GMT

GET
H2 200 Helden_Web_Mobile-Mockup_06.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 74ms
64ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_06.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1056675
cf-polished: qual=85, origFmt=jpeg, origSize=52798
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_06.webp"
content-length: 27534
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:47:23 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cb969104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_05.jpg
helden.de/wp-content/uploads/2019/10/ 19 KB
19 KB 87ms
78ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_05.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 323574
cf-polished: qual=85, origFmt=jpeg, origSize=42408
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_05.webp"
content-length: 19320
last-modified: Mon, 14 Oct 2019 10:34:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 20:25:44 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cb979104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_04.jpg
helden.de/wp-content/uploads/2019/10/ 25 KB
25 KB 76ms
66ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_04.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 327875
cf-polished: qual=85, origFmt=jpeg, origSize=50929
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_04.webp"
content-length: 25904
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 19:14:03 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cb999104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_03.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 73ms
64ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_03.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 328352
cf-polished: qual=85, origFmt=jpeg, origSize=55274
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_03.webp"
content-length: 27706
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 19:06:06 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cb9c9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_02.jpg
helden.de/wp-content/uploads/2019/10/ 33 KB
33 KB 76ms
67ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_02.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 415826
cf-polished: qual=85, origFmt=jpeg, origSize=59813
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_02.webp"
content-length: 34042
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 02 Jun 2022 18:48:12 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cb9d9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_01.jpg
helden.de/wp-content/uploads/2019/10/ 23 KB
23 KB 85ms
76ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_01.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1056675
cf-polished: qual=85, origFmt=jpeg, origSize=48508
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_01.webp"
content-length: 23826
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:47:23 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cb9f9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_U8726.jpg
helden.de/wp-content/assets/community/ 13 KB
13 KB 78ms
69ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_U8726.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d613b50b8387a95831ac399d35d223bd3dd4143083fb9c33530d49e4e728573

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 11442
cf-polished: qual=85, origFmt=jpeg, origSize=17793
content-disposition: inline; filename="helden_code_U8726.webp"
content-length: 12964
last-modified: Thu, 29 Jul 2021 09:59:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 11:07:56 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cba19104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_KR8V9.jpg
helden.de/wp-content/assets/community/ 13 KB
13 KB 76ms
68ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_KR8V9.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3736c112af68ab8446a4425720de82a8a48ce0a2929d7bbe2764edaf2139b8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 17972
cf-polished: qual=85, origFmt=jpeg, origSize=34103
content-disposition: inline; filename="helden_code_KR8V9.webp"
content-length: 13388
last-modified: Thu, 15 Apr 2021 07:28:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 09:19:06 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cba49104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_2EJL9.jpg
helden.de/wp-content/uploads/2019/10/ 10 KB
10 KB 81ms
73ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_2EJL9.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dafd259073d41037e3a82ca1196dbc4b95621f859f5b991a1493ce3fa00b4f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:51 GMT
server: cloudflare
age: 11436
cf-polished: degrade=85, origSize=31413, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 07 Jun 2022 11:08:02 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cba59104-FRA
content-length: 10484
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1YWH7.jpg
helden.de/wp-content/uploads/2019/10/ 11 KB
11 KB 78ms
70ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_1YWH7.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f7729261b19bc2e0dbc4b3cc3683ea880bdb7a8c98d1d055fa3ef274867553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:45 GMT
server: cloudflare
age: 107426
cf-polished: degrade=85, origSize=32682, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 06 Jun 2022 08:28:12 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cba69104-FRA
content-length: 10922
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_2LJW7.jpg
helden.de/wp-content/uploads/2019/10/ 9 KB
9 KB 87ms
79ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_2LJW7.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75dc94286d9fd0993744876ce2c71d6f2a4a4592fc2a1f71a96559e418d84352

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:55 GMT
server: cloudflare
age: 11437
cf-polished: degrade=85, origSize=21411, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 07 Jun 2022 11:08:01 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cba99104-FRA
content-length: 9005
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1HO08.jpg
helden.de/wp-content/uploads/2019/06/ 14 KB
15 KB 85ms
77ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/06/helden_code_1HO08.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3389b5ad1fcd9604f19b1705b53a08d85716aa3ad83cc57041d1c5a43c7509e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2019 10:13:33 GMT
server: cloudflare
age: 11546
cf-polished: qual=85, origFmt=jpeg, origSize=114185
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 11:06:12 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_code_1HO08.webp"
cf-ray: 6d9d3fa4cbb59104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_3BWK9.jpg
helden.de/wp-content/uploads/2020/07/ 603 KB
604 KB 113ms
105ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/07/helden_code_3BWK9.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 491f9c45a903bec1b4bae08e028e8e4cda983276ea68791a2c842026a6048ac6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Jul 2020 07:46:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
cf-ray: 6d9d3fa4cbb89104-FRA
expires: Tue, 07 Jun 2022 14:18:38 GMT

GET
H2 200 helden_code_0P9N3.jpg
helden.de/wp-content/uploads/2020/08/ 18 KB
19 KB 76ms
69ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/08/helden_code_0P9N3.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7677f73b08b762d4e3a9f4cdd367211094350f5111a40dc099697d94124b04a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 11437
cf-polished: qual=85, origFmt=jpeg, origSize=30560
content-disposition: inline; filename="helden_code_0P9N3.webp"
content-length: 18876
last-modified: Tue, 04 Aug 2020 07:46:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 11:08:01 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbc39104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_4SLA6.jpg
helden.de/wp-content/assets/community/ 14 KB
14 KB 82ms
75ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_4SLA6.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61cf74aefc3fe5e87d73f307d18b01b322e4cb24b18b614e7b1ae626fab58da0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 14764
cf-polished: qual=85, origFmt=jpeg, origSize=19006
content-disposition: inline; filename="helden_code_4SLA6.webp"
content-length: 14602
last-modified: Fri, 05 Mar 2021 13:27:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 10:12:34 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbc59104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_36JU4.jpg
helden.de/wp-content/uploads/2019/10/ 14 KB
14 KB 79ms
72ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_36JU4.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b372347cc7358de506f1e9d6c8e42069374dd0950e2e641a4c5e69cbfcae4f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:25:54 GMT
server: cloudflare
age: 107429
cf-polished: degrade=85, origSize=42182, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 06 Jun 2022 08:28:09 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbca9104-FRA
content-length: 14168
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_21A68.jpg
helden.de/wp-content/uploads/2019/10/ 9 KB
9 KB 87ms
80ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_21A68.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca4bb3b109a4b6af85b4186ad5cc6709ef3edf65543d0da5f0e88a9a3f57ee4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 11441
cf-polished: qual=85, origFmt=jpeg, origSize=29619
content-disposition: inline; filename="helden_code_21A68.webp"
content-length: 8710
last-modified: Mon, 14 Oct 2019 09:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 11:07:57 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbcd9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_22C38.jpg
helden.de/wp-content/uploads/2020/11/ 6 KB
6 KB 80ms
74ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/11/helden_code_22C38.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1992f7120383f5c828b26793d3b16bbd5fe189d72078473314b9e406c1c3613

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 12661
cf-polished: qual=85, origFmt=jpeg, origSize=9134
content-disposition: inline; filename="helden_code_22C38.webp"
content-length: 5762
last-modified: Thu, 12 Nov 2020 07:24:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 07 Jun 2022 10:47:37 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbd09104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Versicherungspartner_NV-300x208.jpg
helden.de/wp-content/uploads/2020/04/ 3 KB
3 KB 92ms
86ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_NV-300x208.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1056676
cf-polished: qual=85, origFmt=jpeg, origSize=6159
content-disposition: inline; filename="Versicherungspartner_NV-300x208.webp"
content-length: 2924
last-modified: Fri, 03 Apr 2020 11:30:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:47:22 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbdb9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Versicherungspartner_HISCOX-300x182.jpg
helden.de/wp-content/uploads/2020/04/ 4 KB
4 KB 77ms
71ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_HISCOX-300x182.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 978479
cf-polished: qual=85, origFmt=jpeg, origSize=6611
content-disposition: inline; filename="Versicherungspartner_HISCOX-300x182.webp"
content-length: 3982
last-modified: Fri, 03 Apr 2020 11:30:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 27 May 2022 06:30:39 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbdd9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
helden.de/wp-content/uploads/2021/07/ 23 KB
23 KB 83ms
77ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1056962
cf-polished: origFmt=png, origSize=56718
content-disposition: inline; filename="WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.webp"
content-length: 23324
last-modified: Mon, 05 Jul 2021 11:39:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:42:36 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbdf9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
helden.de/wp-content/uploads/2020/06/ 47 KB
47 KB 81ms
77ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/06/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 10:28:11 GMT
server: cloudflare
age: 323659
cf-polished: qual=85, origFmt=jpeg, origSize=69103
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 20:24:19 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.webp"
cf-ray: 6d9d3fa4cbe09104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden.de_Logo_web_retina.png
helden.de/wp-content/uploads/2019/01/ 4 KB
5 KB 78ms
75ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/01/helden.de_Logo_web_retina.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1056962
cf-polished: origFmt=png, origSize=8928
content-disposition: inline; filename="helden.webp"
content-length: 4534
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:42:36 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbe19104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 js_composer_tta.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 309 KB
14 KB 37ms
37ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa46a869104-FRA
content-length: 14545
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
649 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a55eb96ad9952ebf2d6e42d4f44565d00ebe4a6ea1171e4d4dcaa6a653081c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 14:08:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 14:18:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 14:18:38 GMT

GET
H2 200 ihover.min.css
helden.de/wp-content/themes/you/css/ 50 KB
3 KB 45ms
33ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/ihover.min.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 08:00:21 GMT
server: cloudflare
age: 3724
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4ab199104-FRA
content-length: 3178
expires: Tue, 07 Feb 2023 13:16:34 GMT

GET
H2 200 core.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 4 KB
2 KB 65ms
51ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 40293
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4ab339104-FRA
content-length: 1811
expires: Tue, 07 Feb 2023 03:07:05 GMT

GET
H2 200 widget.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 7 KB
3 KB 46ms
32ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4ab369104-FRA
content-length: 2543
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 position.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 6 KB
2 KB 64ms
51ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4ab3b9104-FRA
content-length: 2469
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 menu.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 9 KB
3 KB 68ms
54ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4ab3e9104-FRA
content-length: 2805
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 wp-sanitize.min.js Show response
helden.de/wp-includes/js/ 423 B
433 B 84ms
71ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-sanitize.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4ab4a9104-FRA
content-length: 257
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 wp-a11y.min.js Show response
helden.de/wp-includes/js/ 640 B
490 B 65ms
52ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-a11y.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 323456
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4ab4e9104-FRA
content-length: 375
expires: Fri, 03 Feb 2023 20:27:42 GMT

GET
H2 200 autocomplete.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 8 KB
3 KB 64ms
51ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb509104-FRA
content-length: 2774
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 presVouch.js Show response
helden.de/wp-content/themes/helden/ 3 KB
1 KB 73ms
60ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/presVouch.js?ver=1.2
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 08:40:22 GMT
server: cloudflare
age: 885469
cf-polished: origSize=5783
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 28 Jan 2023 08:20:49 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa4bb529104-FRA
cf-bgj: minify

GET
H2 200 underscore.min.js Show response
helden.de/wp-includes/js/ 16 KB
6 KB 73ms
61ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 885469
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb559104-FRA
content-length: 5634
expires: Sat, 28 Jan 2023 08:20:49 GMT

GET
H2 200 backbone.min.js Show response
helden.de/wp-includes/js/ 22 KB
7 KB 72ms
59ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/backbone.min.js?ver=1.2.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb569104-FRA
content-length: 7433
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 api-request.min.js Show response
helden.de/wp-includes/js/ 768 B
505 B 71ms
59ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/api-request.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb589104-FRA
content-length: 440
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 wp-api.min.js Show response
helden.de/wp-includes/js/ 14 KB
4 KB 72ms
60ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-api.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb5a9104-FRA
content-length: 4086
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 scripts.js Show response
helden.de/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 71ms
59ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
cf-polished: origSize=14440
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Thu, 26 Jan 2023 08:42:36 GMT
cache-control: max-age=31536000
cf-ray: 6d9d3fa4bb5d9104-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 80ms
28ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cbfe64eec1cd97e6b40c7df10021f707d564f508b9571d7207debebec1bae7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Mon, 07 Feb 2022 14:18:38 GMT

GET
H2 200 effect.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 13 KB
5 KB 73ms
62ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb5e9104-FRA
content-length: 5162
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 wp-embed.min.js Show response
helden.de/wp-includes/js/ 1 KB
899 B 120ms
109ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-embed.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb739104-FRA
content-length: 739
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 js_composer_front.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 72ms
61ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb759104-FRA
content-length: 5712
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 vc-accordion.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/ 12 KB
3 KB 71ms
60ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb779104-FRA
content-length: 2673
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 vc-tta-autoplay.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/ 2 KB
924 B 72ms
62ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb799104-FRA
content-length: 831
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H2 200 vc-tabs.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/ 4 KB
1 KB 74ms
63ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 654454
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb7a9104-FRA
content-length: 1170
expires: Tue, 31 Jan 2023 00:31:04 GMT

GET
H2 200 skrollr.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/ 12 KB
6 KB 71ms
61ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d9d3fa4bb7c9104-FRA
content-length: 5593
expires: Thu, 26 Jan 2023 08:42:36 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: helden.de
URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Feb 2023 18:59:48 GMT

GET
H2 200 widget.js Show response
w.likebtn.com/js/w/ 124 KB
34 KB 97ms
52ms Script
application/javascript 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/js/w/widget.js
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.15.4
Resource Hash: f8946610c7f4593b0f21a81847f97a856fcb93590a55da380679cf95372f2428

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45548
x-powered-by: HHVM/3.15.4
last-modified: Sun, 06 Feb 2022 18:06:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRBt1Y4RKOKTq9TVSM9efTRx6VwdACwPW3rhCqMOAZg8J3kUF3rfW6BMAU5b2yAMvwQ0TrA1upw%2Bafa0e7LrahtI4wh0%2BkoBIvDjdw6Atm1UW0nGczGpfxdxaFkW3hi%2FHYpuPERlTywDol4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=691200, s-maxage=57600
cf-polished: origSize=126890
cf-ray: 6d9d3fa4fd28927f-FRA
cf-bgj: minify

GET
H2 200 h8eubnf2kys7.js Show response
js.driftt.com/include/1644243600000/ 227 KB
65 KB 200ms
128ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1644243600000/h8eubnf2kys7.js

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3c430c6bbf28dcc0eb84b18a6647b8feab76de0a77a6975cb71b9b5f4cdf3731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 16:14:45 GMT
server: nginx
etag: W/"88aa02188a6071f32ff6a1455cb7bb1c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lCI5UbIVt302JWDoFj_nErhlDGDRS.n9
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9zGfh-BeDc6kIxZGKtbZ_tHOgHf15hAprcd2X0ghKO_75MzgL6xdSg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 61ms
15ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100084-IAD, cache-fra19178-FRA

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 7 KB
7 KB 142ms
69ms Script
text/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: RCjAxJ8CrRqbtKQCS4KIrWhcLcYrBklc
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 17:52:19 GMT
server: AmazonS3
age: 144
etag: "4e42700e21a922978b72507ad18a7fea"
x-cache: Hit from cloudfront
content-type: text/javascript
date: Mon, 07 Feb 2022 14:16:15 GMT
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 6674
x-amz-cf-id: 7iVBuAg1z3lL8Ntyw3tPkT7ysuAyNi93PeNmSYuhI8dOiQOsTA10vw==

GET
H2 200 helden_de_phv_hero.jpg
helden.de/wp-content/assets/header/old/ 394 KB
395 KB 79ms
78ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/header/old/helden_de_phv_hero.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Feb 2021 14:27:07 GMT
server: cloudflare
age: 1056935
cf-polished: qual=85, origFmt=jpeg, origSize=514244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:43:03 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_phv_hero.webp"
cf-ray: 6d9d3fa4cbe39104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_privathaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 70 KB
70 KB 70ms
69ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_privathaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 1055974
cf-polished: qual=85, origFmt=jpeg, origSize=92072
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:59:04 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_productimages_overview_privathaftpflicht.webp"
cf-ray: 6d9d3fa4cbe49104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_hausratschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 26 KB
26 KB 67ms
67ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hausratschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1055974
cf-polished: qual=85, origFmt=jpeg, origSize=37384
content-disposition: inline; filename="helden_de_productimages_overview_hausratschutz.webp"
content-length: 26294
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:59:04 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbe69104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_hundehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 17 KB
17 KB 66ms
65ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hundehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1056674
cf-polished: qual=85, origFmt=jpeg, origSize=26654
content-disposition: inline; filename="helden_de_productimages_overview_hundehaftpflicht.webp"
content-length: 17518
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:47:24 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbe79104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_pferdehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 28 KB
28 KB 75ms
74ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_pferdehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 328455
cf-polished: qual=85, origFmt=jpeg, origSize=37445
content-disposition: inline; filename="helden_de_productimages_overview_pferdehaftpflicht.webp"
content-length: 28404
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 19:04:23 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbe99104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_drohenhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 29 KB
30 KB 109ms
109ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_drohenhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 1055974
cf-polished: degrade=85, origSize=37829, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 26 May 2022 08:59:04 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbeb9104-FRA
content-length: 30032
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 59 KB
59 KB 79ms
79ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2020 14:23:55 GMT
server: cloudflare
age: 1055974
cf-polished: status=not_needed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 26 May 2022 08:59:04 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbee9104-FRA
content-length: 60060
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 23 KB
23 KB 69ms
69ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 1055975
cf-polished: qual=85, origFmt=jpeg, origSize=33528
content-disposition: inline; filename="helden_de_productimages_overview_2-in-1_berufshaftpflicht.webp"
content-length: 23796
last-modified: Mon, 02 Nov 2020 14:27:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 26 May 2022 08:59:03 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbef9104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_bue_keyvisual.jpg
helden.de/wp-content/assets/buero_equipmentschutz/ 27 KB
27 KB 66ms
66ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/buero_equipmentschutz/helden_de_bue_keyvisual.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 317479
cf-polished: qual=85, origFmt=jpeg, origSize=58681
content-disposition: inline; filename="helden_de_bue_keyvisual.webp"
content-length: 27568
last-modified: Fri, 12 Feb 2021 11:22:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 03 Jun 2022 22:07:19 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbf09104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_familienhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 22 KB
23 KB 70ms
70ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_familienhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
cf-cache-status: HIT
age: 408182
cf-polished: qual=85, origFmt=jpeg, origSize=32576
content-disposition: inline; filename="helden_de_productimages_overview_familienhaftpflicht.webp"
content-length: 23000
last-modified: Tue, 25 Aug 2020 10:13:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 02 Jun 2022 20:55:36 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa4cbf29104-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 101ms
43ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 413288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
23 KB 69ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 413288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 91ms
38ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 413287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:31 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 80ms
27ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 413287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:30:31 GMT

GET
H2 200 fontawesome-webfont.woff2
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/ 75 KB
76 KB 92ms
92ms Font
font/woff2 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1056961
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=10368000
cf-ray: 6d9d3fa4cbf49104-FRA
expires: Thu, 26 May 2022 08:42:37 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 100ms
48ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:54:55 GMT
x-content-type-options: nosniff
age: 411823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:54:55 GMT

GET
H2 200 mobmenu.ttf
helden.de/wp-content/plugins/mobile-menu/includes/css/font/ 12 KB
8 KB 37ms
37ms Font
font/ttf 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/font/mobmenu.ttf?31192480
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d49ea099481e01f6c80d0098144b28710ed7e27ffadee7cdac797ed87ef5740b

Request headers

Referer: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.14
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 1056930
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6d9d3fa58d929104-FRA
content-length: 7707
expires: Thu, 26 May 2022 08:43:08 GMT

GET
H3 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 43ms
18ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:34:14 GMT
x-content-type-options: nosniff
age: 413064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:34:14 GMT

GET
H2 200 / Show response
helden.de/wp-json/wp/v2/ 136 KB
7 KB 401ms
401ms XHR
application/json 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helden.de/wp-json/wp/v2/

Requested by

Host: helden.de
URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 6520
access-control-allow-headers: Authorization, Content-Type
allow: GET
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=0
cf-ray: 6d9d3fa61efa9104-FRA
link: <https://helden.de/wp-json/>; rel="https://api.w.org/"
expires: Mon, 07 Feb 2022 14:18:38 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ 356 KB
140 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helden.de/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143107
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 14:18:16 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b

Request headers

Referer
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 429 / Show response
ipapi.co/json/ 116 B
676 B 323ms
285ms XHR
application/json 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: helden.de
URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c40eb6d50cee55cd98e628b786109035413fef21587791221d06070e99e9e25b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://helden.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
vary: Host, Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: HEAD, GET, OPTIONS, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUXE%2FDB%2BQ52J4SB0UoUbVSVGntJkAN3YO9np6SgfPkHMWnkmgcaOoUd%2BTCMnAgpXtn6AfeUGqGX4dYTxhmw1UOTm5Hw6ObXENdoou7RJyE%2FRwgOHHpZge%2BzzEpMQLzzJwrhIXrwE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://helden.de
cf-ray: 6d9d3fa6aa3e9202-FRA
content-length: 116

GET
H2 200 widget.css
w.likebtn.com/css/w/ 72 KB
28 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/css/w/widget.css?v=39
Requested by: Host: w.likebtn.com
URL: https://w.likebtn.com/js/w/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4854
cf-polished: origSize=80956
last-modified: Fri, 21 Jan 2022 11:39:55 GMT
server: cloudflare
etag: W/"61ea9b8b-13c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEfdROW9dU2Z15GaPRhqSaXA5vnpdY2HeWLarCWbriU71kcXClOYbVmzSiGsxxxoKJZpU%2BFrTzU8QCZ84ewNSG%2F3lO7bVkqbm6IvW65UNaswZgfJUzP4njEEw2FbzgKmfB7wWrK8Tg4bk%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6d9d3fa6aa82927f-FRA
cf-bgj: minify

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 172ms
126ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e020363c-8365-44a8-b597-376aedff2fb5&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 07 Feb 2022 14:18:37 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: a0dda6ed442402a14bf03556e2c354d00e25fe4d29ca446bd56d2bca14360838
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
338 B 169ms
127ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e020363c-8365-44a8-b597-376aedff2fb5&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 07 Feb 2022 14:18:37 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 8d5cf08c05e9fcf5f9dad96e7bbd62e529c75325221bf76f825df13f624f9a7a
content-length: 43

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 850F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644243518167
https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644243518167&dcc=t

65 B
973 B

215ms
215ms

Document
text/html

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644243518167&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

Server: Server
Date: Mon, 07 Feb 2022 14:18:38 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: R5PC1M1QQBT21MQKT9HD
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Mon, 07 Feb 2022 14:18:38 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: TKJ7XY78GZC4BN853CAY
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1644243518167&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4608 40 KB
20 KB 63ms
38ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=lzh3ljr1kva8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

277169e15b5d4b4e8c3d08450961ffc559cb42353ca35703949331b666e1e95f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-36UmkvtmRrjL7CM5/eR6Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Feb 2022 14:18:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-36UmkvtmRrjL7CM5/eR6Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20840
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 4608 51 KB
24 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=lzh3ljr1kva8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 13:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 13:59:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 4608 356 KB
140 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143107
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 14:18:16 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4608 102 B
134 B 25ms
23ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=lzh3ljr1kva8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 07 Feb 2022 14:18:38 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4608 29 KB
16 KB 60ms
59ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

046217ebd03b316dc62fde0b6d7b14b0c4648b444d99a99627c287bc2ab0f3fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=lzh3ljr1kva8
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 07 Feb 2022 14:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16784
x-xss-protection: 1; mode=block
expires: Mon, 07 Feb 2022 14:18:38 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 8480 2 KB
1 KB 37ms
36ms Document
text/html 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1644243600000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9dfd1e30ec1915dfbcf0020116661f5a912b7181b1e2eaffabbfe4ab575db2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 04 Feb 2022 16:15:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: g3Mm5AdjZNiPgzoglrFp7XtOzC3RPOIv
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 07 Feb 2022 14:18:38 GMT
cache-control: no-cache
etag: W/"f66021d8eba698f6f00e5b7b03643d97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 6G42QN7_HxVV04GvlXeyzgRxh9AOtIMsvrrDJlxNst_akumN0YaAOg==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame ED50 2 KB
1 KB 36ms
36ms Document
text/html 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1644243600000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9dfd1e30ec1915dfbcf0020116661f5a912b7181b1e2eaffabbfe4ab575db2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 04 Feb 2022 16:15:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: g3Mm5AdjZNiPgzoglrFp7XtOzC3RPOIv
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 07 Feb 2022 14:18:38 GMT
cache-control: no-cache
etag: W/"f66021d8eba698f6f00e5b7b03643d97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: yBaTiwCBxmcmsM0Zs6sfCuFYAO5z9iC2FwdOJOJ6fM1axzr738fSzA==

GET
H2 200 runtime~main.f26feaa2.js Show response
js.driftt.com/core/assets/js/ Frame 8480 6 KB
3 KB 17ms
16ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cac9fd61be078dc8e05b940d298b75e3932894e379c91d3f32cdbab21631a714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:32 GMT
server: nginx
etag: W/"a03fbb3cfc1da322347a12ccc02e9ce9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ReRwy2CcwEXKOvB7bcAecIypYGfzMoCy
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l2gXc8HUqV1C-os9MKwGxlGJzjBNMrqg1Op_l5CpGWnJFSn01P25Jw==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 58 KB
20 KB 20ms
19ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jbncLbgywVlsYQN5neIdS_FdMI4EtfATY5JvrlOZWJ1cXsU1DOnTIQ==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 6 KB
3 KB 20ms
20ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FXhbrgraQdIluge5nniZlSxrdqc4WRulrpUe0ZuT9jaw8yn08Dp2zA==

GET
H2 200 runtime~main.f26feaa2.js Show response
js.driftt.com/core/assets/js/ Frame ED50 6 KB
3 KB 17ms
16ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

cac9fd61be078dc8e05b940d298b75e3932894e379c91d3f32cdbab21631a714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:32 GMT
server: nginx
etag: W/"a03fbb3cfc1da322347a12ccc02e9ce9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ReRwy2CcwEXKOvB7bcAecIypYGfzMoCy
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a9VAJbCiqD0SmS6jMD20TAzaO8NQ8S8zV26cuWcuZXvUl0Ek0PE20w==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 58 KB
20 KB 19ms
19ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BM_dySq5KwxAOsTkOVyJF5f7j5UPERp3qKvurqy9VV3rZfjTztccMA==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 6 KB
3 KB 20ms
20ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o8KSV1cdVjIj4pt_1NOf4LSRUEMlJ1QMZUx_YV5_t7jn-JJsh7dIhQ==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 47 KB
14 KB 18ms
17ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qSajK7XxKQW5wG2I-wDLNehJaOeWn5RrsbK8dCX1Xk4gXdfYSeb8bw==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 44 KB
13 KB 20ms
19ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q924-dyHiXlsQBibMsEA9gzb-rHsbzXHP19Ym7huF8m4sRxVlJcjeQ==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 25 KB
8 KB 21ms
21ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EzB42CFTmzLAJPAaX9f01N08JnMi2u2r39lR5bCwyB3TZwmG0Pe75w==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 16 KB
5 KB 22ms
21ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5ydT8p9tnjK49CzEUOwhLYijl8nXonJZcqpMtl50tHOSC9vBY3u4RQ==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 72 KB
22 KB 25ms
24ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B9oZWptwQD3CcTZtV99DheOF9wKfmroKegm6Fgm3DGZgTryt_SvpAA==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 16 KB
6 KB 26ms
25ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9EIESxck816UouyYkPdfoL1oIRGPryVEhaeGJOn-YPPnRxxJ9eUZnQ==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 59 KB
19 KB 28ms
28ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 3589536
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HDD-7EBlh0TYp_-6slOYeRAH0dWIwSkLgIfp5nbMewVStFmuM41i8Q==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 91 KB
28 KB 31ms
30ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5prtjKq5oYIIISrlJ-f_6pHq4C8K_z13fWDbLS7EWQ2sz37_sXkunQ==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 24 KB
7 KB 34ms
34ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9cyoF85zpos3ZxIRSJ9KD6_KDRV4WxNuZ_UZwvPkV6cJ-Wj1s9sFzg==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 62 KB
20 KB 37ms
36ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kGRW-F9V9nbSQ_JOcIEn4qpsCp8iHoezumKrcte-sYQoDRzrCIuRDA==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 105 KB
34 KB 40ms
39ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4gTWF2laJI_bILumeXFNvq5mXwl5pWu7jMbnnsKOZlAQbEeB3tfPVA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 12 KB
4 KB 43ms
43ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wY7GkPF3ScmVklOToftun0bI-WQWvZJRsKfcK7v3dOjG2lWVhAxJCA==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 12 KB
5 KB 44ms
43ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wDwFXAvA-FOF8gi7iqG6dO0fqnG_HeCYk6cBGsS7KxfrwMsiygQNUA==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 17 KB
7 KB 44ms
44ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cVaMSeWHAtbqU7d-52sQ_jxxXL5HM9dwlmngsYeHEuD1BjyqoSVVCQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 8480 11 KB
3 KB 44ms
44ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DH62JgSntlnS2v0ibC0ca7bW8HhBvWAGQZOm56N6TKeFpWudxaUYAQ==

GET
H2 200 8.569b6451.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 69 KB
22 KB 46ms
46ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.569b6451.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3e2b8b35f95dc6e667219eda56927ec40ca05c2d770f8651d99e2f36fcf7636e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:31 GMT
server: nginx
etag: W/"d9c555dc91ba54d86a789492654c54de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZiosMTeLkMYCcIfMpUfiRQ84.YEn3A1f
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yyQLH5DR3NIuunMQ5abWeN0oduRuP9OUgaZVq9mBTuvW9tEo0B_cLw==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 8480 24 B
667 B 46ms
46ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _ozBZ-21zJFDxXYXUSQLQ8ce8zs_Pmk6hWkSjuzzO_Nj3YsTmAtHQw==

GET
H2 200 15.1d8f5012.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 75 KB
19 KB 47ms
47ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.1d8f5012.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 257737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a10801df313ae6aee5353f1d56ee158d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KAn62QiCijDwsq5BJEU9_1eTMFOTCVrB
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 15Wc-Lh5TkRJl_jQpzS4oAb4fphD0d4X5gASOWiJc1UWSYzNcBrC7A==

GET
H2 200 22.947209a2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 47 KB
13 KB 48ms
48ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.947209a2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 257737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"d06d1a64be2b2e5ab91bedd7c4c17717"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k7zUF0pgH6bmYsPK._H98sqTvr7U2rBt
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cZi9W49itlr1thAvmZ9y2J-5OYk7jl7-hWi85hlqPiBSgOiiZ6nYZg==

GET
H2 200 13.6a0f2761.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 41 KB
13 KB 48ms
48ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.6a0f2761.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

35c25f6854ce3cfbfb0d6b93ddf1398e02dc7f71a8c878dd487e119143eb0f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"e424c51f822cdc41b84eee08299a4003"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8IzBp30roBajscVA3Ax5apMXOvEqsY4E
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3mib2TZ4e9UjozKPPJvu_mSkEpUEA_ESJlYrP0ZLgyBWeXOwSO3ksA==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 47 KB
14 KB 38ms
35ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NXTilERm0F4k8ElYKSKW6KJVBP0DZI11tEh8twV8LoEEGa67jxmwhg==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 44 KB
13 KB 38ms
34ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YAYQGVmHH1K4QKC9npQCgn_eTL70eiEOoIXU6Emn_EiVhLhxU5AMkg==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 25 KB
8 KB 39ms
34ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sVgbFN2a7ZnzfKfoTczLC4cL3HbXkTtl2iga7q2z6tIXe6386_uP1A==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 16 KB
5 KB 39ms
35ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I9oQ1JQhwLOi-Y7O16AeeHG62EPs15_AGKw0OoCnAluaOSQdcYuVyQ==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 72 KB
22 KB 40ms
35ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a24CXkSlSOdKn8W0-sl3MdnyQYZlW2KM-VDQHCX4x4e0eL13LGV2Pw==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 16 KB
6 KB 41ms
37ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PAPQxJFfyqP0UCNkUK4oGCDePoMrIesPYAtOTc5px7_QvtNEZNfuoA==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 59 KB
19 KB 41ms
37ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 3589536
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jInOxMLnPqLa1axpb_JK7FF8rBRXuUh9TVze4TQuL9zwGdjDgJD2jw==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 91 KB
28 KB 44ms
39ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fm9QP9Glcl-N546WD7SfogdCTHwbyeUAQLUGtBgXFu7x_Mvn2aEO-g==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 24 KB
7 KB 45ms
39ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n_TJMNKxv9hOL4nOhz27Fg6PPs7VF6OfXdgyKmj3YeBtvQC1yLfmBg==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 62 KB
20 KB 45ms
40ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8yVoiEC7wRSpD0Dsz7L1pnr2y4_C0AOyEml-AeqPQkZqJztCx1c0SA==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 105 KB
34 KB 46ms
41ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8DWtzYoKsujDiBI6ElXjm04w0l3BCKRSUcntTTARwqDTtmu7MwVp9g==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 12 KB
4 KB 46ms
42ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BEhFBY7D7Ao3E2i2FdbaJizK5AX0Oghdr9Y4cUD-mf05hstsyrSt5Q==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 12 KB
5 KB 47ms
42ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: udNudMJzpI1fnwfHNRmdwCtgfQIqhldXMpwm_euiA8fXfV6Z8PnJHQ==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 17 KB
7 KB 47ms
41ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y-EE22GcXaSFjpXC9RU2lz5-SEpGpbYgVm0F6ZxDmhFBhTldqFCKlw==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame ED50 11 KB
3 KB 46ms
41ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -wXxlpEGJ31sYYcHWJplyGCFZeNT4NqbHKZkgzrXkxBGDZIwQzpDhg==

GET
H2 200 8.569b6451.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 69 KB
22 KB 47ms
42ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.569b6451.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3e2b8b35f95dc6e667219eda56927ec40ca05c2d770f8651d99e2f36fcf7636e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:31 GMT
server: nginx
etag: W/"d9c555dc91ba54d86a789492654c54de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZiosMTeLkMYCcIfMpUfiRQ84.YEn3A1f
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7SQyCcaCT2_6_8bp2xVrE4r8WZ6fc0k7O3gIF3236_Dlyit1s5EPqQ==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame ED50 24 B
667 B 47ms
41ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
age: 2931898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rBiayKl6h3-b2VpP-HyXZ-4TAqPB_-WSYyua1LJvE9KWqfDLhzbViQ==

GET
H2 200 15.1d8f5012.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 75 KB
19 KB 46ms
42ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.1d8f5012.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 257737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a10801df313ae6aee5353f1d56ee158d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KAn62QiCijDwsq5BJEU9_1eTMFOTCVrB
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8zC2X_N6sLbW34AYRWhMkIhJvEbDxPYOBksLLejn1OK22pECE_7jSQ==

GET
H2 200 22.947209a2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 47 KB
13 KB 46ms
43ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.947209a2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:02 GMT
content-encoding: gzip
age: 257737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"d06d1a64be2b2e5ab91bedd7c4c17717"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k7zUF0pgH6bmYsPK._H98sqTvr7U2rBt
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P3YvUd9WhNpx04ky_nC5GY3tDNf5Dnt_W00W5GMHe_Uv7fIDFtlxeQ==

GET
H2 200 13.6a0f2761.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 41 KB
13 KB 47ms
43ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.6a0f2761.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

35c25f6854ce3cfbfb0d6b93ddf1398e02dc7f71a8c878dd487e119143eb0f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"e424c51f822cdc41b84eee08299a4003"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8IzBp30roBajscVA3Ax5apMXOvEqsY4E
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T7jYTp2hkRstPJJ_BGmBeL05FVsRwBYngikZL_Ul_lpTFebgMdoAQg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 9 KB
3 KB 17ms
16ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Qbl3A37TmhCedw0XlGARY2ztJ7uqk4GFWC20hIo7enIUR4xHV-2frg==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 33 KB
10 KB 17ms
17ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: olKpE3LrxNHceyHS8EvX1IHl9vkeXJY1JcDjUsgfAaRcXzcNdU37IQ==

GET
H2 200 25.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame 8480 8 KB
2 KB 18ms
17ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bxrqjBCKX9ERzz7WjftbPaYdOBk8_KxN
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kfi8I0sNzCxi_MT656C-gl_kzKrDFykH0GuOO5GQVNDmkWgO7YMnYQ==

GET
H2 200 25.933762ac.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 12 KB
5 KB 18ms
17ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.933762ac.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

debe1406181017af8e12fcf3f2d1843c02903360e9c246670593ef9f56abcd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:03 GMT
content-encoding: gzip
age: 257736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"c9808105e3831864ebb75c4236638e27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6.p3mLEden9mzpVq1Cu0G1BQjs5mQvtF
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _LoaIX_2Th9UOO72z7WvKmdsTy2b0bhFeCXC_Roe2qg6cVqCatZmXw==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 8480 365 B
1007 B 18ms
18ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wnk09eGNXEMZTM9vkDxn7pSLQvcgW_3trH-aaxtra4V5hVGsbQwovg==

GET
H2 200 19.bd01f986.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8480 85 KB
23 KB 18ms
18ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.bd01f986.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a76cc7d5636822ab215fab6786e2168f46c1c60df4fa739beff32dfe8e8606e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=65ac182b-10ea-4435-a1f2-25ca73903f80&sessionStarted=1644243518.933&campaignRefreshToken=7215b8ea-3242-420a-b4da-b9709e00263e&hideController=false&pageLoadStartTime=1644243518050&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:03 GMT
content-encoding: gzip
age: 257736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:29 GMT
server: nginx
etag: W/"a0f7cb9df7dd7c35338c05aea736bb8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GeB3hRqNiyNAekycQsxm7Q5WIJnF3eCL
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WX2jgkpZns64es59obaXXuuYz-0O6yk29r_maDvhYSO-DepDgrW-lA==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame ED50 3 KB
1 KB 16ms
16ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZNXOyOUfR0OCB8T5r8xk8mFVaPNhLNW80oAuhJ0DrZajn6JRmZVoaw==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 3 KB
2 KB 17ms
17ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:05:36 GMT
content-encoding: gzip
age: 1534383
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 18:53:54 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rMYj4oNQYUub_u72SVZfqEdUU0ow4Hu_qG-FZ0oP9EFnhNqBwSzY1A==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 9 KB
3 KB 16ms
16ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mrh3PB_tdL-PpxNEDFDI8FxhbTU__vhG0XGmUKR8GLnLMnHWRNv1wg==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame ED50 7 KB
2 KB 16ms
16ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W5pTrJlIjdbNHE4-KwwQHC4rsHMk7chQEKH4ay6-rk08vkLg6FjLVg==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 54 KB
16 KB 17ms
16ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 2931897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FJtZd8TsieYdzjEc7pMCvUo7c9lhlMAkGx7AoGsQfKYm3DL3KzoI-g==

GET
H2 200 1.e250bb71.chunk.css
js.driftt.com/core/assets/css/ Frame ED50 44 KB
7 KB 17ms
17ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e250bb71.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"2b7f0e5ff08649a2d71db9fdde0609ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U0zOe09_ThzYcAoSvmLbLojXTsJVu6PB
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Yx9_eB6uziOQL4RQAAwaufFL-5BBX-7hFMPcQuHgd2VbqdZGYIX_lA==

GET
H2 200 1.9aaba8fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 71 KB
24 KB 17ms
17ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.9aaba8fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

93b748021560a4fb851b828224f1c7aa9f8b1b28d6e1b59c2888dc76659d23ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:43:03 GMT
content-encoding: gzip
age: 257736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:28 GMT
server: nginx
etag: W/"c6b04c1f5bf3018a03b991cbd719c229"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kCSpqx2r.sn0zCo0LpbCB32nZQ3TEaMz
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Cq8ouXFh9HkT096_SBHo2zt7KvgwBLmsay-6k9Pr8MyF2ZdHsn6G-w==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame ED50 12 KB
3 KB 18ms
17ms Stylesheet
text/css 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L_L4a4n2JA35JajvXpcCyoVibtM_GI1aM4aNlG1ufrjdgCH8Z7agWA==

GET
H2 200 30.f8f90b50.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ED50 12 KB
5 KB 18ms
18ms Script
application/javascript 143.204.215.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.f8f90b50.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f26feaa2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-12.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7fbdf18ef718f7d92c5c552cf3133223239e5a87b2b17543417c863895fa3ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1644243518050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 252219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:30 GMT
server: nginx
etag: W/"403c83255f6ba5c35738df7176146d93"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9aY_CUpc8aGc6DumJu3tfRzHETVUuYEF
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N9cWlBPXAt8aLRRGkHqYiqv5Va8Yv493S4mO875USv1xTz4R7iKb7g==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 337ms
104ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 14:18:39 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftd23206d44808dd8aeb7203b6a12
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 8480 25 B
123 B 117ms
117ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Feb 2022 14:18:39 GMT
server: istio-envoy
requestid: 75c10a7d09eda479
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 8480 126 B
222 B 104ms
104ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

2dc1572e1265760dd29d3751371f98026681e0bd04bc8febfa0fcc57fd01241b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Feb 2022 14:18:39 GMT
server: istio-envoy
requestid: 6519f07b3a6665a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 126
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 346ms
103ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 14:18:39 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftffeaa1b429792ed132c359d575c
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 h8eubnf2kys7.json Show response
embeds.driftcdn.com/embeds/ Frame 8480 10 KB
5 KB 724ms
20ms XHR
application/json 143.204.215.111

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/h8eubnf2kys7.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46c6fc84b9bebdef50dc60e4c77c1f7d471602272f158752d51a308519d7783b

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 14:18:40 GMT
content-encoding: gzip
age: 20
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 07 Feb 2022 08:59:00 GMT
server: AmazonS3
etag: W/"dcbc8edddd8d9cfcdfc807fa22949499"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: UNKQrBH63bMEDpQGJSJq_-2tGktizp-fm_MRcRmbPY_NzOevigi6PQ==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 8480 25 B
88 B 115ms
114ms XHR
application/json 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Feb 2022 14:18:41 GMT
server: istio-envoy
requestid: f2cf296209d033ff
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 102ms
101ms Preflight
text/plain 54.147.21.139

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Feb 2022 14:18:41 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifta3fa8e24c6eb7b83897cd1f5b12
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 05:03:15	Name: _GRECAPTCHA Value: 09APj96hQzlrOtqW5R-_qm-LqXJ1_HTqnp9udjhHmA7mBc7IIEe_-jFQtIAUvByuAmu2ENQG5Z04E3iOne7cxu4ps
bossaa.pl/	1970-01-23 16:20:03	Name: __tad Value: 1644243514.4571061
.1redirb.com/	1970-01-20 09:29:39	Name: __dsnsid Value: 20220208011834739244b22e837cef7b
clever-redirect.com/	1970-01-20 00:45:29	Name: 59897591b3f2367242f9076576284468 Value: e9cc419a39667c4f93b72c48703ac41af749778ba42db28373ad910811e859e4a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2259897591b3f2367242f9076576284468%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
lookandfind.me/	1970-01-20 00:45:29	Name: 582473f618e5a549486f339ecb063fa0 Value: c7d787a3b325d54119bf90e91f580ac365cd8538e7e68ffe41712ed12e10bcdca%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22582473f618e5a549486f339ecb063fa0%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.awin1.com/	1970-01-20 02:10:27	Name: aw14361 Value: 926315\|0\|0\|1644243517\|19859fdf63a4142d827bf611f001755c\|aw\|0
.awin1.com/	1970-01-20 09:29:39	Name: bId Value: HLEX_62012a3d375816.68071446
.helden.de/	1970-01-20 02:10:27	Name: a_ident Value: affnet.14361_1644243517_3e4b2eaa542da18a2827d162cd0e018e
helden.de/	1970-01-20 09:29:39	Name: cookielawinfo-checkbox-necessary Value: yes
helden.de/	1970-01-20 09:29:39	Name: cookielawinfo-checkbox-non-necessary Value: yes
helden.de/	1970-01-20 09:29:39	Name: cookielawinfo-checkbox-advertisement Value: yes
helden.de/	1970-01-20 09:29:39	Name: cookielawinfo-checkbox-analytics Value: yes
helden.de/	1970-01-20 09:29:39	Name: cookielawinfo-checkbox-other Value: yes
helden.de/	1970-01-20 09:29:39	Name: cookielawinfo-checkbox-performance Value: yes
.t.co/	1970-01-20 18:15:15	Name: muc_ads Value: 8328e8be-39da-47de-8bd8-ca7ee8a4c856
.twitter.com/	1970-01-20 18:15:15	Name: personalization_id Value: "v1_7e082//E5X+T4S6FkxpLug=="
.amazon-adsystem.com/	1970-01-20 06:23:53	Name: ad-id Value: A64CgwJV9kVQo14TCWKO1GY
.amazon-adsystem.com/	1970-01-21 21:49:49	Name: ad-privacy Value: 0
helden.de/	1970-01-20 00:44:05	Name: drift_campaign_refresh Value: 7215b8ea-3242-420a-b4da-b9709e00263e

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ipapi.co/json/ Message: Failed to load resource: the server responded with a status of 429 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirb.com
aax-eu.amazon-adsystem.com
ajax.googleapis.com
analytics.twitter.com
bootstrap.api.drift.com
bossaa.pl
c.amazon-adsystem.com
clever-redirect.com
embeds.driftcdn.com
fonts.googleapis.com
fonts.gstatic.com
haftpflichthelden.de
helden.de
images.provenexpert.com
ipapi.co
js.driftt.com
lookandfind.me
metrics.api.drift.com
static.ads-twitter.com
t.co
w.likebtn.com
www.awin1.com
www.google.com
www.gstatic.com
103.224.182.206
103.224.182.242
104.111.239.217
104.244.42.195
104.244.42.69
108.156.255.177
143.204.215.111
143.204.215.12
151.101.12.157
157.90.169.168
2606:4700:10::6816:4c41
2606:4700:20::681a:a29
2606:4700:20::681a:e45
2606:4700:20::ac43:45e2
2a00:1450:4001:803::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:82f::200a
34.102.224.29
50.16.7.188
54.147.21.139
54.239.38.253
78.46.197.88
01c173a80ff2905f93cd94dc5bf6cd210e5d2306e0354a88423ba60372d14035
01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f
024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d
046217ebd03b316dc62fde0b6d7b14b0c4648b444d99a99627c287bc2ab0f3fa
050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa
20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6
22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008
22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2
26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f
277169e15b5d4b4e8c3d08450961ffc559cb42353ca35703949331b666e1e95f
29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b372347cc7358de506f1e9d6c8e42069374dd0950e2e641a4c5e69cbfcae4f2
2dc1572e1265760dd29d3751371f98026681e0bd04bc8febfa0fcc57fd01241b
2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e
32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a
3389b5ad1fcd9604f19b1705b53a08d85716aa3ad83cc57041d1c5a43c7509e2
341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5
35c25f6854ce3cfbfb0d6b93ddf1398e02dc7f71a8c878dd487e119143eb0f2b
395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705
39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf
39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9
3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c
3c430c6bbf28dcc0eb84b18a6647b8feab76de0a77a6975cb71b9b5f4cdf3731
3e2b8b35f95dc6e667219eda56927ec40ca05c2d770f8651d99e2f36fcf7636e
3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec
46c6fc84b9bebdef50dc60e4c77c1f7d471602272f158752d51a308519d7783b
47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a
48a2156abaed07fa73ed289ca1e45a818cdf7ca5d8aa6e6d31b64b2bf3850753
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
491f9c45a903bec1b4bae08e028e8e4cda983276ea68791a2c842026a6048ac6
499f5d894e680015c299c3707e38a9b65074b888ed8e8380854a782a71c4ebd2
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4dafd259073d41037e3a82ca1196dbc4b95621f859f5b991a1493ce3fa00b4f1
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389
536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5dc6b9f591f8a9a592258150d30296b9a224ee2d938cecc5e8ba347535e360dd
5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8
61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581
61cf74aefc3fe5e87d73f307d18b01b322e4cb24b18b614e7b1ae626fab58da0
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
6928cc4d50cb193b1c5d09343ecae72c20af5da0483e28b7c48a4c77e0f6d3c3
6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1
73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a
75dc94286d9fd0993744876ce2c71d6f2a4a4592fc2a1f71a96559e418d84352
7677f73b08b762d4e3a9f4cdd367211094350f5111a40dc099697d94124b04a7
7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6
798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5
7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169
7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7
7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed
7edee88862109a0b709cb1801cccd10f6460971dbb1afc945abb81c17bfca85e
7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6
7fbdf18ef718f7d92c5c552cf3133223239e5a87b2b17543417c863895fa3ebc
8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d613b50b8387a95831ac399d35d223bd3dd4143083fb9c33530d49e4e728573
8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e
8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b
93b748021560a4fb851b828224f1c7aa9f8b1b28d6e1b59c2888dc76659d23ce
93ca03195ed4c9536d694584455be6d5d71776e00fe33926ae596bfe4f35a76a
95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b
96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644
9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df
9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1
9ca4bb3b109a4b6af85b4186ad5cc6709ef3edf65543d0da5f0e88a9a3f57ee4
9cbfe64eec1cd97e6b40c7df10021f707d564f508b9571d7207debebec1bae7d
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9dfd1e30ec1915dfbcf0020116661f5a912b7181b1e2eaffabbfe4ab575db2fa
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
a0fa40176cf7621f894c7645f6162825006cee47b52776058cc2fa7f3b7bcae2
a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a3940c0c7051093e974422b42f2a563671ed810418862f44e8314f5255367e7d
a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a
a55eb96ad9952ebf2d6e42d4f44565d00ebe4a6ea1171e4d4dcaa6a653081c9d
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a76cc7d5636822ab215fab6786e2168f46c1c60df4fa739beff32dfe8e8606e8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7
b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c
b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151
b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f
b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d
be969b8e7198021c946d37afc84171af645d00c7ae9b9460d183e617b6d89f6c
bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355
c3736c112af68ab8446a4425720de82a8a48ce0a2929d7bbe2764edaf2139b8c
c40eb6d50cee55cd98e628b786109035413fef21587791221d06070e99e9e25b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4f7729261b19bc2e0dbc4b3cc3683ea880bdb7a8c98d1d055fa3ef274867553
c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92
c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b
cac9fd61be078dc8e05b940d298b75e3932894e379c91d3f32cdbab21631a714
d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a
d1992f7120383f5c828b26793d3b16bbd5fe189d72078473314b9e406c1c3613
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d49ea099481e01f6c80d0098144b28710ed7e27ffadee7cdac797ed87ef5740b
d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a
db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165
dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
debe1406181017af8e12fcf3f2d1843c02903360e9c246670593ef9f56abcd35
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c
e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533
f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8946610c7f4593b0f21a81847f97a856fcb93590a55da380679cf95372f2428
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193
fe6f3d116f908c426622882b79c5985dd45c155068badbdd807d2be64825c801

helden.de Open in urlscan Pro 2606:4700:10::6816:4c41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

98 %HTTPS

38 %IPv6

20 Domains

24 Subdomains

21 IPs

4 Countries

3471 kBTransfer

7655 kBSize

19 Cookies

13 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helden.de Open in urlscan Pro
2606:4700:10::6816:4c41 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

98 %
HTTPS

38 %
IPv6

20
Domains

24
Subdomains

21
IPs

4
Countries

3471 kB
Transfer

7655 kB
Size

19
Cookies

192 HTTP transactions
1 data transactions