www.paketda.de Open in urlscan Pro
85.13.164.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Submission: On June 10 via api (June 10th 2021, 5:06:51 am UTC) from DK

Summary HTTP 225 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 51 IPs in 8 countries across 41 domains to perform 225 HTTP transactions. The main IP is 85.13.164.109, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.paketda.de.
TLS certificate: Issued by R3 on May 21st 2021. Valid for: 3 months.

This is the only time www.paketda.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	85.13.164.109 85.13.164.109	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
7	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	161.156.66.184 161.156.66.184	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	52.222.174.105 52.222.174.105	16509 (AMAZON-02) (AMAZON-02)
1	35.201.77.229 35.201.77.229	15169 (GOOGLE) (GOOGLE)
25	2600:9000:218... 2600:9000:218c:7800:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.222.174.52 52.222.174.52	16509 (AMAZON-02) (AMAZON-02)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 5	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
4	213.19.162.21 213.19.162.21	26667 (RUBICONPR...) (RUBICONPROJECT)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	35.158.25.241 35.158.25.241	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
5	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
14	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:a30d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:811::200d	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 3	52.84.174.89 52.84.174.89	16509 (AMAZON-02) (AMAZON-02)
4 7	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	52.212.225.58 52.212.225.58	16509 (AMAZON-02) (AMAZON-02)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
225	51

10 85.13.164.109 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd48108.kasserver.com

www.paketda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

static.paketda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.156.66.184 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.42.9ca1.ip4.static.sl-reverse.com

vg07.met.vgwort.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

paketda.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.174.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-105.cdg50.r.cloudfront.net

gdpr-tcfv2.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.77.229 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 229.77.201.35.bc.googleusercontent.com

cdns.yieldscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:218c:7800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.174.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-52.cdg50.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.15 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.162.21 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

msodigital-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a30d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.174.89 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-89.cdg50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.225.58 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-225-58.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.227 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com	733 KB
39	disquscdn.com c.disquscdn.com a.disquscdn.com	739 KB
24	doubleclick.net 2 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	173 KB
17	paketda.de www.paketda.de static.paketda.de	604 KB
14	disqus.com paketda.disqus.com disqus.com tempest.services.disqus.com referrer.disqus.com links.services.disqus.com glitter.services.disqus.com	85 KB
12	ampproject.org cdn.ampproject.org	212 KB
12	google.com 3 redirects adservice.google.com www.google.com apis.google.com accounts.google.com	42 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	125 KB
7	rlcdn.com 4 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
6	openx.net msodigital-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
6	privacy-mgmt.com cdn.privacy-mgmt.com	76 KB
5	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	rubiconproject.com fastlane.rubiconproject.com	7 KB
4	googletagservices.com www.googletagservices.com	123 KB
3	rezync.com 2 redirects live.rezync.com	3 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	criteo.com 1 redirects bidder.criteo.com gum.criteo.com	2 KB
3	smartadserver.com prg.smartadserver.com	966 B
2	adform.net 2 redirects c1.adform.net	925 B
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	narrative.io 1 redirects io.narrative.io	777 B
2	viglink.com cdn.viglink.com	592 B
2	criteo.net static.criteo.net	53 KB
2	facebook.net connect.facebook.net	67 KB
2	google.de adservice.google.de	921 B
2	vgwort.de 1 redirects vg07.met.vgwort.de	777 B
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	mathtag.com 1 redirects sync.mathtag.com	599 B
1	facebook.com www.facebook.com
1	googleadservices.com partner.googleadservices.com	639 B
1	teads.tv a.teads.tv	248 B
1	emxdgt.com hb.emxdgt.com	159 B
1	yieldlab.net ad.yieldlab.net	924 B
1	casalemedia.com htlb.casalemedia.com	526 B
1	pubmatic.com hbopenbid.pubmatic.com	116 B
1	a-mo.net prebid.a-mo.net	786 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	yieldscale.com cdns.yieldscale.com	116 KB
1	sp-prod.net gdpr-tcfv2.sp-prod.net	44 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
225	41

	Domain	Requested by
39	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.paketda.de d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com cdn.ampproject.org
25	c.disquscdn.com	paketda.disqus.com disqus.com c.disquscdn.com tempest.services.disqus.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
14	a.disquscdn.com	c.disquscdn.com
12	cdn.ampproject.org	securepubads.g.doubleclick.net
10	www.paketda.de	www.paketda.de
7	static.paketda.de	www.paketda.de static.paketda.de
6	www.google.com	3 redirects tpc.googlesyndication.com www.paketda.de d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
6	cdn.privacy-mgmt.com	gdpr-tcfv2.sp-prod.net cdn.privacy-mgmt.com
6	pagead2.googlesyndication.com	www.paketda.de pagead2.googlesyndication.com tpc.googlesyndication.com
5	idsync.rlcdn.com	2 redirects c.disquscdn.com live.rezync.com
5	fonts.gstatic.com	fonts.googleapis.com
5	ib.adnxs.com	3 redirects cdns.yieldscale.com c.disquscdn.com
5	disqus.com	paketda.disqus.com c.disquscdn.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.paketda.de
4	fastlane.rubiconproject.com	cdns.yieldscale.com
4	www.googletagservices.com	www.paketda.de pagead2.googlesyndication.com googleads.g.doubleclick.net d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
3	eu-u.openx.net	cdns.yieldscale.com eu-u.openx.net
3	cm.g.doubleclick.net	2 redirects eu-u.openx.net
3	live.rezync.com	2 redirects c.disquscdn.com
3	links.services.disqus.com	c.disquscdn.com
3	referrer.disqus.com
3	fonts.googleapis.com	cdn.privacy-mgmt.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	prg.smartadserver.com	cdns.yieldscale.com
2	c1.adform.net	2 redirects
2	us-u.openx.net	eu-u.openx.net
2	p.rfihub.com	2 redirects
2	io.narrative.io	1 redirects
2	ejp.rlcdn.com	2 redirects
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	cdn.viglink.com
2	static.criteo.net	cdns.yieldscale.com static.criteo.net
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	vg07.met.vgwort.de	1 redirects www.paketda.de
1	match.adsrvr.org	eu-u.openx.net
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	glitter.services.disqus.com	c.disquscdn.com
1	ssl.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	tempest.services.disqus.com	c.disquscdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	a.teads.tv	cdns.yieldscale.com
1	hb.emxdgt.com	cdns.yieldscale.com
1	msodigital-d.openx.net	cdns.yieldscale.com
1	bidder.criteo.com	cdns.yieldscale.com
1	ad.yieldlab.net	cdns.yieldscale.com
1	htlb.casalemedia.com	cdns.yieldscale.com
1	hbopenbid.pubmatic.com	cdns.yieldscale.com
1	prebid.a-mo.net	cdns.yieldscale.com
1	cdn.jsdelivr.net	cdns.yieldscale.com
1	cdns.yieldscale.com	www.paketda.de
1	gdpr-tcfv2.sp-prod.net	www.googletagmanager.com
1	paketda.disqus.com	www.paketda.de
1	www.googletagmanager.com	www.paketda.de
225	61

This site contains links to these domains. Also see Links.

Domain
www.bild.de
www.google.com
www.rtl.de
landing.mailerlite.com
t.me

Subject Issuer	Validity	Valid
paketda.de R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
static.paketda.de R3	`2021-05-08` - `2021-08-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.met.vgwort.de Thawte RSA CA 2018	`2020-03-13` - `2022-04-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.sp-prod.net R3	`2021-05-08` - `2021-08-06`	3 months	crt.sh
cdns.yieldscale.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.privacy-mgmt.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
teads.tv R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-04-06` - `2021-10-13`	6 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Frame ID: C007AED95ABE344FDDB9D71BBAE98C7C
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: B07EF4243462D84040B3718E6B03A80B
Requests: 1 HTTP requests in this frame

Frame: https://static.paketda.de/img/logo.svg
Frame ID: 310590C46A426860724F35AA5CF67600
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
Frame ID: 2CE6AB190E5D97BAA32927A6ADE5192D
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&adk=1812271804&adf=3025194257&lmt=1580057382&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=2&bdt=159&idt=83&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5493960376247&frm=20&pv=2&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=469
Frame ID: 0F16B5B3DE9D0B74A2B0EC52FBC01D38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
Frame ID: 4D8FA81D0C0A4CF8268876416349F903
Requests: 25 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
Frame ID: 68BD02836E3687DDF026C37E70BC49E0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: EC4A2B316FE9C5467ED6666318CEFC1C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D84141F45FDC0EDB455EA4A6D6F55F4B
Requests: 1 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=paketda&experiment=network_default_hidden&variant=fallthrough&service=dynamic&anchorColor=%23272a2a&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&disqus_version=af9035c
Frame ID: 8C0A64D3E0C711B026414465979E6DC7
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.paketda.de&gdpr=0&gdpr_consent=
Frame ID: B5E3B6D6673A9EEC65E85CB3F7CE08CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 65085CDA4D7E03AF11C788A8C91CA0D6
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: F8EA724C9D730AE4516594A671EAC404
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 0EF95C1F62DC3117B010A907D7D280EB
Requests: 19 HTTP requests in this frame

Frame: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B0E128B253FC84F0A47EE286455C5997
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 66930FFDB1C563DD147E4801A0264C46
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html
Frame ID: 250547A756F15EE8757126CE5BC5DB52
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8253376696CC0F708C4AC6E1C84021B3
Requests: 2 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c30us1812mo3ov5&pctry=CH&referrer=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
Frame ID: 1C92A1B794C6881D919E600AB4949AEA
Requests: 3 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB63OJU3iXezPWsVUCFPxkM&google_cver=1
Frame ID: 2B16A94F0CF70753C480F52AE831CB6E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
Frame ID: 4626FF53B56DD2A8C41B9A7B34B0A108
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

225
Requests

100 %
HTTPS

44 %
IPv6

41
Domains

61
Subdomains

51
IPs

8
Countries

3254 kB
Transfer

7117 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bild.de/bild-plus/sparfochs/2019/politik-inland/nach-ebay-kauf-835-euro-futsch-achtung-neue-abzock-masche-64752498,la=de.bild.html
Title: Bezahlartikel

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=onlinewache
Title: Onlinewache

Search URL Search Domain Scan URL

URL: https://www.rtl.de/cms/ebay-und-ebay-kleinanzeigen-betrug-mit-sendungsverfolgung-4584985.html
Title: gekürzter TV-Beitrag hier

Search URL Search Domain Scan URL

URL: https://landing.mailerlite.com/webforms/landing/p7p1i0
Title: per E-Mail

Search URL Search Domain Scan URL

URL: https://t.me/PaketdaNews
Title: bei Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://vg07.met.vgwort.de/na/e74d717b309245a3bcfabac3f3001780 HTTP 302
https://vg07.met.vgwort.de/blank.gif

Request Chain 170

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 205

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 213

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCNu7hoYGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB63OJU3iXezPWsVUCFPxkM&google_cver=1

Request Chain 214

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac30us1812mo3ov5&ret=img&ref=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=a14f5900-c9a9-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac30us1812mo3ov5&ret=img&ref=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html

Request Chain 219

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=4156996722155042667 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=0dcee404-26b9-413d-bf2e-104a0c00d5d3%3A1623301595.8&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc30us1812mo3ov5 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c30us1812mo3ov5 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4156996722155042667

Request Chain 220

https://p.rfihub.com/cm?pub=39342&in=1&userid=0dcee404-26b9-413d-bf2e-104a0c00d5d3%3A1623301595.8&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=875739027457388643 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c30us1812mo3ov5 HTTP 307
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=RcE-C44AlEAExGTWeeE0upXiuYOk_qlM

Request Chain 223

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6d9860c1-9ddd-4c00-8dd2-3095ebb28678

Request Chain 224

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gweRQIxTlhWYBpAX0A7fFIcOy0eYBsYThFbVTwBM

Request Chain 225

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3875326023903859932

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUvCK7HaMpmX7UjlInI13Q&google_cver=1

225 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request news-betrug-packstation-ruedersdorf.html Show response
www.paketda.de/ 23 KB
7 KB 161ms
50ms Document
text/html 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: 5dd15427ab099499265f5d866ba0338b9c85e79ab901435fe76485b7666d5d5b

Request headers

:method: GET
:authority: www.paketda.de
:scheme: https
:path: /news-betrug-packstation-ruedersdorf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
server: Apache
last-modified: Sun, 26 Jan 2020 16:49:42 GMT
vary: Accept-Encoding,User-Agent
content-encoding: br
content-type: text/html

GET
H2 200 jquery191.min.js Show response
www.paketda.de/js/ 90 KB
31 KB 60ms
59ms Script
application/javascript 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paketda.de/js/jquery191.min.js
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

:path: /js/jquery191.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: br
last-modified: Tue, 22 May 2018 08:53:42 GMT
server: Apache
etag: "169d5-56cc78e1fa152-br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31771
expires: Fri, 10 Jun 2022 05:06:33 GMT

GET
H2 200 pure-min.css
static.paketda.de/css/ 17 KB
4 KB 21ms
6ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.paketda.de/css/pure-min.css
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: br
last-modified: Sun, 15 Apr 2018 19:21:35 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"5ad3a63f-4386"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Thu, 17 Jun 2021 05:06:33 GMT

GET
H2 200 grids-responsive-min.css
static.paketda.de/css/ 10 KB
1 KB 21ms
6ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.paketda.de/css/grids-responsive-min.css
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d956eb8fa1a6ae55667e0f9d19de66bf41ea27faec1f45e9c255a2816ffbeed

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: br
last-modified: Sun, 15 Apr 2018 19:21:34 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"5ad3a63e-2646"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Thu, 17 Jun 2021 05:06:33 GMT

GET
H2 200 201903.css
static.paketda.de/css/ 16 KB
4 KB 26ms
11ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.paketda.de/css/201903.css
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 6227b818bcf866b7ee451dfe73f1b58094aa9196e9d22c77961af0bcda8c3192

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 19:22:21 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"5fd2756d-4122"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Thu, 17 Jun 2021 05:06:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eff766d6a18a3b38db2172ae793a05bef14c813b745acce0ff328f3bc480ec2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48308
x-xss-protection: 0
server: cafe
etag: 14635983453910833891
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5722702001788ee03a5638c5af46828d25917c12659977dd752ae46befd56ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "898 / 978 of 1000 / last-modified: 1623280302"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21290
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 paketda-logo.png
www.paketda.de/img/ 39 KB
39 KB 44ms
44ms Image
image/png 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/paketda-logo.png
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: 2986fe0c41e6ffea62add94c0fa1c099391a09109cee5603c7befabb197f4ad1

Request headers

:path: /img/paketda-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Mon, 12 Oct 2020 17:01:48 GMT
server: Apache
etag: "9c6f-5b17c40ffd18d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 40047
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H/1.1

200
OK

blank.gif
vg07.met.vgwort.de/
Redirect Chain

https://vg07.met.vgwort.de/na/e74d717b309245a3bcfabac3f3001780
https://vg07.met.vgwort.de/blank.gif

43 B
332 B

30ms
30ms

Image
image/gif

161.156.66.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vg07.met.vgwort.de/blank.gif
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 161.156.66.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: b8.42.9ca1.ip4.static.sl-reverse.com
Software: s2.52.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 10 Jun 2021 05:06:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: s2.52.0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Thu, 10 Jun 2021 05:06:32 GMT
Last-Modified: Thu, 10 Jun 2021 05:06:32 GMT
Server: s2.52.0
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Content-Type: text/html
Location: /blank.gif
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Tue, 22 Aug 2000 15:05:01 GMT

GET
H2 200 202106-fiege-ebay-klein.jpg
www.paketda.de/img/news/ 10 KB
10 KB 48ms
47ms Image
image/jpeg 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/news/202106-fiege-ebay-klein.jpg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: 9c367fcef059336812e18d7b52b06cd5b6f1cd71faedd3eb60bbaf24edb6ad93

Request headers

:path: /img/news/202106-fiege-ebay-klein.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Wed, 09 Jun 2021 07:27:25 GMT
server: Apache
etag: "2840-5c45034c98daf"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10304
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H2 200 kurznachrichten3-klein.jpg
www.paketda.de/img/news/allg/ 9 KB
9 KB 66ms
66ms Image
image/jpeg 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/news/allg/kurznachrichten3-klein.jpg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: e2efb1efda0dcda80c65d60198789f0a9feb5d038321489efd30c1ec056a98c5

Request headers

:path: /img/news/allg/kurznachrichten3-klein.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Mon, 17 Aug 2015 11:22:01 GMT
server: Apache
etag: "231f-51d8002b0a55e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8991
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H2 200 kurznachrichten2-klein.jpg
www.paketda.de/img/news/allg/ 13 KB
13 KB 66ms
66ms Image
image/jpeg 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/news/allg/kurznachrichten2-klein.jpg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: 1490106be67163959d14fab476c3c243681798cced94a10104594377474f0dc1

Request headers

:path: /img/news/allg/kurznachrichten2-klein.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Mon, 17 Aug 2015 11:22:01 GMT
server: Apache
etag: "3209-51d8002a7009d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12809
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
40 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDR3BQC

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d50021d5744d5259913e2930cb04ec2ce1cac15965e1e1ec8679814e484418d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40530
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 logo.svg
static.paketda.de/img/ 4 KB
2 KB 6ms
6ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.paketda.de/img/logo.svg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 65cd86259dc38d8d244d1a6a629cc5fffb0407f9c63f243cfcece0d20dbaf1cc

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: br
last-modified: Sat, 14 Apr 2018 10:40:40 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"5ad1daa8-1117"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Thu, 17 Jun 2021 05:06:33 GMT

GET
H2 200 hind-madurai-v3-latin-regular.woff2
static.paketda.de/css/fonts/ 14 KB
14 KB 20ms
6ms Font
font/woff2 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.paketda.de/css/fonts/hind-madurai-v3-latin-regular.woff2
Requested by: Host: static.paketda.de
URL: https://static.paketda.de/css/201903.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: d288be9cff721ee99fbabc23e03f43e9b86edd9c7fab848180db7a6180b36113

Request headers

Origin: https://www.paketda.de
Referer: https://static.paketda.de/css/201903.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Tue, 22 May 2018 08:49:43 GMT
server: keycdn-engine
x-edge-location: defr
etag: "5b03d9a7-37c4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14276
expires: Thu, 17 Jun 2021 05:06:33 GMT

GET
H2 200 hind-madurai-v3-latin-700.woff2
static.paketda.de/css/fonts/ 14 KB
14 KB 25ms
12ms Font
font/woff2 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.paketda.de/css/fonts/hind-madurai-v3-latin-700.woff2
Requested by: Host: static.paketda.de
URL: https://static.paketda.de/css/201903.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 0e7e5865a9be94128aae608f974a894ee45d93eeb025265a9df02f4c070ee5c4

Request headers

Origin: https://www.paketda.de
Referer: https://static.paketda.de/css/201903.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Tue, 22 May 2018 08:49:42 GMT
server: keycdn-engine
x-edge-location: defr
etag: "5b03d9a6-37e4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14308
expires: Thu, 17 Jun 2021 05:06:33 GMT

GET
H2 200 202001-packstation-betrug.jpg
www.paketda.de/img/news/ 25 KB
25 KB 63ms
63ms Image
image/jpeg 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/news/202001-packstation-betrug.jpg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: 57a0ce35307a2e487f9213b95964c369692c5c0b40c3d57c73fb58054df1b151

Request headers

:path: /img/news/202001-packstation-betrug.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Sun, 26 Jan 2020 15:05:59 GMT
server: Apache
etag: "646d-59d0c541c2a04"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25709
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H2 200 202001-betrugspaket.jpg
www.paketda.de/img/news/ 62 KB
63 KB 47ms
46ms Image
image/jpeg 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/news/202001-betrugspaket.jpg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: 04e8f5b6574e94f4f5f0b09282a3ee258a9b3af1ede74232352a47d59ced308c

Request headers

:path: /img/news/202001-betrugspaket.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Sun, 26 Jan 2020 16:54:57 GMT
server: Apache
etag: "f898-59d0dd9ce53fa"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 63640
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H2 200 202001-betrug.jpg
www.paketda.de/img/news/ 59 KB
60 KB 46ms
46ms Image
image/jpeg 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/news/202001-betrug.jpg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: 66367b64acc21a450b3db6feba48567f1943b069eb12f0aa00cccb00995677d8

Request headers

:path: /img/news/202001-betrug.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Sun, 26 Jan 2020 16:36:39 GMT
server: Apache
etag: "ec5d-59d0d985211bd"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 60509
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H2 200 202001-betrugstracking.jpg
www.paketda.de/img/news/ 301 KB
304 KB 50ms
49ms Image
image/jpeg 85.13.164.109
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paketda.de/img/news/202001-betrugstracking.jpg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.164.109 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd48108.kasserver.com
Software: Apache /
Resource Hash: cf2f6848506728d18a92215dd87c821ad6a5ada622390afb2f421a2ebc22905a

Request headers

:path: /img/news/202001-betrugstracking.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.paketda.de
referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
last-modified: Sun, 26 Jan 2020 16:59:33 GMT
server: Apache
etag: "4b58c-59d0dea3dbba9"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 308620
expires: Sat, 10 Jul 2021 05:06:33 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 231 KB
85 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6637642313118842&plah=www.paketda.de&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87427
x-xss-protection: 0
server: cafe
etag: 18285230650351733317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame B07E 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 09 Jun 2021 13:03:54 GMT
expires: Wed, 23 Jun 2021 13:03:54 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
age: 57759
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK embed.js Show response
paketda.disqus.com/ 75 KB
25 KB 72ms
20ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://paketda.disqus.com/embed.js

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

00970d30e0d3f0947d455e1567497af4256271ff1729853bd23eed59dc792d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:33 GMT
Content-Encoding: gzip
Server: openresty
Age: 64
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24724

GET
H2 200 logo.svg Show response
static.paketda.de/img/ Frame 3105 4 KB
2 KB 6ms
6ms Document
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.paketda.de/img/logo.svg
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 65cd86259dc38d8d244d1a6a629cc5fffb0407f9c63f243cfcece0d20dbaf1cc

Request headers

:method: GET
:authority: static.paketda.de
:scheme: https
:path: /img/logo.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

server: keycdn-engine
date: Thu, 10 Jun 2021 05:06:33 GMT
content-type: image/svg+xml
last-modified: Sat, 14 Apr 2018 10:40:40 GMT
vary: Accept-Encoding
etag: W/"5ad1daa8-1117"
cache-control: max-age=604800
access-control-allow-headers: *
access-control-allow-methods: *
content-encoding: br
expires: Thu, 17 Jun 2021 05:06:33 GMT
x-edge-location: defr
access-control-allow-origin: *

GET
H2 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ 312 KB
110 KB 75ms
28ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
gdpr-tcfv2.sp-prod.net/ 151 KB
44 KB 90ms
32ms Script
application/javascript 52.222.174.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDR3BQC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-105.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c4aa0b188daf9fb45476c3844b6fdb6be6f0d8b090c9be422684c9b94afba45

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 22:46:02 GMT
server: AmazonS3
age: 1221
etag: W/"f51802d0b85b54ef3426c04411b09a6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a3d0a2c557e0fa30cfdc1da901dc92e5.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Thu, 10 Jun 2021 04:46:13 GMT
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: AzFnxvlZd_966OtWnPNbf93m0ViQK1gXSX7UlrXki7JOJej5qwDldA==

GET
H2 200 prebid.js Show response
cdns.yieldscale.com/ 373 KB
116 KB 75ms
41ms Script
text/javascript 35.201.77.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.yieldscale.com/prebid.js
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.77.229 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 229.77.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 339754bb0bb40a029e7201c41a932cc5e48e6dd7ae5038c808ed45167919790e

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-UzZlOgOxTqs9Yh4XVeuzJ7CBIhMj3AKpyxfqdBwgoUQkfy669QuNZ5zAqYqU-8eMGnF3NZK967ZxMRkeqAlZbEkNo6D9A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 117884
last-modified: Mon, 07 Jun 2021 15:12:34 GMT
server: UploadServer
etag: "8abd10a743a3a16fe338efd251478811"
vary: Accept-Encoding
x-goog-hash: crc32c=MR/weA==, md5=ir0Qp0OjoW/jOO/SUUeIEQ==
x-goog-generation: 1623078753950355
cache-control: no-cache
x-goog-stored-content-length: 117884
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 10 Jun 2022 05:06:33 GMT

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 69ms
24ms Other
text/css 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: paketda.disqus.com
URL: https://paketda.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210977
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: 1esYzyvmXVt0Ss86_DImnCEQSaFk-u0Bd4U7kR0mNvAEEg0hDzCZuw==
x-cache-hits: 0

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ 0
93 KB 69ms
24ms Other
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: paketda.disqus.com
URL: https://paketda.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210977
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: aNJIcILSLFd0HiU2p8WxBoHV3w51ePnWknTibQ3zyp004fg1LZa_HA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ac702132ea5e06471da27768120c5978.js
c.disquscdn.com/next/embed/ 0
118 KB 69ms
24ms Other
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Requested by

Host: paketda.disqus.com
URL: https://paketda.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210977
x-cache: Hit from cloudfront
content-length: 120382
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1d63e"
content-type: application/javascript; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: KkaUq2_42SWJ3_qTIXtKK_2d13lyyoS9LAis0uqL432CxGELT97PRg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 62ms
19ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: paketda.disqus.com
URL: https://paketda.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:33 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 11
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 31ms
15ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210610

Requested by

Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d77772c863208781b114e5969a0cd9e642e37a6976fd0b950ea96c1a78e9cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7521
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a95e9b15d00004de2463d2000000001
x-served-by: cache-fra19130-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"69d-sy/HOReXJEnQjKPAu/zBM3Ig0yE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 65d0122eff434de2-FRA

GET
H2 200 native-message Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 323 KB
17 KB 93ms
92ms XHR
application/json 52.222.174.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1061%2C%22requestUUID%22%3A%22c28fb54f-bdf0-4614-9ace-aa36cf5702c5%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html%22%2C%22euconsent%22%3Anull%2C%22authId%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.paketda.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by: Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-52.cdg50.r.cloudfront.net
Software: / Express
Resource Hash: 71ad92475659039f6e092d33106e3aef1b07a4830117fb58acf48628e5d5e8b2

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-amz-cf-pop: CDG50-P2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paketda.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: tKOKg9_3AWqXcu-vf78zPVmOlzo7NpEQpw6ZKkX6IOOQFlqPOvOmkg==
via: 1.1 fbdf5158ae0cd2f5d84c84ce83cd7039.cloudfront.net (CloudFront)

OPTIONS
H2 200 native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 96ms
37ms Preflight
text/plain 52.222.174.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1061%2C%22requestUUID%22%3A%22c28fb54f-bdf0-4614-9ace-aa36cf5702c5%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html%22%2C%22euconsent%22%3Anull%2C%22authId%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fconsent.paketda.de%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol: H2
Server: 52.222.174.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-52.cdg50.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.paketda.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Thu, 10 Jun 2021 05:06:33 GMT
x-powered-by: Express
access-control-allow-origin: https://www.paketda.de
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fbdf5158ae0cd2f5d84c84ce83cd7039.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: mR4yZgVY-o_Fy_CsvE5KCZNi4HZA71nlswqdonG-0BE4psBghgNgjQ==

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 2CE6 114 KB
22 KB 345ms
345ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default

Requested by

Host: paketda.disqus.com
URL: https://paketda.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7ba45eed4298054881500719ebaae9ac6df406f07a8a78ed701f5f11711a82fc

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.paketda.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

Connection: keep-alive
Content-Length: 21709
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 23 May 2021 07:55:34 GMT
ETag: W/"lounge:view:7837535938.90c737dd8f7665eabac75f59354c9377.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 10 Jun 2021 05:06:33 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
786 B 343ms
131ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 11ad9dd2a046669151e63ec56787a02d08ab1dd9f8ca3755f23147eb9733b5e8

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paketda.de
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 27
content-length: 356

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 206ms
68ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.paketda.de
date: Thu, 10 Jun 2021 05:06:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
322 B 175ms
38ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:33 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.paketda.de
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
322 B 175ms
38ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:33 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.paketda.de
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
322 B 176ms
39ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:33 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.paketda.de
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
526 B 167ms
34ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=324597&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213ce218af6fceba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.36.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A8%2C%22msi%22%3A8%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221459cf011fcabb8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22324597%22%2C%22sid%22%3A%22800x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22158fe08a301c947%22%2C%22ext%22%3A%7B%22siteID%22%3A%22326070%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216fcf82055af809%22%2C%22ext%22%3A%7B%22siteID%22%3A%22326071%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221459cf011fcabb8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22324597%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221459cf011fcabb8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22324597%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221459cf011fcabb8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22324597%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22158fe08a301c947%22%2C%22ext%22%3A%7B%22siteID%22%3A%22326070%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22158fe08a301c947%22%2C%22ext%22%3A%7B%22siteID%22%3A%22326070%22%2C%22sid%22%3A%22580x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A580%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216fcf82055af809%22%2C%22ext%22%3A%7B%22siteID%22%3A%22326071%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216fcf82055af809%22%2C%22ext%22%3A%7B%22siteID%22%3A%22326071%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216fcf82055af809%22%2C%22ext%22%3A%7B%22siteID%22%3A%22326071%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 76b16a96d9355565ee4818737851d23068c5e654907f83fcf04a4303baf5173a

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.paketda.de
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 45
x-ak-client-geo: 12
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H/1.1 200
OK 7504422,7504430,7504436 Show response
ad.yieldlab.net/yp/ 2 B
924 B 168ms
36ms XHR
application/json 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/7504422,7504430,7504436?ts=1623301593647&json=true&pubref=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&gdpr=false
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:33 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: en-US
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 28
Expires: Wed, 09 Jun 2021 05:06:33 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 168ms
36ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0&cb=71126087628
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.paketda.de
date: Thu, 10 Jun 2021 05:06:33 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
719 B 167ms
37ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:33 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid: 7632fc1f-4282-4b9e-9597-c47a0933a518
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 345 B
2 KB 250ms
74ms XHR
application/json 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19998&site_id=236850&zone_id=1168114&size_id=2&alt_size_ids=55%2C57%2C125&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&tg_i.dfp_ad_unit_code=14594570%2Fleaderboard_1&tg_i.pbadslot=14594570%2Fleaderboard_1&tk_flint=pbjs_lite_v4.36.0&x_source.tid=937ed5e7-f04a-466a-b1ff-85410b3da811&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4232697149767024
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b689b6ee8cdab506f54bb6ad17d16c5172db7ada9e7295bb38652e8f84ed6e0d

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 345
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 345 B
2 KB 235ms
55ms XHR
application/json 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19998&site_id=236850&zone_id=1398128&size_id=2&alt_size_ids=55%2C57%2C125&gdpr=0&rf=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&tg_i.dfp_ad_unit_code=14594570%2Fleaderboard_1&tg_i.pbadslot=14594570%2Fleaderboard_1&tk_flint=pbjs_lite_v4.36.0&x_source.tid=937ed5e7-f04a-466a-b1ff-85410b3da811&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6760849316449216
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5ce4abd416bca0b622289432fa8b34b5a299de342ec9feb423467ce69c36b837

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 345
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 316 B
2 KB 235ms
55ms XHR
application/json 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19998&site_id=236850&zone_id=1168114&size_id=15&alt_size_ids=16%2C232&gdpr=0&rf=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&tg_i.dfp_ad_unit_code=14594570%2Fnetboard_1&tg_i.pbadslot=14594570%2Fnetboard_1&tk_flint=pbjs_lite_v4.36.0&x_source.tid=e2ad19cf-6073-49af-a132-f0ff81192b3c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35483427141760315
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6a2a3144f37043d4d01a80319d0d5f9d8404d5b69452a717a2bcfc2c0101c9f4

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 316
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 344 B
2 KB 241ms
58ms XHR
application/json 213.19.162.21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19998&site_id=236850&zone_id=1168114&size_id=9&alt_size_ids=8%2C10%2C54&gdpr=0&rf=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&tg_i.dfp_ad_unit_code=14594570%2Fskyscraper_1&tg_i.pbadslot=14594570%2Fskyscraper_1&tk_flint=pbjs_lite_v4.36.0&x_source.tid=b41086f6-ebcb-44c2-8a6b-4b9b932b5231&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.016054624622155567
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 89b22b67a42af25d0f0a8be3ab79ebecfbaa038a5bc6be29f70d0389cca3ac0a

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 344
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
msodigital-d.openx.net/w/1.0/ 173 B
561 B 218ms
99ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://msodigital-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=937ed5e7-f04a-466a-b1ff-85410b3da811%2Ce2ad19cf-6073-49af-a132-f0ff81192b3c%2Cb41086f6-ebcb-44c2-8a6b-4b9b932b5231&nocache=1623301593654&gdpr=0&aus=728x90%2C800x250%2C970x90%2C970x250%7C300x250%2C336x280%2C580x400%7C300x600%2C160x600%2C120x600%2C300x1050&divIds=leaderboard_1%2Cnetboard_1%2Cskyscraper_1&auid=540500194%2C540500195%2C540500203
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: dc11a16411c086c0ef92d979ecb63218df14aa7cc97eaf0f4bdbc2ed3a470c28

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.paketda.de
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
159 B 157ms
33ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=800&ts=1623301593655&src=pbjs
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.paketda.de
date: Thu, 10 Jun 2021 05:06:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
248 B 217ms
94ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paketda.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
639 B 148ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.paketda.de&callback=_gfp_s_&client=ca-pub-6637642313118842

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6637642313118842&plah=www.paketda.de&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

aaa65eeb36acfa84c677b60cb30aafbb00e655a729cc8e44fba7c4805d2c05d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.paketda.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 129ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.paketda.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F16 0
19 B 89ms
88ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&adk=1812271804&adf=3025194257&lmt=1580057382&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=2&bdt=159&idt=83&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5493960376247&frm=20&pv=2&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=469

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&adk=1812271804&adf=3025194257&lmt=1580057382&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=2&bdt=159&idt=83&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5493960376247&frm=20&pv=2&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=469
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 05:06:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Jun-2021 05:21:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 05:06:33 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D8F 103 KB
20 KB 726ms
726ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bef8b90637599eadb2b6d91cec62b36b00d4dce53d980225a8fa8e1c1d45305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Jun 2021 05:06:34 GMT
server: cafe
content-length: 19958
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Jun-2021 05:21:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 05:06:34 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 32ms
18ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97c80b36cb55184ee6364ae1107d7caf7d540f25c8cfbe9d3b5df6b09e22fffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7830
x-xss-protection: 0

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/ Frame 68BD 4 KB
2 KB 86ms
28ms Document
text/html 52.222.174.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
Requested by: Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-52.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4642be0b0419a544ed9a3c1f132bac12c9a15526f5746e416aa275f22183832

Request headers

:method: GET
:authority: cdn.privacy-mgmt.com
:scheme: https
:path: /index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

content-type: text/html
last-modified: Tue, 08 Jun 2021 21:23:23 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 10 Jun 2021 04:23:30 GMT
etag: W/"7f7b771c4c9e363c20379ae732301316"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9032f97f2aeb92c5a73eac6a8f1ae43.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: u0cCHR3CBX8rtZNMJaEd1o0KxI4OLcladIbN2f5zBYVfZoI-i5mJlQ==
age: 2586

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame EC4A 12 KB
5 KB 21ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 10 Jun 2021 04:04:53 GMT
expires: Fri, 10 Jun 2022 04:04:53 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3700
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D841 783 B
831 B 18ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

606b63f02c15457a98398ef61bc0b42458af3c2d7072189975fab7b5249719a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YNEtlVGkJ/bTlj9igWl1gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

expires: Thu, 10 Jun 2021 05:06:33 GMT
date: Thu, 10 Jun 2021 05:06:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-YNEtlVGkJ/bTlj9igWl1gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lounge.load.a5921af07b365f6dfd62075d2dee3735.js Show response
c.disquscdn.com/next/embed/ Frame 2CE6 1 KB
1 KB 66ms
21ms Script
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.a5921af07b365f6dfd62075d2dee3735.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0a0c09e1e97f172c235c9dcb12dbcd2c20b6bd1bce3a0fe453b245139ededbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210977
x-cache: Hit from cloudfront
content-length: 532
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-214"
content-type: application/javascript; charset=utf-8
via: 1.1 182e7ab2ee669d6d9e48c29c3622b7dd.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: X0kCaP7LfROTA4oYzLPA-7s2S8fMSzDkkU9OZIaVPvvmAk84n223qw==
x-cache-hits: 0

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame EC4A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:21:11 GMT

GET
H2 200 Notice.93e4c.css
cdn.privacy-mgmt.com/ Frame 68BD 32 KB
5 KB 30ms
29ms Stylesheet
text/css 52.222.174.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.93e4c.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-52.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dcb9fa74969a305668ec4f32acbef3142b8616498032fcc8cdca30745fa2fa6

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 04:23:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 21:23:22 GMT
server: AmazonS3
age: 2586
etag: W/"62c8b8d1462fe6d3078f0b270271ae3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 c9032f97f2aeb92c5a73eac6a8f1ae43.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: 3qjxhRjr5QI1EyqT_Ny7mKL1H1u-x2lvQo3Hrg6MLfErixHqXbWDIQ==

GET
H2 200 polyfills.01247.js Show response
cdn.privacy-mgmt.com/ Frame 68BD 5 KB
2 KB 29ms
29ms Script
application/javascript 52.222.174.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.01247.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-52.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 04:23:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 21:23:23 GMT
server: AmazonS3
age: 2586
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c9032f97f2aeb92c5a73eac6a8f1ae43.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: KksyrfheV5hcrbSibLyFsb6mqWQp7oAAVDARg_iZ2TbACIeWaJ7qjg==

GET
H2 200 Notice.78381.js Show response
cdn.privacy-mgmt.com/ Frame 68BD 199 KB
49 KB 40ms
40ms Script
application/javascript 52.222.174.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.78381.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-52.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24b67416f5acebe9d42bd39944ab89686f841b761daba1cc398837542d12a42b

Request headers

Referer: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 04:23:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 21:23:22 GMT
server: AmazonS3
age: 2586
etag: W/"40a94ce256fee871dd71b73b7dce1054"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c9032f97f2aeb92c5a73eac6a8f1ae43.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: 1ehi3yzNO803zVNXC2ZPKesep6uG3oAIIAwc6YMN6ifXf9pa4jTjQA==

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js Show response
c.disquscdn.com/next/embed/ Frame 2CE6 282 KB
93 KB 21ms
21ms Script
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.a5921af07b365f6dfd62075d2dee3735.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210977
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: A8ZW2A706jcLq1ioBVIHYJeVIrmg-Z9Q4OopkMTkltCqtXLTIGZ3iw==
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 68BD 7 KB
787 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=357113&consentUUID=a47f754b-4631-4172-9e21-4efbb6e4088d&requestUUID=c28fb54f-bdf0-4614-9ace-aa36cf5702c5&preload_message=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab4fcf5bb46fb4d81f740b652eabadcaf18e4c9c732e011bd5ca17183e3c6f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.privacy-mgmt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 04:09:03 GMT
server: ESF
date: Thu, 10 Jun 2021 05:06:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 05:06:33 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 68BD 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.privacy-mgmt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 23:08:23 GMT
x-content-type-options: nosniff
age: 107891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:08:23 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 68BD 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.privacy-mgmt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 18:02:29 GMT
x-content-type-options: nosniff
age: 126245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 18:02:29 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.paketda.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.paketda.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
38 KB 825ms
824ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=280336569124374&correlator=4043258511906978&output=ldjh&impl=fifs&eid=31061290&vrg=2021060301&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=14594570%2Cleaderboard_1%2Cnetboard_1%2Cskyscraper_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C800x250%7C970x90%7C970x250%2C300x250%7C336x280%7C580x400%2C300x600%7C160x600%7C120x600%7C300x1050&eri=1&cookie=ID%3D77edae073dc10070-22d58e5ad3c80029%3AT%3D1623301593%3ART%3D1623301593%3AS%3DALNI_MY7PNeUZhQkDkIggMWyLZ6svBWXSA&bc=31&abxe=1&lmt=1580057382&dt=1623301594044&dlt=1623301593043&idt=343&frm=20&biw=1600&bih=1200&oid=3&adxs=203%2C417%2C1254&adys=2263%2C6940%2C166&adks=2995610145%2C3030999872%2C1839493144&ucis=1%7C2%7C3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x6489%7C1000x25%7C312x33&msz=728x0%7C300x0%7C300x0&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=false&fws=132%2C132%2C132&ohw=1600%2C1600%2C1600&btvi=1%7C2%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

6ca63d933af86676219d2d5c996585b7bc30c7e01264112d66c9a8e1ffd5b997

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJuyhdeljPECFVaBgwcdsPcOJQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12267285743105212416/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJuyhdeljPECFVaBgwcdsPcOJQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12267285743105212416/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38638
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.paketda.de
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 46ms
13ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ Frame 2CE6 158 KB
26 KB 21ms
21ms Stylesheet
text/css 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210978
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: Fn7kAikPYyIqvcLrmVk62Ajj4vn6grvWn7ZGkpfgxk4zpBmvJ5N_oQ==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ac702132ea5e06471da27768120c5978.js Show response
c.disquscdn.com/next/embed/ Frame 2CE6 467 KB
118 KB 22ms
21ms Script
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d42a5154973ce1847b0f60cd27dbde653347daf6169ed714e2f4a71a87f33a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210978
x-cache: Hit from cloudfront
content-length: 120382
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1d63e"
content-type: application/javascript; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: JP7gHsI54ZiGawjPgtbEntArY6qQpV-FK-eOTUBli_lrPqp1lieSig==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 2CE6 12 KB
12 KB 20ms
20ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:34 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 12
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H2 200 de.js Show response
c.disquscdn.com/next/current/embed/lang/ Frame 2CE6 27 KB
9 KB 22ms
22ms Script
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/embed/lang/de.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3ac2c22049f64c174f6597c00be3627598c3d74f672cb22811506ed3ad6fe906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
x-cache: Hit from cloudfront
content-length: 9161
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
last-modified: Tue, 09 Mar 2021 18:44:51 GMT
server: nginx
etag: "6047c223-23c9"
content-type: application/javascript; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Thu, 10 Jun 2021 05:08:51 GMT
cache-control: max-age=300, public
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: SDQ1V1nHOlb8g-qluPoF7LEwO8f5gGy4vOyFAgy3VFf45cIqhbuS0A==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 2CE6 3 KB
3 KB 20ms
19ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=paketda&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0e428bb50a9058e41706851c825f0a40549341e7e5bdce613bcff515bb8011b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:34 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 90
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2946
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loadReactions Show response
disqus.com/api/3.0/threadReactions/ Frame 2CE6 960 B
1 KB 129ms
129ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/threadReactions/loadReactions?thread=7837535938&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

106c194753c0f550f0ab4067eb610e990b6d03f8bba7e2c965d1bbfccf1ffb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:34 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=30, max-age=60
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 960
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/survey/ Frame 8C0A 14 KB
6 KB 173ms
123ms Document
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=paketda&experiment=network_default_hidden&variant=fallthrough&service=dynamic&anchorColor=%23272a2a&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&disqus_version=af9035c
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 4dfd860d1fa1c9c0685710a1dfc7086e3d07f784030ef16df5ea9cd8f8b5e953

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: disqus_unique=30us1812mo3ov5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default

Response headers

Connection: keep-alive
Content-Length: 5392
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Service: router
Content-Encoding: gzip
Date: Thu, 10 Jun 2021 05:06:34 GMT
Age: 0
Vary: Accept-Encoding,

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 67ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32079
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 2CE6 43 B
295 B 151ms
108ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=310mhn4156e0hd&experiment=network_default_hidden&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=paketda&zone=thread&page_url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&page_referrer=https%3A%2F%2Fwww.paketda.de%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default_hidden%3Afallthrough&section=default&verb=call&adjective=1&forum_id=3757806

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2CE6 13 KB
13 KB 22ms
21ms Image
image/svg+xml 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3680933
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jhMFig7CH8qpjclbRA3fYXY2vsgnLr_Fsqfpy89FwcqgziT9Hyo1sg==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 2CE6 3 KB
3 KB 21ms
21ms Image
image/gif 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10973307
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KYw7TGnpqM65IeZBGONym1fBV5_sz6TvGV4VUKVbFoxNNLBnPlkbsQ==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 2CE6 2 KB
2 KB 21ms
21ms Image
image/png 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 06:58:50 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3881264
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 22 Apr 2021 19:20:03 GMT
server: nginx
etag: "6081cc63-746"
content-type: image/png
access-control-allow-origin: *
expires: Tue, 26 Apr 2022 06:58:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9Y3bOfFkp2Wo9ema8b4-RVIxmXDw9CpJC27ouR1Idu12rdL8u2wfXQ==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 2CE6 8 KB
8 KB 23ms
22ms Font
application/octet-stream 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 182e7ab2ee669d6d9e48c29c3622b7dd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3182700
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: as6-sPA7QXwCmY2fhYqYQL2EjcDmeNLnrSJWhcDBxH1JMT2Myv_gKw==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 21ms
21ms Script
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: paketda.disqus.com
URL: https://paketda.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3073264
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
timing-allow-origin: *
x-amz-cf-id: uQ27RSqCfmW5-AFu4tfNgYyit6KbBekwiviDONcK1PRu6DCmnHVBFA==
x-cache-hits: 0

GET
H2 200 upvote-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2CE6 8 KB
9 KB 22ms
21ms Image
image/png 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8afec44114c09f3e520fd8c89a7e00386e99bc567ccbbf16f23771b75b58a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:02:03 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 289
x-cache: Hit from cloudfront
content-length: 8212
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-2014"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 10 Jun 2021 05:06:45 GMT
cache-control: max-age=300, public
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0ZuuQVuAXVQDBpQlh4XPo0oPDqoyqpVT8ykvDrYeY4GgAlNyLqzO-Q==
x-cache-hits: 0

GET
H2 200 surprised-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2CE6 7 KB
8 KB 22ms
22ms Image
image/png 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:05 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 29
x-cache: Hit from cloudfront
content-length: 7308
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1c8c"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 10 Jun 2021 05:11:05 GMT
cache-control: max-age=300, public
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TAPLmubcEfGRupFNVS_GDpzfeVxbVPnSIdyfWH-fZ25Dz40SLNaCuA==
x-cache-hits: 0

GET
H2 200 angry-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2CE6 17 KB
18 KB 22ms
22ms Image
image/png 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8630d3642f52a29b6198da00f23f7bd2481ad1cc19becfcf441a6c4ffe4ae099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:01:37 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 297
x-cache: Hit from cloudfront
content-length: 17794
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-4582"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 10 Jun 2021 05:06:37 GMT
cache-control: max-age=300, public
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GMlBEhfKgFn6vRg2qhATTAWLkooieKHsKo0A2bZbXQhqFcxTI3nLkA==
x-cache-hits: 0

GET
H2 200 love-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2CE6 12 KB
12 KB 23ms
22ms Image
image/png 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:05:05 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 89
x-cache: Hit from cloudfront
content-length: 11910
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-2e86"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 10 Jun 2021 05:10:05 GMT
cache-control: max-age=300, public
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FKSUzQKAnIVaHYPzv9tN0n525rMqqqpMxLyUTf48JTY4ys8bNm9RYg==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32079
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2CE6 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58e52b382bed5e8f3e21e5f3c66d510099ab863a4a426a4330d94308e7b52cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2WRh/aLZdIYkfywipWmXRg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: z9jBNQKOjDxySUWNvyiRsdNHo5bYBuU2VNIS2d+T1xF+MQAL/gCV3z6KXkFPj9I4Sa4E0VOoye+mex3Oh4uirQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 3f7b0f28807026b7f0ddb5fc10435529
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 10 Jun 2021 05:06:34 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "90dc7437ae3f0a60b81cdc0d5154ab81"
timing-allow-origin: *
expires: Thu, 10 Jun 2021 05:18:06 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 2CE6 12 KB
6 KB 48ms
28ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7xAX5Rou8owTYylVznYJjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "79224003c2b5597899d15c3a85e46734"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-7xAX5Rou8owTYylVznYJjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 74ms
26ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Jun 2021 05:06:34 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=280336569124374&bg=!V1SlVBDNAAY6sG-_OrA7ACkAdvg8WoLg_4G-8-JM1_TU5f6FPSf00tgbd_NMCNi_q7MXJSjMnxFbSwIAAAEmUgAAAMtoAQcKANBF6k487-ZuiyXbHJNqJaHwu5gF6zNVvRJnZhKJJCRlfmYxIYygPfNvdaAjJb7JKrTElCsw2u7HpZf6a6lLfybIftaVAU17h2auicAemXhmzIyh4pyDcQ9NjvTL1z0VZ2tkniy0FleG1M-0oViJQ8QCJ_kn8ELDwWNcAb560AD9_AEXx9zhy96zJtP1q3nMnl2-jI35oXFgWrejKOTSBLJjmabrgrS2YHCEBd1S0JY8YlKu6pKIO_BOl9tNQPrsmFAOWRTdCt-KTJZ3YOddkDU6mQJ9rkTdF0dz6R1IXDuxgBV_S3zA9jFWwnMQPz1_PC6gF2XgKYcY5svj6b4k9M04sz2vBLNIld_Cc4a3OfwOlg5y7W6mRGPxPEhly-GTWGTRMsa6s7unbLwMkjNGMruIlkiW3X9QhaCHS9WPaCyhtolh2e19WeOoLy_nxQjbe3bGKZpUjDnn1liiijudNwbLkPjPtwy_5E86Dt74bdBlOLXRAfA_96Cyp-gVtkr_RT5mxgIvCfYfqV_NfUvTdpF1sUQPBRhvKUBahpDM16fYIBedwYs5XpzrpKdNSDbsMHsLyng7xM4VVeP0vTsgplA3zkNwfMM7XCL3GemZJIKbaNFn2doE-avSbO5LuuMWscS2quhAwgHc-B8QfsYSNBg5hkW7wlBDRoN8VSDv5lAyl8D2CMb46EMQUhjPYyuU38YMtZCctum0wDqYjgfv5Ar21n8zE30a41kC0CInUu2qdMEHWP0RRe2FDdZz_-Ucr_-tNp1N5ogPXqtfUSt2gBrmygyUZ1ugSpARe6nKQuuPpKBBXatC9NDf3RRkzR8BtaQ5Vj05tPU0YKPT3TVqz7NVLdaMNGgsdNKZP2cmHWWTg1FDPSqZwHH4XP7KZcFqF5HWVGh5yON-WZ_53wOgreJdy0PcR-c_f_Xs2NF9ByhMoTMYW7UHdeWBgXznKUoOw9nuY1reGcBnDkmpOpAiLZVNopoAqhovaW2g0OAgiSVMBHj4oN9FFZHho04w6wTM2e56Px5m59DWBrEVN7QETVgO912-PxFsClq048ad6oYdK3AdlFzHDfDxD4977At97IBtTjCzww_3Ys2gBK9Mwg8lh3_daN0GeBrLLZEWQDENtg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32079
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
128 B 43ms
26ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=1.4701084784549165
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
cf-cache-status: HIT
age: 2
cf-ray: 65d01235eb7dc303-FRA
content-length: 43
x-amz-id-2: HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: MQDRM63QZQ5N3ES6
cache-control: max-age=15, must-revalidate
cf-request-id: 0a95e9b5ac0000c303c0bf6000000001
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
464 B 40ms
23ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=1.4701084784549165
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
cf-cache-status: HIT
age: 2
cf-ray: 65d01235eb82c303-FRA
content-length: 43
x-amz-id-2: HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: MQDRM63QZQ5N3ES6
cache-control: max-age=15, must-revalidate
cf-request-id: 0a95e9b5ae0000c303e1969000000001
accept-ranges: bytes
content-type: image/gif

GET
H2 200 prebid.4.39.0.js Show response
c.disquscdn.com/js/dist/ Frame 8C0A 320 KB
98 KB 21ms
21ms Script
application/javascript 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/js/dist/prebid.4.39.0.js

Requested by

Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=paketda&experiment=network_default_hidden&variant=fallthrough&service=dynamic&anchorColor=%23272a2a&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&disqus_version=af9035c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f7eca3f99ce39f0220940a4eeae70037446bd11337e6f2bf3ec0e108a92e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 19:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1934721
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
content-length: 99562
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Tue, 18 May 2021 17:17:50 GMT
server: nginx
etag: "60a3f6be-184ea"
content-type: application/javascript; charset=utf-8
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
expires: Thu, 17 Jun 2021 19:41:13 GMT
cache-control: max-age=2592000
x-amz-cf-pop: CDG50-P1
x-amz-cf-id: rd5tnUKEQzqakqUl1bm89yCKJZZwrQq9ISRraCMawrKm-ifltqA6Yw==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 20ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32079
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 2CE6 220 KB
65 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=be357d49fa950b36267ebd3a0125e691&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b637826bdbf8ff8d85b83d24dec124c53ce1428911d5762ca37a00e787fa23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: K3KbGMOspt+rN2bZp7AlZA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66098
x-fb-rlafr: 0
x-fb-debug: biuOV9My7Dxc0sicjnpXu2w+atsDB/tXKcNYs56j9QaamZjGXcLLPgLJeiZwyn+YfTz5yCNNGqQx1rewi/nsEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 17b6c04827ec3f83b07d9829c86937f3
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 10 Jun 2021 05:06:34 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "29cb4e5cd3f1bac5587b8c89e274beb0"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 10 Jun 2022 02:38:24 GMT

GET
H2 200 5d7f7505a10e8c849470265ce393f6ab.js Show response
www.gstatic.com/mysidia/ Frame 4D8F 7 KB
3 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d7f7505a10e8c849470265ce393f6ab.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d061cf248e6817cc9497fdf606aefb9ca23ebb78d4f19d2a4d9651090c78a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2965
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Sep 2021 17:55:58 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 38ms
38ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32079
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 4D8F 1 KB
909 B 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 04:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 04:59:38 GMT

GET
H2 200 c1af86186721870a43a5ae33fad0d723.js Show response
www.gstatic.com/mysidia/ Frame 4D8F 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c1af86186721870a43a5ae33fad0d723.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b55156ac222eeab1c5e24fa042c8dc8e914de18326d903f1e383a0edd57d0513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7759
x-xss-protection: 0
last-modified: Thu, 03 Jun 2021 11:40:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Sep 2021 06:17:27 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 4D8F 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 05:03:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 4D8F 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 05:00:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D8F 122 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 4D8F 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 05:02:13 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 2CE6 103 KB
34 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35022
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 14:22:34 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8C0A 138 B
851 B 42ms
42ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/js/dist/prebid.4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

af9f06f44426e66e526763fff5857ecab2ccf6a759ad56c9fc2fef57bdb0defe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:34 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid: e1b9452c-2b84-4f6b-ad69-2c732b3517ef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tempest.services.disqus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B5E3 2 KB
2 KB 45ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.paketda.de&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.paketda.de&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1855
set-cookie: uid=78dbae07-d4b5-4fd3-9897-b7916860a8eb; expires=Fri, 10 Jun 2022 05:06:34 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 10 Jun 2021 05:06:34 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 72ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Jun 2021 05:06:34 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 2CE6 43 B
295 B 108ms
108ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=310mhn4156e0hd&experiment=network_default_hidden&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=paketda&zone=thread&page_url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&page_referrer=https%3A%2F%2Fwww.paketda.de%2F&object_type=advertisement&provider=survey&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default_hidden%3Afallthrough&object_id=&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A113%7D&forum_id=3757806

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32079
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4785406150979558650/ Frame 4D8F 17 KB
17 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4785406150979558650/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c1a53114a6edcead6823b7c404bc5c84860ad980ea6a2c753c5cd7c8876fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 07:02:04 GMT
x-content-type-options: nosniff
age: 79470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17547
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 12:28:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 07:02:04 GMT

GET
H3-29 200 9432112633661628469
tpc.googlesyndication.com/icore_images/ Frame 4D8F 18 KB
18 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/9432112633661628469

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12d11081f7cff6cf57d7bdeb5be75838f61afe7afa1eb6f36e74db32e66ea471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:25:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jul 2020 13:42:13 GMT
server: sffe
age: 139280
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18122
x-xss-protection: 0
expires: Wed, 08 Jun 2022 14:25:14 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2114383067765384482/ Frame 4D8F 8 KB
8 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2114383067765384482/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe17b5ec11ec3f22d4bd9caf09d874921ac81b3a3641db1fea9aced7864a12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 23:55:37 GMT
x-content-type-options: nosniff
age: 105057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8308
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 11:33:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:55:37 GMT

GET
H3-29 200 2240049838733531849
tpc.googlesyndication.com/icore_images/ Frame 4D8F 19 KB
19 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/2240049838733531849

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503a93fdaa64ab17b07b848ab02eac274638b0d852cb1399a325f2b18d67b1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:46:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 18:06:43 GMT
server: sffe
age: 134385
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18952
x-xss-protection: 0
expires: Wed, 08 Jun 2022 15:46:49 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10039733107564128638/ Frame 4D8F 10 KB
10 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10039733107564128638/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

712eb995ddeb6f937813b43e507010506b0b96569a3e63bf19aa9c0692e74457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:36:36 GMT
x-content-type-options: nosniff
age: 138598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10645
x-xss-protection: 0
last-modified: Sun, 15 Nov 2020 22:09:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:36:36 GMT

GET
H3-29 200 14444093496561849360
tpc.googlesyndication.com/icore_images/ Frame 4D8F 16 KB
16 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/14444093496561849360

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c98d345760bf2b23b9a6757e892007f135a31d581abab78cb1ab81fbf92b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:15:07 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Nov 2020 18:11:34 GMT
server: sffe
age: 150687
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16116
x-xss-protection: 0
expires: Wed, 08 Jun 2022 11:15:07 GMT

GET
H3-29 200 10970062159058278284
tpc.googlesyndication.com/icore_images/ Frame 4D8F 5 KB
5 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/10970062159058278284

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1dd6c74e0b3ee516cbb82f16a690fe328ca8c0452f36862e3c40aa489962d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 06:23:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 29 May 2021 15:25:59 GMT
server: sffe
age: 168212
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
expires: Wed, 08 Jun 2022 06:23:02 GMT

GET
H3-29 200 6713072967044242020
tpc.googlesyndication.com/icore_images/ Frame 4D8F 15 KB
15 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/6713072967044242020

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

327015b3a9b36d98f722696d5ad5b40039dad472ab297a70cc335905e4317233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:14:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Apr 2018 00:40:00 GMT
server: sffe
age: 114742
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15578
x-xss-protection: 0
expires: Wed, 08 Jun 2022 21:14:12 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHCI82Z3BYPOxMIygrATa14WID_DVy79ijePr68oN2tkeEAEggru6GygIYJUCoAGKxbD5A8gBBqkCzxqo_G1utD6oAwHIAwKqBNwBT9A1QOjds57m7L_iDw8LNE5umOCeI47rb8t9wjzPD10d9wQEpbNwRwjUtJgS5T-GagjWeK7r_IZU0Z9qFHgyIwdISGwNnEJ7Q4H3OLTWkfw6FfglHthw6zuFAYbH-XilRubLwCctm-HhxbQY3XOvOGxDrjlkKdc6NUxP0YRmnJSA7cWAd5DX93XKHe2W0LLYQxhSoIWprlr-ap7HZVr9g3pH-piFmLOLwfXBJd2qWvq-vgFV1h3vwREu_peXR4TfyppqebhSdUXXWbzclSZU2Que9Z0RTX_uRkSUUMAEn-yDr9IDkgUECAQYAZIFBAgFGASgBjeAB966zwaoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ7NcO0ggHCIBhEAEYH4AKAcgLAcITBhiKxbD5A9gTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi02NjM3NjQyMzEzMTE4ODQy&sigh=uUeMbLj8mLM&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca_192Z3BYPOxMIygrATa14WID6XVnbEFjdzCup8Cpp6tjWsQAiCCu7obKAhglQLIAQGoAwHIAwKqBLIBT9CrzNT9shTnUMmbD1YMe1Vqh-GLaYugsa_P8gTODxUYvwHulFYZDBTQs9JO8GfealHRN7Xv44dBm5ohX3N4OhESWSQbi0NuG5a7K77Gju46HeMiXMQo_CqFF5DR5W6sGuiRxT-g9gMgxU3x302l1qcgqoIKkTrRNvJHfXIE9JeX6MWAd1DXs3XKne0W0LLYQ5hSoIWprFL-ap7HZVr9gXpH-JCFmLOLwPXBJ8ivhxgFiMAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOzXDtIIBwiAYRABGB-ACgHICwHQFQGAFwGyFxoKGAgAEhRwdWItNjYzNzY0MjMxMzExODg0Mg&sigh=Xtsxsnc4if0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 19ms
19ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8wt32Z3BYPOxMIygrATa14WID_aRkvBi1oOo9foMwI23ARADIIK7uhsoCGCVAqABupr9_gLIAQapAs8aqPxtbrQ-qAMByAMCqgTXAU_QBHP83bGe5uy_4g8PCzRObpjgniOO62_LfcI8zw9dHfcEBKWzcEcI1LSYEuU_hmoI1niu6_yGVNGfahR4MiMHSEhsDZxCe0OB9zi01pH8OhX4JR7YcOs7hQGGx_l4pUbmy8AnLZvh4cW0GN0zrz9sQ7FgUzzNOjVMT9GEZpyUgO3FgHeQ1_d1yh3tltCy2EMYUqCFqa5a_mqex2Va_YN6R_qYhZizi8H1wSXdqlr6vr4BVdYd78ERLqa5wMNIGu48FTUdwmpCW0Tpunw7-spoh1qPsBbGwATGnaKApgOSBQQIBBgBkgUECAUYBKAGN4AHruWCgQGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ7NcO0ggHCIBhEAEYH4AKAcgLAcITBhi6mv3-AtgTCtAVAYAXAbIXGgoYCAASFHB1Yi02NjM3NjQyMzEzMTE4ODQy&sigh=qPwOXndZGBc&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqe7M2Z3BYPOxMIygrATa14WID6XVnbEFjdzCup8Cpp6tjWsQBCCCu7obKAhglQLIAQGoAwHIAwKqBLIBT9CrzNL9shTnUMmbD1YMe1Vqh-GLaYugsa_P8gTODxUYvwHulFYZDBTQs9JO8GfealHRN7Xv44dBm5ohX3N4OhESWSQbi0NuG5a7K77Gju46HeMiXMQo_CqFF5DR5W6sGuiRxT-g9gMgxU3x302l1qcgqoIKkTrRNvJHfXIE9JeX6MWAd1DXs3XKne0W0LLYQ5hSoIWprFL-ap7HZVr9gXpH-JCFmLOLwPXBJ8ivhxgFiMAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOzXDtIIBwiAYRABGB-ACgHICwHQFQGAFwGyFxoKGAgAEhRwdWItNjYzNzY0MjMxMzExODg0Mg&sigh=ERYoYyAY-vg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsgyX2Z3BYPOxMIygrATa14WID6CRm4Rjs9HE-ZUOl_X73skiEAUggru6GygIYJUCoAGu6671AsgBBqkCzxqo_G1utD6oAwHIAwKqBNcBT9BCaJPdt57m7L_iDw8LNE5umOCeI47rb8t9wjzPD10d9wQEpbNwRwjUtJgS5T-GagjWeK7r_IZU0Z9qFHgyIwdISGwNnEJ7Q4H3OLTWkfw6FfglHthw6zuFAYbH-XilRubLwCctm-Hhxcwb3XOvO2xDz3kxc846NUxP0YRmnJSA7cWAd5DX93XKHe2W0LLYQxhSoIWprlr-ap7HZVr9g3pH-piFmLOLwfXBJd2qWvq-vgFV1h3vwREu6ZiPyEga7vvVyB3CakJbYIXhJDz67l2UL4-wFsbABM-ktKDHA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAe6lNGKAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDs1w7SCAcIgGEQARgfgAoByAsBwhMGGK7rrvUC2BMNiBQC0BUBgBcBshcaChgIABIUcHViLTY2Mzc2NDIzMTMxMTg4NDI&sigh=TUz_6Upg9CM&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COD1S2Z3BYPOxMIygrATa14WID6XVnbEFjdzCup8Cpp6tjWsQBiCCu7obKAhglQLIAQGoAwHIAwKqBLIBT9CrzND9shTnUMmbD1YMe1Vqh-GLaYugsa_P8gTODxUYvwHulFYZDBTQs9JO8GfealHRN7Xv44dBm5ohX3N4OhESWSQbi0NuG5a7K77Gju46HeMiXMQo_CqFF5DR5W6sGuiRxT-g9gMgxU3x302l1qcgqoIKkTrRNvJHfXIE9JeX6MWAd1DXs3XKne0W0LLYQ5hSoIWprFL-ap7HZVr9gXpH-JCFmLOLwPXBJ8ivhxgFiMAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOzXDtIIBwiAYRABGB-ACgHICwHQFQGAFwGyFxoKGAgAEhRwdWItNjYzNzY0MjMxMzExODg0Mg&sigh=YOcMF03dKeA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPQJZ2Z3BYPOxMIygrATa14WID6XVnbEFjdzCup8Cpp6tjWsQByCCu7obKAhglQLIAQGoAwHIAwKqBLIBT9CrzNH9shTnUMmbD1YMe1Vqh-GLaYugsa_P8gTODxUYvwHulFYZDBTQs9JO8GfealHRN7Xv44dBm5ohX3N4OhESWSQbi0NuG5a7K77Gju46HeMiXMQo_CqFF5DR5W6sGuiRxT-g9gMgxU3x302l1qcgqoIKkTrRNvJHfXIE9JeX6MWAd1DXs3XKne0W0LLYQ5hSoIWprFL-ap7HZVr9gXpH-JCFmLOLwPXBJ8ivhxgFiMAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOzXDtIIBwiAYRABGB-ACgHICwHQFQGAFwGyFxoKGAgAEhRwdWItNjYzNzY0MjMxMzExODg0Mg&sigh=tLbqo8Gwsps

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D8F 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWJYy2Z3BYPOxMIygrATa14WID6XVnbEFjdzCup8Cpp6tjWsQCCCCu7obKAhglQLIAQGoAwHIAwKqBLIBT9CrzN79shTnUMmbD1YMe1Vqh-GLaYugsa_P8gTODxUYvwHulFYZDBTQs9JO8GfealHRN7Xv44dBm5ohX3N4OhESWSQbi0NuG5a7K77Gju46HeMiXMQo_CqFF5DR5W6sGuiRxT-g9gMgxU3x302l1qcgqoIKkTrRNvJHfXIE9JeX6MWAd1DXs3XKne0W0LLYQ5hSoIWprFL-ap7HZVr9gXpH-JCFmLOLwPXBJ8ivhxgFiMAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOzXDtIIBwiAYRABGB-ACgHICwHQFQGAFwGyFxoKGAgAEhRwdWItNjYzNzY0MjMxMzExODg0Mg&sigh=oN0yhXvLmFg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 10 Jun 2021 05:06:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6508 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&addtl_consent=1~&client=ca-pub-6637642313118842&output=html&h=500&slotname=4255082593&adk=2825561540&adf=588412893&pi=t.ma~as.4255082593&w=1000&cr_col=4&cr_row=2&fwrn=2&lmt=1580057382&rafmt=9&psa=0&format=1000x500&url=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623301593202&bpp=5&bdt=159&idt=94&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5493960376247&frm=20&pv=1&ga_vid=51169821.1623301594&ga_sid=1623301594&ga_hid=1249620756&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=67&ady=7433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957&oid=3&pvsid=280336569124374&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rxslLEiPeC&p=https%3A//www.paketda.de&dtd=477

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Jun 2021 04:45:08 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1286
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4D8F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b549adf4a418fae6a6630f8922089ed427b3f775204829b031ec420ddf57934

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 26ms
25ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 2CE6 0
0 39ms
38ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.paketda.de&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dpaketda%26t_u%3Dhttps%253A%252F%252Fwww.paketda.de%252Fnews-betrug-packstation-ruedersdorf.html%26t_d%3DBetrug%2520mit%2520Irrl%25C3%25A4ufer-Paketen%2520aus%2520DHL-Packstationen%2520aus%2520der%2520Region%2520Berlin%26t_t%3DBetrug%2520mit%2520Irrl%25C3%25A4ufer-Paketen%2520aus%2520DHL-Packstationen%2520aus%2520der%2520Region%2520Berlin%26s_o%3Ddefault%23version%3Da5921af07b365f6dfd62075d2dee3735&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: yCKvjdc9Ei8oQpfDh1ckBm9/Pvfn/PJIFtURsi/yYeLGpd0HywWvwuvYVIvT2exnshtMQZB+rHHEMEESTqDs8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Jun 2021 05:06:34 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame F8EA 513 B
905 B 34ms
15ms Document
text/html 2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e5b95165b0592cb4f05bf2f667f157ff7a5ec9c7f04d0cca8069b7edb5307c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v9Ysp+v+unNWccQdhUi8Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=o57AjkSdoNhP8z5AzzvbyU28eKDuVQmWlvtLRD2Y7DQOtLQU7jvQ2MbgRxOwWE6CKpq502AwS4FuWvxz0phCw3DiRmIY35UGAT3LqIJhnbDjmdVRXcT2NsYROJMPeVrD-4fkpIuN-gz4NKi5luLXd8vin_Vat5V-rRE3iwr1Zkc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 05:06:34 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-v9Ysp+v+unNWccQdhUi8Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 0EF9 191 KB
55 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 0EF9 12 KB
5 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 0EF9 87 KB
27 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 0EF9 28 KB
9 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-carousel-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cdaa4dd2a60b184b26fe0a52be24d817142dc3c9963fc449e4be116402cb97a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28581
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8928
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88fe80cc059b3f83"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 0EF9 4 KB
2 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 0EF9 41 KB
13 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 0EF9 6 KB
2 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075de9f5370034a9a884064ffab9a31aba3ba86fd60017b1934d5343bf0a2e85

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28581
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2359
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf4b19acf2b9266d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:13 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0EF9 4 KB
631 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,regular

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 04:33:49 GMT
server: ESF
date: Thu, 10 Jun 2021 05:06:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 05:06:34 GMT

GET
DATA 200
OK truncated
/ Frame 0EF9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89b1e9dc9efb0070cb51d89678565f59ada58aca9a671b6509897627ce458644

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B0E1 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Jun 2021 05:06:34 GMT
expires: Fri, 10 Jun 2022 05:06:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 6693 191 KB
54 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6693 12 KB
5 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6693 87 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6693 4 KB
2 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 6693 41 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
DATA 200
OK truncated
/ Frame 6693 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f8b0fa7fcc03134b1b5c6e4b1f1e85f8e8b7b8086dcdff243c3f4826178c36d

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EF9 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 20:00:02 GMT
x-content-type-options: nosniff
server: cafe
age: 32792
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2958
x-xss-protection: 0
expires: Thu, 10 Jun 2021 20:00:02 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EF9 295 B
325 B 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 24035
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0EF9 0
0 33ms
32ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CscS42p3BYJrdBtaCjuwPsO-7qALt0cyDYpzisr3hDPyykPn9IRABIJ6P8Rlg9ZXOgeAEoAG16bTBA8gBCakCzxqo_G1utD7gAgCoAwHIAwiqBPcBT9B9s2y5Oe6Rns_urANfLGcwi5-m7mC-J6V6M9-guvdWJ-o-anjwpciEyIRPwzuylJgpsR_z76dMXN9BvzJltuvfxSChezd4VE7d_iowFo3YYnLEmGznj9m7Txm61lPrqVywRUmyADupH1Yp3oGko9wZe5RhHQbNt_VkjEzUKpUxzRVrWHFYbPKWwv61zeFcDhIdemunr5KdvAFeIjGkR-ArcmHxgyOU2yO9Rz1w2bdiv9RSNJnxRjapNp2cyn1lsCvIczS37QDJUJPxl6ace5HlKXu48g9qs2EU6FA_aRF-LLE1QnaMlj3uKIUjXxkugu29F_JNL8AE9NGS5dED4AQBkgUECAQYAZIFBAgFGASgBi6AB4P0_B6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQkfqLAdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY4MDM4MzM2MDExMDA3MzGACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODA5MTQ4MTIwODY5NDg3NQ&sigh=j7LRJ-iQ_I0&template_id=419
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 stapelbehaelter.png
tpc.googlesyndication.com/sadbundle/3789368804254058346/ Frame 0EF9 32 KB
32 KB 8ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3789368804254058346/stapelbehaelter.png

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

814fc671cfcda77ec42e846fa47d26f911f396429f9d1261c6d33fb07f4f2ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:31:30 GMT
x-content-type-options: nosniff
age: 131704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32377
x-xss-protection: 0
last-modified: Mon, 18 Jan 2021 14:13:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 16:31:30 GMT

GET
H3-29 200 LogoAuerPackaging.svg
tpc.googlesyndication.com/sadbundle/3789368804254058346/ Frame 0EF9 3 KB
1 KB 10ms
6ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3789368804254058346/LogoAuerPackaging.svg

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6850ad9927d59653a802c02418f5755ee638c17f33d38665bd6da62ae03b41bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144394
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
last-modified: Mon, 18 Jan 2021 14:13:26 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:00:00 GMT

GET
H3-29 200 1475662221846060546
tpc.googlesyndication.com/simgad/ Frame 6693 38 KB
38 KB 11ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1475662221846060546?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkkpJ3Wgbqrk7GBrGv8CL2Y7i-Rcg

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49eb580ba6e90daee8173c3175a07dcb6d15c5306cf392752c01bd3edcd1d045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 04:38:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 13:49:02 GMT
server: sffe
age: 88067
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39154
x-xss-protection: 0
expires: Thu, 09 Jun 2022 04:38:47 GMT

GET
H3-29 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6693 3 KB
3 KB 8ms
5ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 20:00:02 GMT
x-content-type-options: nosniff
server: cafe
age: 32792
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2958
x-xss-protection: 0
expires: Thu, 10 Jun 2021 20:00:02 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6693 295 B
325 B 8ms
5ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 24035
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6693 0
0 17ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzrvDxASCQxiXxx7Gl2WBFvbtjHX_hJgpdhOv8PIPtI-DWOTOZ6OUTKu9E8YaA3d5QfbChqREMahHjIr4fOnIhdJE9TQ
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6693 0
0 31ms
30ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2_HW2p3BYJzdBtaCjuwPsO-7qAKh1d_zYs_YoZfjDZbfsK2LDhABIJ6P8Rlg9ZXOgeAEoAGjn6vcAsgBAqkC-02b-0q6sj7gAgCoAwHIAwiqBPoBT9BecI2ZCCIJeQ09FE4wfPL6X2etPNJ5ESRTT6uKq0CBiB5UMKebZdxKFznAStyecbDv-f__ElywuHArqd8PTHF6Tx9ErnwCtxvIhpabDAby-akZjnCdCfKvQfuYgFrzEZiNXuYDhrOPTNB08HegvlGvgDsm6XOJIW40qdHwJ79cCZBa2wRIbppCzHgHTyT0XqNCxajm7V9ROkLcgkyyzLsKEj-HfhyKDUzBj9RXcZ4NLFMcc6H0sR9p0OUPb2f1tHIrPgwJZTG84wmr2v_hmjLIVLNzvdr321Gg1SAZyDDgbIwoyiaEUIkApspw8DPHN_Qk_VeDs7XAAMAE_brrnrsD4AQBkgUECAQYAZIFBAgFGASgBgKAB8Xg1KMBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELXAY9IIBwiAYRABGB3yCBthZHgtc3Vic3luLTY4MDM4MzM2MDExMDA3MzGACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItODA5MTQ4MTIwODY5NDg3NQ&sigh=GkNIR2Wa968
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 20ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H2 200 3415758833-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame F8EA 114 KB
39 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3415758833-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbd0e12b1246f6280d9cd402284261eb3e81a9b5c6e179ae5d1a20b7731a4fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39736
x-xss-protection: 0
last-modified: Fri, 21 May 2021 04:38:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 11:33:43 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 358 B
790 B 92ms
50ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3fb8a50214ea225b9678e7e81a07a740f66e682a4effcf19fa7d89870815dd4c

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:35 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 358
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6508
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlLHqkO1BRPpvZC0WV32GcvOFEhZXG9kRoHmBKl1JGojvZmJFBnl3gaZZ9lGyU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 05:06:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 10-Jun-2021 06:06:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 05:06:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 05:06:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 24ms
24ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/ Frame 2505 70 KB
19 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html

Requested by

Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d85ccff3e7bd98bebf873bf84b4952e5643bc5782fc063ed45737e93166ece0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12267285743105212416/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 08 Jun 2021 14:28:37 GMT
expires: Wed, 08 Jun 2022 14:28:37 GMT
last-modified: Fri, 21 Aug 2020 11:35:34 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 19887
age: 139078
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B0E1 0
0 30ms
30ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy-_o2p3BYJvdBtaCjuwPsO-7qAL_uZGaY9yVwsbjC5H3x_eDAhABIJ6P8Rlg9ZXOgeAEoAH-1sXWA8gBCakCzxqo_G1utD7gAgCoAwHIAwKqBP4BT9CzNz2khVu1rxlsc7LWnIcKzi6lse9M_IkW3DGyRBJf2AYpaz8twntCFWdraNra__nVrEzM9eNemnQlwnASbnGin-sMG_ew0IlE6M8e_xqYQwhB9Bb5kgWb4Nq-fSk0kxl-kDeElSpiNa3L5bf1zfOzVxnpUTj_ZQ1MWHl4eJLJ79q5I8346mGlSkSEc14iRbqpXxS7aS1_VdvxeWr3p1hONhvEfrd6hrgQs8311YWQb7p5hpeSrh1nD71FZH5O4vHiZfmb4PKI0LDUHPTUltpZLuAFrQtFBiPi3BQQuJS-YwCzEXwFT_zLyKCAVoaiAvJ-6jrNekZaYgUa5LrABPzQ6LWtAeAEAZIFBAgEGAGSBQQIBRgEoAZdgAfJ09YdqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEK6oZdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY4MDM4MzM2MDExMDA3MzGACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODA5MTQ4MTIwODY5NDg3NQ&sigh=fclgs7W0eQ4
Requested by: Host: www.paketda.de
URL: https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8253 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
URL: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlLHqkO1BRPpvZC0WV32GcvOFEhZXG9kRoHmBKl1JGojvZmJFBnl3gaZZ9lGyU; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Jun 2021 04:45:08 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1287
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame B0E1 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
URL: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 05:00:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0E1 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
URL: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Thu, 10 Jun 2021 05:06:35 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame B0E1 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
URL: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 05:02:13 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B0E1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9eSGETspEQb533N-BnZSW3VOIFPH7sfrcUDJ20EF99ScaQVRKMiQezoW0tCmaE0qXdYH062f7gJNp1xoI0waPzJP4Rw
Requested by: Host: d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
URL: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6693
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 10 Jun 2021 05:06:35 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 58ms
58ms Image
image/gif 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:35 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2CE6 13 KB
13 KB 21ms
21ms Image
image/svg+xml 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3680934
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: w3t38b23KDphGCpvaf7eb6vD1yq3mbpCrZzjVY2vENk7eufSTBM67Q==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/34985/3909/ Frame 2CE6 3 KB
3 KB 31ms
31ms Image
image/jpeg 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/34985/3909/avatar92.jpg?1590233114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

421a2a5107c9216495b1d017a4aee143f3a7bd6d5e17cd0fe2256f999a214ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 20:30:13 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2622982
x-cache: Hit from cloudfront
content-length: 2918
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Sat, 23 May 2020 11:25:15 GMT
server: nginx
etag: "026971de878c663428673164f747a35f"
content-type: image/jpeg
expires: Tue, 10 May 2022 20:30:13 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
x-amz-cf-id: Ww1uf6k-zJCziXOW-a09n5RfcLZKu_D46Ij08dxYpz4C5WC8EC7dKQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/12521/2661/ Frame 2CE6 3 KB
4 KB 23ms
22ms Image
image/jpeg 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/12521/2661/avatar92.jpg?1434912897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff3091c45ff128af3099bfa99ea673eec89395d485acaea67faa30ba78f66a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:51:19 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2668516
x-cache: Hit from cloudfront
content-length: 3418
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Sun, 21 Jun 2015 18:54:57 GMT
server: nginx
etag: "d2279eea1ea5d200c51452838aac9928"
content-type: image/jpeg
expires: Tue, 10 May 2022 07:51:19 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
x-amz-cf-id: z9ymCQ2jerv8fP_Kgmk2h9EIKaoqFXXdH39oRwT_JDmoEeLnyyF9HQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/17183/6136/ Frame 2CE6 2 KB
2 KB 24ms
23ms Image
image/jpeg 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/17183/6136/avatar92.jpg?1569343576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

613839c623c99c7cfce09c1811f8ba0c9cf61de86d136b6eb4c0e817e0135f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 14:34:28 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2644327
x-cache: Hit from cloudfront
content-length: 1849
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Tue, 24 Sep 2019 16:46:17 GMT
server: nginx
etag: "8ed4a2518e4c91b576baae55f3da105c"
content-type: image/jpeg
expires: Tue, 10 May 2022 14:34:28 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
x-amz-cf-id: EWrMVV1TRBJrnp02PTXFP6ZmiGXxZIAJSXWOJ4AxWH7v2iRPZoBziQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/5344/1820/ Frame 2CE6 3 KB
3 KB 23ms
22ms Image
image/jpeg 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/5344/1820/avatar92.jpg?1424709474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dc05af1317af13fbd7a4573097718616b9ba4d6b24c41c3c616ad81461ff5888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:32:14 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3008060
x-cache: Hit from cloudfront
content-length: 2566
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 23 Feb 2015 16:37:54 GMT
server: nginx
etag: "11027259d37dcdd3ea305372ebc7b4d9"
content-type: image/jpeg
expires: Fri, 06 May 2022 09:32:14 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
x-amz-cf-id: HehiFcII1paxFZHAc3cbiquzY0QS-RjFUcwgEmypGiSTkXmCifWnIg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/22468/4486/ Frame 2CE6 3 KB
3 KB 23ms
23ms Image
image/jpeg 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/22468/4486/avatar92.jpg?1605204287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a0f17c8161e6e5334f0a35a111d2166332463245d06071efea590613db7440e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:51:19 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2668516
x-cache: Hit from cloudfront
content-length: 2786
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Thu, 12 Nov 2020 18:04:48 GMT
server: nginx
etag: "eddcb28c4443b467a14813a9c547c9be"
content-type: image/jpeg
expires: Tue, 10 May 2022 07:51:19 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
x-amz-cf-id: 1-v2DYYbdlOOL1I4ldp12Ra3Cmjo5kEJEIZpCw06ucW_MICFxqigdg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/16943/4737/ Frame 2CE6 4 KB
5 KB 23ms
23ms Image
image/jpeg 2600:9000:218c:7800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/16943/4737/avatar92.jpg?1439546400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218c:7800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

284eb3999acbb5ea7038c1f5d9b2a6c65659842f8cf333a24d3753ee10d44f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:51:19 GMT
via: 1.1 b1d588fd1c781c1c3a3cb8e0d6c6f49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2668516
x-cache: Hit from cloudfront
content-length: 4191
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Fri, 14 Aug 2015 10:00:00 GMT
server: nginx
etag: "f3345b975d84ef88c53d99236437902b"
content-type: image/jpeg
expires: Tue, 10 May 2022 07:51:19 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
x-amz-cf-id: Az9fgHvg843UUUgbSCtmhJIgQc1lCdDuPnA3QnNBWvkmrQpoFZhYOA==
x-cache-hits: 0

GET
H3-29 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EF9 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 20:00:02 GMT
x-content-type-options: nosniff
server: cafe
age: 32793
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2958
x-xss-protection: 0
expires: Thu, 10 Jun 2021 20:00:02 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0EF9 295 B
325 B 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 24036
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H3-29 200 1475662221846060546
tpc.googlesyndication.com/simgad/ Frame 6693 38 KB
38 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1475662221846060546?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkkpJ3Wgbqrk7GBrGv8CL2Y7i-Rcg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49eb580ba6e90daee8173c3175a07dcb6d15c5306cf392752c01bd3edcd1d045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 04:38:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 13:49:02 GMT
server: sffe
age: 88068
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39154
x-xss-protection: 0
expires: Thu, 09 Jun 2022 04:38:47 GMT

GET
H3-29 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6693 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 20:00:02 GMT
x-content-type-options: nosniff
server: cafe
age: 32793
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2958
x-xss-protection: 0
expires: Thu, 10 Jun 2021 20:00:02 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6693 295 B
325 B 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 24036
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
472 B 46ms
44ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: d83e2d53da04c0e32ee96d5e28b6fb96d1d5eef00cdd35e315529e64ee3617ec

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:35 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.paketda.de
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame F8EA 14 B
58 B 29ms
15ms XHR
application/json 2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/3415758833-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Thu, 10 Jun 2021 05:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 10 Jun 2021 06:06:35 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 0EF9 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.paketda.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:09:08 GMT
x-content-type-options: nosniff
age: 140247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:09:08 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2505 6 KB
719 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,500|Open+Sans:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7b4a4448426673dda8f83f11b84ccb04f9c85157d5a35c1272b78277e362d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 05:02:10 GMT
server: ESF
date: Thu, 10 Jun 2021 05:06:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 05:06:35 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2505 16 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 11:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:33:58 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2505 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 22:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
DATA 200
OK truncated
/ Frame B0E1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8c949051c0a5b1fb01305da1b3d6b2e8ff33acd49a81d551a2013d54271fd5e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2505 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500|Open+Sans:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:13:37 GMT
x-content-type-options: nosniff
age: 139978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:13:37 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2505 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,500|Open+Sans:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:34:47 GMT
x-content-type-options: nosniff
age: 113508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 21:34:47 GMT

GET
H3-29 200 stapelbehaelter.png
tpc.googlesyndication.com/sadbundle/3789368804254058346/ Frame 0EF9 32 KB
32 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3789368804254058346/stapelbehaelter.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

814fc671cfcda77ec42e846fa47d26f911f396429f9d1261c6d33fb07f4f2ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:31:30 GMT
x-content-type-options: nosniff
age: 131705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32377
x-xss-protection: 0
last-modified: Mon, 18 Jan 2021 14:13:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 16:31:30 GMT

GET
H3-29 200 LogoAuerPackaging.svg
tpc.googlesyndication.com/sadbundle/3789368804254058346/ Frame 0EF9 3 KB
1 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3789368804254058346/LogoAuerPackaging.svg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6850ad9927d59653a802c02418f5755ee638c17f33d38665bd6da62ae03b41bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1074
x-xss-protection: 0
last-modified: Mon, 18 Jan 2021 14:13:26 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8253
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
URL: https://d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlLHqkO1BRPpvZC0WV32GcvOFEhZXG9kRoHmBKl1JGojvZmJFBnl3gaZZ9lGyU; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 05:06:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 10-Jun-2021 06:06:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Jun 2021 05:06:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 10 Jun 2021 05:06:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 2CE6 424 B
741 B 167ms
125ms Script
application/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=paketda&thread_id=7837535938&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7491ece2fdc3e5da3d968788620b139ec5b318d59e1979090999abcf8748086b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 noavatar92.png
a.disquscdn.com/1622136181/images/ Frame 2CE6 2 KB
2 KB 19ms
19ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622136181/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 05:06:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 32080
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CoIOuQ59POAbcCP6pqGpSfU2sqRsWWQSX-bfnavlcuYfcvGGFun40w==
expires: Fri, 09 Jul 2021 20:11:55 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 2CE6 43 B
295 B 113ms
113ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=1371&event=init_embed&thread=7837535938&forum=paketda&forum_id=3757806&imp=310mhn4156e0hd&prev_imp&thread_slug=betrug_mit_irrlaufer_paketen_aus_dhl_packstationen_aus_der_region_berlin&user_type=anon&referrer=https%3A%2F%2Fwww.paketda.de%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3-29 200 Logo_final_1200x1200kl.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/ Frame 2505 91 KB
91 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/Logo_final_1200x1200kl.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8746fd6ec4079701370518d5386c12a8f634beebaa84749146a3b0814de63f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 108985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92992
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 11:35:34 GMT
server: sffe
date: Tue, 08 Jun 2021 22:50:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:50:10 GMT

GET
H3-29 200 Unbenannt.PNG
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/ Frame 2505 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/Unbenannt.PNG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

525f22ec5e75401dc441624c07b420a1703cb16d2668d471f4af2d133ae1477f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 110373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2875
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 11:35:34 GMT
server: sffe
date: Tue, 08 Jun 2021 22:27:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:27:02 GMT

GET
H3-29 200 Infopaket-400__1_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/ Frame 2505 33 KB
33 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/Infopaket-400__1_.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a821ad557230953d13b61fb311ef2125f527dce6b5f3a2e0204e7a04604213

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 126110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33298
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 11:35:34 GMT
server: sffe
date: Tue, 08 Jun 2021 18:04:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 18:04:45 GMT

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 1C92 506 B
1 KB 235ms
166ms Document
text/html 52.84.174.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c30us1812mo3ov5&pctry=CH&referrer=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-89.cdg50.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: c46fa749fa20a925d3d2f78f05c1b2429d92db2beb9fc00019296a23ab8365ec

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c30us1812mo3ov5&pctry=CH&referrer=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 506
date: Thu, 10 Jun 2021 05:06:35 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=0dcee404-26b9-413d-bf2e-104a0c00d5d3:1623301595.8; Domain=rezync.com; Expires=Mon, 06-Dec-2021 22:06:35 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVykELgjAYgOG_Et_Zw1SCEDwoShB9DmsieZHUHTablts6KP731u194dmgffNFPSc-GYjMYrkH_Uu40xBtMAj9sa6gD4nV_skP1BzO3yPsHmiutZinVgx_eeicwvNNNnVFMCsNykbQOyHIivFaXxSqyiBLyIOlErN0LOpypTIPUOKKWe5TVlmaxDHs-w-fxzDc.E6MvWw.8P1M58yv532gFikt7Qk7LVxPlSk; Expires=Tue, 07-Dec-2021 05:06:35 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 f26a13318e2c26c0ece0b3bb1bc97d4e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P1
x-amz-cf-id: RkhBet6KHe3U7IyGNUDhgmYxry0yEaV1M9uGWk-Q3fFnWLBknR6oqA==

GET
H2

200

362358.gif Show response
idsync.rlcdn.com/ Frame 2B16
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCNu7hoYGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB63OJU3iXezPWsVUCFPxkM&google_cver=1

42 B
316 B

30ms
29ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB63OJU3iXezPWsVUCFPxkM&google_cver=1
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: idsync.rlcdn.com
:scheme: https
:path: /362358.gif?google_gid=CAESEB63OJU3iXezPWsVUCFPxkM&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: rlas3=QQG74wlSX6Ct4/p4YQ1snRDc+shy3uRo1BnAQTu8ptg=; pxrc=CNu7hoYGEgUI6AcQABIGCLrqARAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=QQG74wlSX6Ct4/p4YQ1snRDc+shy3uRo1BnAQTu8ptg=; Path=/; Domain=rlcdn.com; Expires=Fri, 10 Jun 2022 05:06:35 GMT; Secure; SameSite=None pxrc=CNu7hoYGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Mon, 09 Aug 2021 05:06:35 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:35 GMT
content-length: 42
via: 1.1 google
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB63OJU3iXezPWsVUCFPxkM&google_cver=1
date: Thu, 10 Jun 2021 05:06:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
io.narrative.io/ Frame 2CE6
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac30us1812mo3ov5&ret=img&ref=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
https://io.narrative.io/?io.narrative.guid.v2=a14f5900-c9a9-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac30us1812mo3ov5&ret=img&ref=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-rue...

35 B
319 B

42ms
42ms

Image
image/gif

52.212.225.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=a14f5900-c9a9-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac30us1812mo3ov5&ret=img&ref=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.225.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-225-58.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=paketda&t_u=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html&t_d=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&t_t=Betrug%20mit%20Irrl%C3%A4ufer-Paketen%20aus%20DHL-Packstationen%20aus%20der%20Region%20Berlin&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 05:06:35 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=a14f5900-c9a9-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac30us1812mo3ov5&ret=img&ref=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
Date: Thu, 10 Jun 2021 05:06:35 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame 2505 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 Infopaket-400__1_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/ Frame 2505 33 KB
33 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/Infopaket-400__1_.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a821ad557230953d13b61fb311ef2125f527dce6b5f3a2e0204e7a04604213

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 126110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33298
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 11:35:34 GMT
server: sffe
date: Tue, 08 Jun 2021 18:04:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 18:04:45 GMT

GET
H3-29 200 Unbenannt.PNG
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/ Frame 2505 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/Unbenannt.PNG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

525f22ec5e75401dc441624c07b420a1703cb16d2668d471f4af2d133ae1477f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 110373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2875
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 11:35:34 GMT
server: sffe
date: Tue, 08 Jun 2021 22:27:02 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:27:02 GMT

GET
H3-29 200 Logo_final_1200x1200kl.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/ Frame 2505 91 KB
91 KB 8ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12267285743105212416/Logo_final_1200x1200kl.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8746fd6ec4079701370518d5386c12a8f634beebaa84749146a3b0814de63f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 108985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92992
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 11:35:34 GMT
server: sffe
date: Tue, 08 Jun 2021 22:50:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:50:10 GMT

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame 1C92
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=4156996722155042667
https://p.rfihub.com/cm?pub=39342&in=1&userid=0dcee404-26b9-413d-bf2e-104a0c00d5d3%3A1623301595.8&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc30us1812mo3ov5
https://idsync.rlcdn.com/501709.gif?partner_uid=c30us1812mo3ov5
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4156996722155042667

42 B
325 B

30ms
30ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4156996722155042667
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c30us1812mo3ov5&pctry=CH&referrer=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:36 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 05:06:36 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.9:80
AN-X-Request-Uuid: dddc5e41-103b-4949-93f6-416db1448dc3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4156996722155042667
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

397676.gif
idsync.rlcdn.com/ Frame 1C92
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=0dcee404-26b9-413d-bf2e-104a0c00d5d3%3A1623301595.8&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=875739027457388643
https://idsync.rlcdn.com/501709.gif?partner_uid=c30us1812mo3ov5
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=RcE-C44AlEAExGTWeeE0upXiuYOk_qlM

42 B
325 B

30ms
29ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=RcE-C44AlEAExGTWeeE0upXiuYOk_qlM
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c30us1812mo3ov5&pctry=CH&referrer=https%3A%2F%2Fwww.paketda.de%2Fnews-betrug-packstation-ruedersdorf.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 05:06:36 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=RcE-C44AlEAExGTWeeE0upXiuYOk_qlM
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 5085
date: Thu, 10 Jun 2021 05:06:35 GMT
content-length: 221
content-type: text/html; charset=utf-8

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6693 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstt5rOf0o2hgRsBIUJrTDb2uQK0FmRsbjDbFpokxyWZtnHEsEa-G0yte9t6GRdIJpabGzuoc3wR_S6EywS4HHygXzFul9TIXKo6CCRfG_OAxUl1F96Av3gy9rFjIM9zAt-ZPQvSiED78BSzCWStKmo&sai=AMfl-YQkw7j3j5EQt3kXPeBV6lvtwdDbX6RAyg2afIdRhhnNnhkeo1oz3UCnPobsw8m_4UU7qnV8Ou4VPaGUl_Wzf1bAQHa_zKhvWxiV0jbvgSJZKRktDjAQDId-3vo&sig=Cg0ArKJSzOh6ommqUHR-EAE&cid=CAASFeRoKxH_og_hsZWXnCU8NmRslzflvA&id=ampim&o=1254,166&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=344&tls=1344&g=100&h=100&tt=1345&r=v&avms=ampa&adk=1839493144

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paketda.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 4626 668 B
729 B 37ms
33ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
Requested by: Host: cdns.yieldscale.com
URL: https://cdns.yieldscale.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 46555b894a20dc4d35f9e64d42a740cba5683aee2f2bb18d80c2febd69479b05

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paketda.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=71be42f5-8e6a-0499-169b-c39a4b422cda|1623301593
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.paketda.de/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=71be42f5-8e6a-0499-169b-c39a4b422cda|1623301593; Version=1; Expires=Fri, 10-Jun-2022 05:06:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623301597|gekin0vNiygu; Version=1; Expires=Fri, 25-Jun-2021 05:06:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 10 Jun 2021 05:06:37 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4626
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6d9860c1-9ddd-4c00-8dd2-3095ebb28678

43 B
106 B

30ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6d9860c1-9ddd-4c00-8dd2-3095ebb28678
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 10 Jun 2021 05:08:13 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6d9860c1-9ddd-4c00-8dd2-3095ebb28678
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 05:08:12 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4626
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gweRQIxTlhWYBpAX0A7fFIcOy0eYBsYThFbVTwBM

43 B
122 B

31ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gweRQIxTlhWYBpAX0A7fFIcOy0eYBsYThFbVTwBM
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=gweRQIxTlhWYBpAX0A7fFIcOy0eYBsYThFbVTwBM
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4626
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3875326023903859932

43 B
106 B

30ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3875326023903859932
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3875326023903859932
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 4626 70 B
265 B 125ms
39ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a2127dac-27ed-3b6e-4c4d-0b722f651f27&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 4626 170 B
188 B 63ms
31ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3ZGFlNjYtZWU5YS02NWNhLTU5YWQtNTFjYmU1ODdkMTQ3

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4626
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUvCK7HaMpmX7UjlInI13Q&google_cver=1

43 B
106 B

32ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUvCK7HaMpmX7UjlInI13Q&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=263b78ab-ff4e-4348-87d9-99364119cdc8&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 05:06:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUvCK7HaMpmX7UjlInI13Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 21) Message: [object Object]
console-api	error	URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1) Message: TypeError: Cannot read property 'consents' of undefined at <anonymous>:21:171 at t.addEventListener [as callback] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:151000) at t.e.invokeCallback (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30687) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30080) at t.respond (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:119743) at t.e (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:30552) at t [as constructor] (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:29975) at new t (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:119547) at e.apiCall (https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:57404) at https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js:1:57636
console-api	log	URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js(Line 1) Message: Messaging without detection successfully executed.
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://www.paketda.de/news-betrug-packstation-ruedersdorf.html
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://www.paketda.de/news-betrug-packstation-ruedersdorf.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
a.teads.tv
accounts.google.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
apis.google.com
bidder.criteo.com
c.disquscdn.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.privacy-mgmt.com
cdn.viglink.com
cdns.yieldscale.com
cm.g.doubleclick.net
connect.facebook.net
d78458f13036e466814c6ceab2ef21cf.safeframe.googlesyndication.com
disqus.com
ejp.rlcdn.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-tcfv2.sp-prod.net
glitter.services.disqus.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
io.narrative.io
links.services.disqus.com
live.rezync.com
match.adsrvr.org
msodigital-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
paketda.disqus.com
partner.googleadservices.com
pixel.quantserve.com
prebid.a-mo.net
prg.smartadserver.com
referrer.disqus.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.criteo.net
static.paketda.de
sync.mathtag.com
tempest.services.disqus.com
tpc.googlesyndication.com
us-u.openx.net
vg07.met.vgwort.de
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paketda.de
104.111.218.85
136.144.59.88
142.250.185.162
142.250.185.66
142.250.186.34
151.101.114.49
151.101.192.134
161.156.66.184
178.250.2.131
185.29.135.227
185.33.221.15
185.64.189.112
185.86.139.59
193.0.160.128
199.232.196.134
199.232.196.64
2.18.232.7
2.21.111.28
213.19.162.21
2600:9000:218c:7800:6:8656:f5c0:93a1
2606:4700::6810:5714
2606:4700::6810:a30d
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2008
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::200a
2a00:1450:4001:811::200d
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a02:2638:1::13
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
35.158.25.241
35.201.77.229
35.244.159.8
35.244.174.68
37.157.6.242
52.212.225.58
52.222.174.105
52.222.174.52
52.84.174.89
76.223.111.131
85.13.164.109
00970d30e0d3f0947d455e1567497af4256271ff1729853bd23eed59dc792d72
00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747
04e8f5b6574e94f4f5f0b09282a3ee258a9b3af1ede74232352a47d59ced308c
075de9f5370034a9a884064ffab9a31aba3ba86fd60017b1934d5343bf0a2e85
0a0c09e1e97f172c235c9dcb12dbcd2c20b6bd1bce3a0fe453b245139ededbac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e428bb50a9058e41706851c825f0a40549341e7e5bdce613bcff515bb8011b9
0e7e5865a9be94128aae608f974a894ee45d93eeb025265a9df02f4c070ee5c4
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
106c194753c0f550f0ab4067eb610e990b6d03f8bba7e2c965d1bbfccf1ffb35
11ad9dd2a046669151e63ec56787a02d08ab1dd9f8ca3755f23147eb9733b5e8
11c98d345760bf2b23b9a6757e892007f135a31d581abab78cb1ab81fbf92b7a
12d11081f7cff6cf57d7bdeb5be75838f61afe7afa1eb6f36e74db32e66ea471
1490106be67163959d14fab476c3c243681798cced94a10104594377474f0dc1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
1d956eb8fa1a6ae55667e0f9d19de66bf41ea27faec1f45e9c255a2816ffbeed
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
24b67416f5acebe9d42bd39944ab89686f841b761daba1cc398837542d12a42b
284eb3999acbb5ea7038c1f5d9b2a6c65659842f8cf333a24d3753ee10d44f77
2986fe0c41e6ffea62add94c0fa1c099391a09109cee5603c7befabb197f4ad1
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2d77772c863208781b114e5969a0cd9e642e37a6976fd0b950ea96c1a78e9cec
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
327015b3a9b36d98f722696d5ad5b40039dad472ab297a70cc335905e4317233
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
339754bb0bb40a029e7201c41a932cc5e48e6dd7ae5038c808ed45167919790e
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3ac2c22049f64c174f6597c00be3627598c3d74f672cb22811506ed3ad6fe906
3bef8b90637599eadb2b6d91cec62b36b00d4dce53d980225a8fa8e1c1d45305
3d85ccff3e7bd98bebf873bf84b4952e5643bc5782fc063ed45737e93166ece0
3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c
3fb8a50214ea225b9678e7e81a07a740f66e682a4effcf19fa7d89870815dd4c
421a2a5107c9216495b1d017a4aee143f3a7bd6d5e17cd0fe2256f999a214ea2
46555b894a20dc4d35f9e64d42a740cba5683aee2f2bb18d80c2febd69479b05
481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49eb580ba6e90daee8173c3175a07dcb6d15c5306cf392752c01bd3edcd1d045
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4dfd860d1fa1c9c0685710a1dfc7086e3d07f784030ef16df5ea9cd8f8b5e953
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
503a93fdaa64ab17b07b848ab02eac274638b0d852cb1399a325f2b18d67b1d4
525f22ec5e75401dc441624c07b420a1703cb16d2668d471f4af2d133ae1477f
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5722702001788ee03a5638c5af46828d25917c12659977dd752ae46befd56ab6
57a0ce35307a2e487f9213b95964c369692c5c0b40c3d57c73fb58054df1b151
58e52b382bed5e8f3e21e5f3c66d510099ab863a4a426a4330d94308e7b52cd3
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
5ce4abd416bca0b622289432fa8b34b5a299de342ec9feb423467ce69c36b837
5dd15427ab099499265f5d866ba0338b9c85e79ab901435fe76485b7666d5d5b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f8b0fa7fcc03134b1b5c6e4b1f1e85f8e8b7b8086dcdff243c3f4826178c36d
606b63f02c15457a98398ef61bc0b42458af3c2d7072189975fab7b5249719a4
613839c623c99c7cfce09c1811f8ba0c9cf61de86d136b6eb4c0e817e0135f7b
6227b818bcf866b7ee451dfe73f1b58094aa9196e9d22c77961af0bcda8c3192
65cd86259dc38d8d244d1a6a629cc5fffb0407f9c63f243cfcece0d20dbaf1cc
66367b64acc21a450b3db6feba48567f1943b069eb12f0aa00cccb00995677d8
6850ad9927d59653a802c02418f5755ee638c17f33d38665bd6da62ae03b41bd
6a2a3144f37043d4d01a80319d0d5f9d8404d5b69452a717a2bcfc2c0101c9f4
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b549adf4a418fae6a6630f8922089ed427b3f775204829b031ec420ddf57934
6c4aa0b188daf9fb45476c3844b6fdb6be6f0d8b090c9be422684c9b94afba45
6ca63d933af86676219d2d5c996585b7bc30c7e01264112d66c9a8e1ffd5b997
6f7eca3f99ce39f0220940a4eeae70037446bd11337e6f2bf3ec0e108a92e882
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
712eb995ddeb6f937813b43e507010506b0b96569a3e63bf19aa9c0692e74457
71ad92475659039f6e092d33106e3aef1b07a4830117fb58acf48628e5d5e8b2
72c1a53114a6edcead6823b7c404bc5c84860ad980ea6a2c753c5cd7c8876fe9
7491ece2fdc3e5da3d968788620b139ec5b318d59e1979090999abcf8748086b
74a821ad557230953d13b61fb311ef2125f527dce6b5f3a2e0204e7a04604213
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
76b16a96d9355565ee4818737851d23068c5e654907f83fcf04a4303baf5173a
7b637826bdbf8ff8d85b83d24dec124c53ce1428911d5762ca37a00e787fa23e
7ba45eed4298054881500719ebaae9ac6df406f07a8a78ed701f5f11711a82fc
7cdaa4dd2a60b184b26fe0a52be24d817142dc3c9963fc449e4be116402cb97a
7d50021d5744d5259913e2930cb04ec2ce1cac15965e1e1ec8679814e484418d
7e5b95165b0592cb4f05bf2f667f157ff7a5ec9c7f04d0cca8069b7edb5307c7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe17b5ec11ec3f22d4bd9caf09d874921ac81b3a3641db1fea9aced7864a12c
814fc671cfcda77ec42e846fa47d26f911f396429f9d1261c6d33fb07f4f2ba2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
8630d3642f52a29b6198da00f23f7bd2481ad1cc19becfcf441a6c4ffe4ae099
89b1e9dc9efb0070cb51d89678565f59ada58aca9a671b6509897627ce458644
89b22b67a42af25d0f0a8be3ab79ebecfbaa038a5bc6be29f70d0389cca3ac0a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d061cf248e6817cc9497fdf606aefb9ca23ebb78d4f19d2a4d9651090c78a95
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
97c80b36cb55184ee6364ae1107d7caf7d540f25c8cfbe9d3b5df6b09e22fffc
9c367fcef059336812e18d7b52b06cd5b6f1cd71faedd3eb60bbaf24edb6ad93
9dcb9fa74969a305668ec4f32acbef3142b8616498032fcc8cdca30745fa2fa6
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f17c8161e6e5334f0a35a111d2166332463245d06071efea590613db7440e7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aaa65eeb36acfa84c677b60cb30aafbb00e655a729cc8e44fba7c4805d2c05d1
ab4fcf5bb46fb4d81f740b652eabadcaf18e4c9c732e011bd5ca17183e3c6f95
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
af9f06f44426e66e526763fff5857ecab2ccf6a759ad56c9fc2fef57bdb0defe
b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7
b55156ac222eeab1c5e24fa042c8dc8e914de18326d903f1e383a0edd57d0513
b689b6ee8cdab506f54bb6ad17d16c5172db7ada9e7295bb38652e8f84ed6e0d
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c46fa749fa20a925d3d2f78f05c1b2429d92db2beb9fc00019296a23ab8365ec
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8c949051c0a5b1fb01305da1b3d6b2e8ff33acd49a81d551a2013d54271fd5e
cbd0e12b1246f6280d9cd402284261eb3e81a9b5c6e179ae5d1a20b7731a4fa7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cf2f6848506728d18a92215dd87c821ad6a5ada622390afb2f421a2ebc22905a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d1dd6c74e0b3ee516cbb82f16a690fe328ca8c0452f36862e3c40aa489962d40
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d288be9cff721ee99fbabc23e03f43e9b86edd9c7fab848180db7a6180b36113
d42a5154973ce1847b0f60cd27dbde653347daf6169ed714e2f4a71a87f33a0c
d83e2d53da04c0e32ee96d5e28b6fb96d1d5eef00cdd35e315529e64ee3617ec
dc05af1317af13fbd7a4573097718616b9ba4d6b24c41c3c616ad81461ff5888
dc11a16411c086c0ef92d979ecb63218df14aa7cc97eaf0f4bdbc2ed3a470c28
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e2efb1efda0dcda80c65d60198789f0a9feb5d038321489efd30c1ec056a98c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
e4642be0b0419a544ed9a3c1f132bac12c9a15526f5746e416aa275f22183832
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ee8746fd6ec4079701370518d5386c12a8f634beebaa84749146a3b0814de63f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff766d6a18a3b38db2172ae793a05bef14c813b745acce0ff328f3bc480ec2b
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f7b4a4448426673dda8f83f11b84ccb04f9c85157d5a35c1272b78277e362d41
f8afec44114c09f3e520fd8c89a7e00386e99bc567ccbbf16f23771b75b58a68
ff3091c45ff128af3099bfa99ea673eec89395d485acaea67faa30ba78f66a3a

www.paketda.de Open in urlscan Pro 85.13.164.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

225 Requests

100 %HTTPS

44 %IPv6

41 Domains

61 Subdomains

51 IPs

8 Countries

3254 kBTransfer

7117 kBSize

0 Cookies

5 Outgoing links

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.paketda.de Open in urlscan Pro
85.13.164.109 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

100 %
HTTPS

44 %
IPv6

41
Domains

61
Subdomains

51
IPs

8
Countries

3254 kB
Transfer

7117 kB
Size

0
Cookies

225 HTTP transactions
5 data transactions