urlscan.io logo urlscan.io
SecurityTrails logo

raparigasnatuazona.tk Open in urlscan Pro
195.20.47.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://is.gd/RaparigasNaTuaZona
Effective URL: http://raparigasnatuazona.tk/
Submission: On January 18 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 12 domains to perform 35 HTTP transactions. The main IP is 195.20.47.168, located in Netherlands and belongs to VFMNL-AS Amsterdam Location BGP Setup, NL. The main domain is raparigasnatuazona.tk.
This is the only time raparigasnatuazona.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 195.20.47.168 31624 (VFMNL-AS ...)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 159.89.250.180 14061 (DIGITALOC...)
1 1 128.199.56.44 14061 (DIGITALOC...)
1 1 54.237.62.140 14618 (AMAZON-AES)
10 34.107.95.248 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 35.195.163.35 15169 (GOOGLE)
1 35.227.234.99 15169 (GOOGLE)
1 35.227.221.175 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
35 9
1    2606:4700:20::6819:e935 (United States)

ASN13335 (CLOUDFLARENET, US)
is.gd
1    195.20.47.168 (Netherlands)

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)
raparigasnatuazona.tk
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    159.89.250.180 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
rafdav.com
1    128.199.56.44 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
cyberdigital.ninja
1    54.237.62.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-62-140.compute-1.amazonaws.com
trackingalltracks.com
10    34.107.95.248 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
PTR: 248.95.107.34.bc.googleusercontent.com
ichbindein.com
www.ichbindein.com
3    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    35.195.163.35 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 35.163.195.35.bc.googleusercontent.com
sammledenkonsens.com
api.sammledenkonsens.com
1    35.227.234.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.234.227.35.bc.googleusercontent.com
landers.cdnware.io
1    35.227.221.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com
static.dating
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 sammledenkonsens.com
sammledenkonsens.com
api.sammledenkonsens.com
24 KB
10 ichbindein.com
ichbindein.com
www.ichbindein.com
165 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
337 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 13
21 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
37 KB
1 static.dating
static.dating — Cisco Umbrella Rank: 388565
173 KB
1 cdnware.io
landers.cdnware.io — Cisco Umbrella Rank: 391715
100 KB
1 trackingalltracks.com
trackingalltracks.com
762 B
1 cyberdigital.ninja
cyberdigital.ninja
320 B
1 rafdav.com
rafdav.com
1 KB
1 raparigasnatuazona.tk
raparigasnatuazona.tk
1016 B
1 is.gd
is.gd — Cisco Umbrella Rank: 71326
479 B
35 12
Domain Requested by
9 ichbindein.com raparigasnatuazona.tk
ichbindein.com
8 api.sammledenkonsens.com sammledenkonsens.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com ichbindein.com
www.gstatic.com
www.google.com
3 www.google-analytics.com raparigasnatuazona.tk
ichbindein.com
2 fonts.gstatic.com www.google.com
2 sammledenkonsens.com ichbindein.com
sammledenkonsens.com
1 static.dating ichbindein.com
1 landers.cdnware.io ichbindein.com
1 www.ichbindein.com ichbindein.com
1 trackingalltracks.com 1 redirects
1 cyberdigital.ninja 1 redirects
1 rafdav.com 1 redirects
1 raparigasnatuazona.tk
1 is.gd 1 redirects
35 15

This site contains no links.

Subject Issuer Validity Valid
ichbindein.com
R3		 2022-01-12 -
2022-04-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
sammledenkonsens.com
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
landers.cdnware.io
GTS CA 1D4		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
static.dating
GTS CA 1D4		 2021-11-23 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://raparigasnatuazona.tk/
Frame ID: E276A279FEE5B461717B7DFC4C4CB9A7
Requests: 3 HTTP requests in this frame

Frame: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Frame ID: ABF8AC2DDFF5C77A5E98309FC365AF0A
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
Frame ID: F36BA4961F58F0DC11E0BB9023104E68
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

raparigasnatuazona.tk

Page URL History Show full URLs

  1. https://is.gd/RaparigasNaTuaZona HTTP 301
    http://raparigasnatuazona.tk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

35
Requests

91 %
HTTPS

38 %
IPv6

12
Domains

15
Subdomains

9
IPs

5
Countries

857 kB
Transfer

1726 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://is.gd/RaparigasNaTuaZona HTTP 301
    http://raparigasnatuazona.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 1
  • https://rafdav.com/?a=100302&c=113822&s1=023 HTTP 302
  • https://cyberdigital.ninja/?utm_campaign=FNg32Z4Ubn&s2=&aid=100302&s1=023&s3=&s4= HTTP 302
  • https://trackingalltracks.com/?c=113928&s1=023&s5=ZEU-369cb24b-6a75-4def-aee5-ae4073a460f6&s2=&s3=&s4=&a=100302 HTTP 302
  • https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Request Chain 2
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1385795990&utmhn=raparigasnatuazona.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=raparigasnatuazona.tk&utmhid=573367247&utmr=-&utmp=%2F&utmht=1642504778327&utmac=UA-23441223-3&utmcc=__utma%3D1.937691685.1642504778.1642504778.1642504778.1%3B%2B__utmz%3D1.1642504778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1004674885&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1385795990&utmhn=raparigasnatuazona.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=raparigasnatuazona.tk&utmhid=573367247&utmr=-&utmp=%2F&utmht=1642504778327&utmac=UA-23441223-3&utmcc=__utma%3D1.937691685.1642504778.1642504778.1642504778.1%3B%2B__utmz%3D1.1642504778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1004674885&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
raparigasnatuazona.tk/
Redirect Chain
  • https://is.gd/RaparigasNaTuaZona
  • http://raparigasnatuazona.tk/
1 KB
1016 B 		Document
General
Check archive.org
Download Go to
Full URL
http://raparigasnatuazona.tk/
Protocol
HTTP/1.1
Server
195.20.47.168 , Netherlands, ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL),
Reverse DNS
Software
nginx /
Resource Hash
d1b6ff55110a3ba33dbd1235bd174548f12d11c59ef76a71423799b4697102f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 18 Jan 2022 11:19:38 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
632
Connection
keep-alive
Cache-Control
no-cache
Content-Encoding
gzip
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Pragma
no-cache
Vary
Accept-Encoding
X-Server
ip-172-30-2-57

Redirect headers

date
Tue, 18 Jan 2022 11:19:38 GMT
content-type
text/html; charset=UTF-8
location
http://raparigasnatuazona.tk/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUHiPjf18q4dwLgKhY78EY%2FF3bgfnhN5loYvkK3oI4Q%2Fan1gJUjTLn53Zp51O0RjGDObQn05h2d4VVEVpOeS2aIaFAk11%2FYHKyg%2FpARicwWoqFYR9AT9%2B7cnc02ohsemcPoa"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cf76dee58286967-FRA
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: raparigasnatuazona.tk
URL: http://raparigasnatuazona.tk/
Protocol
H2
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://raparigasnatuazona.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4607
date
Tue, 18 Jan 2022 10:02:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 18 Jan 2022 12:02:51 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
landing64
ichbindein.com/ Frame ABF8
Redirect Chain
  • https://rafdav.com/?a=100302&c=113822&s1=023
  • https://cyberdigital.ninja/?utm_campaign=FNg32Z4Ubn&s2=&aid=100302&s1=023&s3=&s4=
  • https://trackingalltracks.com/?c=113928&s1=023&s5=ZEU-369cb24b-6a75-4def-aee5-ae4073a460f6&s2=&s3=&s4=&a=100302
  • https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Requested by
Host: raparigasnatuazona.tk
URL: http://raparigasnatuazona.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) / PHP/7.2.34
Resource Hash
58c38c9a84ff93f797dc0ebe94bb51422e6ca3641d22df1c6bc6a76de342812a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Tue, 18 Jan 2022 11:19:40 GMT
content-type
text/html;charset=UTF-8
content-length
4123
x-powered-by
PHP/7.2.34
x-host
ichbindein.com
content-encoding
gzip
x-cacheable
YES
cache-control
max-age=300
xkey
lander
vary
Accept-Encoding
x-varnish
51380812
age
0
x-cache
MISS
accept-ranges
bytes
via
1.1 varnish (Varnish/6.0), 1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff

Redirect headers

Cache-Control
private
Content-Length
185
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Jan 2022 11:19:40 GMT
Location
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
close
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1385795990&utmhn=raparigasnatuazona.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1385795990&utmhn=raparigasnatuazona.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1385795990&utmhn=raparigasnatuazona.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=raparigasnatuazona.tk&utmhid=573367247&utmr=-&utmp=%2F&utmht=1642504778327&utmac=UA-23441223-3&utmcc=__utma%3D1.937691685.1642504778.1642504778.1642504778.1%3B%2B__utmz%3D1.1642504778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1004674885&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: raparigasnatuazona.tk
URL: http://raparigasnatuazona.tk/
Protocol
H2
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://raparigasnatuazona.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 11:19:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1385795990&utmhn=raparigasnatuazona.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=raparigasnatuazona.tk&utmhid=573367247&utmr=-&utmp=%2F&utmht=1642504778327&utmac=UA-23441223-3&utmcc=__utma%3D1.937691685.1642504778.1642504778.1642504778.1%3B%2B__utmz%3D1.1642504778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1004674885&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
landing064.css
ichbindein.com/landers/css/ Frame ABF8 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ichbindein.com/landers/css/landing064.css
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) / PHP/7.2.34
Resource Hash
30c78fdad97f34a2f313978baa503834d2f7d67ac9ea724c76c661cb38e41a75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
MISS
x-host
ichbindein.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=63072000;
x-varnish
50875598
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css;charset=UTF-8
pornhub.css
ichbindein.com/landers/css/theme/ Frame ABF8 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ichbindein.com/landers/css/theme/pornhub.css
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) / PHP/7.2.34
Resource Hash
3184c73a62b28eda0092b36d48b4850f3322e1c913b54b049b83fa066f47dcfc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
MISS
x-host
ichbindein.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.0 (Ubuntu)
strict-transport-security
max-age=63072000;
x-varnish
51383895
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css;charset=UTF-8
fontawesome-all.min.css
ichbindein.com/landers/css/ Frame ABF8 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ichbindein.com/landers/css/fontawesome-all.min.css
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10650
last-modified
Mon, 10 Jan 2022 14:00:54 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61dc3c16-c970"
strict-transport-security
max-age=63072000;
x-varnish
51380815 51026683
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css
enterprise.js
www.google.com/recaptcha/ Frame ABF8 		974 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a0b35d8eaf40774788f590f6b190fa07f17ccd30e9614c285c5024f49ad427e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
617
x-xss-protection
1; mode=block
expires
Tue, 18 Jan 2022 11:19:40 GMT
logo.png
www.ichbindein.com/img/ Frame ABF8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ichbindein.com/img/logo.png
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
39e4525a60d25d2a237c8510417a007f5dabfb8f55de3c89731ae39f47b779a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 Jan 2022 14:16:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"13f3-5d58b73693b40"
vary
X-Forwarded-Proto
content-type
image/png
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
5107
x-ua-compatible
IE=edge,chrome=1
loading.gif
ichbindein.com/landers/images/loader/ Frame ABF8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichbindein.com/landers/images/loader/loading.gif
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2892
last-modified
Mon, 10 Jan 2022 14:00:55 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"61dc3c17-b4c"
strict-transport-security
max-age=63072000;
x-varnish
51165035 49403509
cache-control
max-age=300
accept-ranges
bytes
content-type
image/gif
vegas.min.css
ichbindein.com/landers/css/ Frame ABF8 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ichbindein.com/landers/css/vegas.min.css
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
last-modified
Mon, 10 Jan 2022 14:00:54 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61dc3c16-2e20"
strict-transport-security
max-age=63072000;
x-varnish
51253638
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css
vendor.js
ichbindein.com/landers/js/ Frame ABF8 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ichbindein.com/landers/js/vendor.js
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
92b8884c1233e6be825c4cace16a633bae753456d20569f00f5ddabb9cc44f62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43541
last-modified
Mon, 10 Jan 2022 14:01:03 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61dc3c1f-1e2ae"
strict-transport-security
max-age=63072000;
x-varnish
50753307 50425029
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame ABF8 		354 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ichbindein.com/
Origin
https://ichbindein.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 11:02:26 GMT
cc.js
sammledenkonsens.com/ Frame ABF8 		117 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sammledenkonsens.com/cc.js?wId=4tsZscPN1uhuThHXBbv19&domain=ichbindein.com&languageCode=de&languageTerritory=DE&sessionId=2151d60223b2442fab2f476ea2cae43a
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3015ae3bf92ae1db15143cb83a3ea7f5c892cc5db4c700fac4c40f8d7f52494a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/javascript
vary
Accept-Encoding
content-length
14060
landing064.js
ichbindein.com/landers/js/ Frame ABF8 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ichbindein.com/landers/js/landing064.js
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9198b72587bf1894d3fdf8dd3bf49f93a7f01b784197aecfda959b9baea16ecb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19211
last-modified
Mon, 10 Jan 2022 14:01:03 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61dc3c1f-113ca"
strict-transport-security
max-age=63072000;
x-varnish
51258745
via
1.1 varnish (Varnish/6.0), 1.1 google
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript
media-registry.js
landers.cdnware.io/ Frame ABF8 		99 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landers.cdnware.io/media-registry.js
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.234.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.234.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2f51b86ae1aa35704f12cc5ef0a0f5e0f88203c434fc230da0ce826e38b3701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 10:37:17 GMT
age
2544
x-guploader-uploadid
ADPycdsHktPq1gmhHOGxRvizNlCO-8ucdV0CHkl81fiCukJctyowM0thq_GSO_iJIRnV8z-x9nzJeWda_ouRO7BsQBiDoAjKjQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101611
last-modified
Mon, 10 Jan 2022 14:02:12 GMT
server
UploadServer
etag
"68058b47bc991e9b5dbf7ced37851f3e"
x-goog-hash
crc32c=SKsGHw==, md5=aAWLR7yZHptdv3ztN4UfPg==
x-goog-generation
1641823331963287
cache-control
public, max-age=3600
x-goog-stored-content-length
101611
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 11:37:17 GMT
analytics.js
www.google-analytics.com/ Frame ABF8 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landers/js/landing064.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1115
date
Tue, 18 Jan 2022 11:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 18 Jan 2022 13:01:06 GMT
de-de2.json
static.dating/lander/translations/ Frame ABF8 		172 KB
173 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dating/lander/translations/de-de2.json
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.221.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.221.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e492d2e9eb7c926e9eafbd143f8b19e7e56f3ee320833a93c4ac3e69e5773232

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ichbindein.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 10:31:31 GMT
age
2890
x-guploader-uploadid
ADPycduoN8Kq_ZiLI921bEwbgFd6VDrgXdKToEosQnEG-7bLqdo0G0Wpj3Ib_f3Xp3kcud8gzHKAi12nOffZf-Vkp4fj0aRsYA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176408
last-modified
Mon, 10 Jan 2022 14:03:08 GMT
server
UploadServer
etag
"b911e5860d8471cfa44e600e9551008a"
x-goog-hash
crc32c=4l7c0Q==, md5=uRHlhg2Ecc+kTmAOlVEAig==
x-goog-generation
1641823388807852
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
176408
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 18 Jan 2022 11:31:31 GMT
slide07.jpg
ichbindein.com/landers/images/landing064/default/default/ Frame ABF8 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichbindein.com/landers/images/landing064/default/default/slide07.jpg?geo=de
Requested by
Host: ichbindein.com
URL: https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.107.95.248 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
248.95.107.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
be7ae60eade4925df1221f8fcf600ff72a9422a76f768cf32da6075431858eaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/landing64?pi=100302&pt1=212595685&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:41 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google
x-content-type-options
nosniff
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72880
last-modified
Mon, 10 Jan 2022 14:00:55 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"61dc3c17-11cb0"
strict-transport-security
max-age=63072000;
x-varnish
51380826
cache-control
max-age=300
accept-ranges
bytes
content-type
image/jpeg
anchor
www.google.com/recaptcha/enterprise/ Frame F36B 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fef9b530d2ffb3086138669d0da1bff365dbf40307ddf0314700ae0c0c94df50
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zyEjrzw4LHSgy+bBdAeCWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 18 Jan 2022 11:19:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-zyEjrzw4LHSgy+bBdAeCWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20114
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame F36B 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 16:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 16:58:55 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame F36B 		354 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 11:02:26 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F36B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 07:03:19 GMT
x-content-type-options
nosniff
age
360982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 21 Jan 2022 07:03:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F36B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 17:06:41 GMT
x-content-type-options
nosniff
age
583980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F36B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:17:54 GMT
x-content-type-options
nosniff
age
594107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 14:17:54 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame F36B 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9pY2hiaW5kZWluLmNvbTo0NDM.&hl=de&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=invisible&cb=otklu4p2ux0o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Tue, 18 Jan 2022 11:19:41 GMT
collector
api.sammledenkonsens.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/collector
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ichbindein.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Tue, 18 Jan 2022 11:19:41 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
cc.css
sammledenkonsens.com/ Frame ABF8 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sammledenkonsens.com/cc.css
Requested by
Host: sammledenkonsens.com
URL: https://sammledenkonsens.com/cc.js?wId=4tsZscPN1uhuThHXBbv19&domain=ichbindein.com&languageCode=de&languageTerritory=DE&sessionId=2151d60223b2442fab2f476ea2cae43a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ichbindein.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Oct 2020 08:07:25 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6073-5b1b123761e40-gzip"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
3892
collector
api.sammledenkonsens.com/consent/ Frame ABF8 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/collector
Requested by
Host: sammledenkonsens.com
URL: https://sammledenkonsens.com/cc.js?wId=4tsZscPN1uhuThHXBbv19&domain=ichbindein.com&languageCode=de&languageTerritory=DE&sessionId=2151d60223b2442fab2f476ea2cae43a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a5284199c5ce3483f943e3191a2735101b580b57c112d69c3daf93b99506fbdb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://ichbindein.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jan 2022 11:19:42 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
content-length
4373
loadSegment
api.sammledenkonsens.com/consent/ Frame ABF8 		403 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/loadSegment
Requested by
Host: sammledenkonsens.com
URL: https://sammledenkonsens.com/cc.js?wId=4tsZscPN1uhuThHXBbv19&domain=ichbindein.com&languageCode=de&languageTerritory=DE&sessionId=2151d60223b2442fab2f476ea2cae43a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5764728c4b1c7f4421a4f9f55eccc27ad7a7dae280091af66d372408c078a68f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://ichbindein.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jan 2022 11:19:42 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
content-length
403
loadSegment
api.sammledenkonsens.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ichbindein.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Tue, 18 Jan 2022 11:19:42 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.sammledenkonsens.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ichbindein.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Tue, 18 Jan 2022 11:19:42 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.sammledenkonsens.com/consent/ Frame ABF8 		411 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/loadSegment
Requested by
Host: sammledenkonsens.com
URL: https://sammledenkonsens.com/cc.js?wId=4tsZscPN1uhuThHXBbv19&domain=ichbindein.com&languageCode=de&languageTerritory=DE&sessionId=2151d60223b2442fab2f476ea2cae43a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7f827b7cce86deb8115f88264b5763451b0a3575224e0f3c31c95944a3e9aa5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://ichbindein.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jan 2022 11:19:42 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
content-length
411
confirmExplicit
api.sammledenkonsens.com/consent/ Frame ABF8 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/confirmExplicit
Requested by
Host: sammledenkonsens.com
URL: https://sammledenkonsens.com/cc.js?wId=4tsZscPN1uhuThHXBbv19&domain=ichbindein.com&languageCode=de&languageTerritory=DE&sessionId=2151d60223b2442fab2f476ea2cae43a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://ichbindein.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jan 2022 11:19:42 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
content-length
0
confirmExplicit
api.sammledenkonsens.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sammledenkonsens.com/consent/confirmExplicit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ichbindein.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Tue, 18 Jan 2022 11:19:42 GMT
content-type
application/vnd.api+json
content-length
0
access-control-allow-origin
https://ichbindein.com
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-headers
content-type
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _gaq object| _gat object| gaGlobal

12 Cookies

Domain/Path Name / Value
raparigasnatuazona.tk/ Name: JSESSIONID
Value: F5B3EFD5AB55E057132EC522612F561D
raparigasnatuazona.tk/ Name: __utma
Value: 1.937691685.1642504778.1642504778.1642504778.1
raparigasnatuazona.tk/ Name: __utmc
Value: 1
raparigasnatuazona.tk/ Name: __utmz
Value: 1.1642504778.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
raparigasnatuazona.tk/ Name: __utmt
Value: 1
raparigasnatuazona.tk/ Name: __utmb
Value: 1.1.10.1642504778
.rafdav.com/ Name: sid
Value: DZlWNqs+7GsZhmSTwl2kprvsyDf2O7wyI+KtvAJzrAlxd/U5MO7RCw==
.rafdav.com/ Name: trk
Value: 1djtPYPPfxZPYj3u+q5Rh7vsyDf2O7wyI+KtvAJzrAlxd/U5MO7RCw==
.rafdav.com/ Name: c108171
Value: DZlWNqs+7GsrIYNRxCA4Vp1DbBgxkApc63oBItPAzWlJkORWftJKOA==
.rafdav.com/ Name: pt30
Value: b92f4847b9b84a3eb73c2c2f05172d9c
.rafdav.com/ Name: ptc
Value: b92f4847b9b84a3eb73c2c2f05172d9c
.rafdav.com/ Name: ptbs
Value: b92f4847b9b84a3eb73c2c2f05172d9c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sammledenkonsens.com
cyberdigital.ninja
fonts.gstatic.com
ichbindein.com
is.gd
landers.cdnware.io
rafdav.com
raparigasnatuazona.tk
sammledenkonsens.com
static.dating
trackingalltracks.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.ichbindein.com
128.199.56.44
159.89.250.180
195.20.47.168
2606:4700:20::6819:e935
2a00:1450:4001:802::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:82b::200e
34.107.95.248
35.195.163.35
35.227.221.175
35.227.234.99
54.237.62.140
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2a0b35d8eaf40774788f590f6b190fa07f17ccd30e9614c285c5024f49ad427e
3015ae3bf92ae1db15143cb83a3ea7f5c892cc5db4c700fac4c40f8d7f52494a
30c78fdad97f34a2f313978baa503834d2f7d67ac9ea724c76c661cb38e41a75
3184c73a62b28eda0092b36d48b4850f3322e1c913b54b049b83fa066f47dcfc
39e4525a60d25d2a237c8510417a007f5dabfb8f55de3c89731ae39f47b779a0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
5764728c4b1c7f4421a4f9f55eccc27ad7a7dae280091af66d372408c078a68f
58c38c9a84ff93f797dc0ebe94bb51422e6ca3641d22df1c6bc6a76de342812a
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
7f827b7cce86deb8115f88264b5763451b0a3575224e0f3c31c95944a3e9aa5c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9198b72587bf1894d3fdf8dd3bf49f93a7f01b784197aecfda959b9baea16ecb
92b8884c1233e6be825c4cace16a633bae753456d20569f00f5ddabb9cc44f62
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5284199c5ce3483f943e3191a2735101b580b57c112d69c3daf93b99506fbdb
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1
b2f51b86ae1aa35704f12cc5ef0a0f5e0f88203c434fc230da0ce826e38b3701
be7ae60eade4925df1221f8fcf600ff72a9422a76f768cf32da6075431858eaf
d1b6ff55110a3ba33dbd1235bd174548f12d11c59ef76a71423799b4697102f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e492d2e9eb7c926e9eafbd143f8b19e7e56f3ee320833a93c4ac3e69e5773232
e671437dbdfea29e6d58d838049e22ef37097277eb96cb7d87eb08c90bfe035a
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fef9b530d2ffb3086138669d0da1bff365dbf40307ddf0314700ae0c0c94df50