helden.de Open in urlscan Pro
2606:4700:10::6816:4c41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paramountpluu.com/
Effective URL:
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Submission: On February 28 via api (February 28th 2022, 5:52:34 pm UTC) from US — Scanned from DE

Summary HTTP 226 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 35 domains to perform 226 HTTP transactions. The main IP is 2606:4700:10::6816:4c41, located in United States and belongs to CLOUDFLARENET, US. The main domain is helden.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time helden.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.32.237.90 212.32.237.90	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	104.206.252.90 104.206.252.90	62904 (EONIX-COM...) (EONIX-COMMUNICATIONS-ASBLOCK-62904)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:4700:20:... 2606:4700:20::681a:b29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
85	2606:4700:10:... 2606:4700:10::6816:4c41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	34.102.224.29 34.102.224.29	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	143.204.98.47 143.204.98.47	16509 (AMAZON-02) (AMAZON-02)
2	2a03:5f80:a::... 2a03:5f80:a::b212:e7c0	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
5	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100:1af::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 7	184.30.24.193 184.30.24.193	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
6	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.58 143.204.98.58	16509 (AMAZON-02) (AMAZON-02)
226	37

2 212.32.237.90 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

paramountpluu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.206.252.90 (New York, United States) 1 redirects

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US)
PTR: 90-252-206-104.staticrdns.eonix.net

4773.booknower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b29 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

haftpflichthelden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2606:4700:10::6816:4c41 (United States)

ASN13335 (CLOUDFLARENET, US)

helden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.224.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.224.102.34.bc.googleusercontent.com

images.provenexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

w.likebtn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.98.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-47.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:5f80:a::b212:e7c0 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.230.98.74 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.126.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1af::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.24.193 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	helden.de helden.de	3 MB
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 4748	752 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	421 KB
8	consentmanager.net b.delivery.consentmanager.net — Cisco Umbrella Rank: 98070 cdn.consentmanager.net — Cisco Umbrella Rank: 31822 delivery.consentmanager.net — Cisco Umbrella Rank: 40143	84 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5238 bootstrap.api.drift.com — Cisco Umbrella Rank: 5485	480 B
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250 fonts.googleapis.com — Cisco Umbrella Rank: 35	14 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	40 KB
4	pinterest.de www.pinterest.de — Cisco Umbrella Rank: 28326	15 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	3 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 983 trc.taboola.com — Cisco Umbrella Rank: 571 trc-events.taboola.com — Cisco Umbrella Rank: 1715	19 KB
3	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 810 www.pinterest.com — Cisco Umbrella Rank: 1008	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 331	12 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 263 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1361	9 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 667	19 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	t.co t.co — Cisco Umbrella Rank: 456	548 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	693 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	37 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	3 KB
2	likebtn.com w.likebtn.com — Cisco Umbrella Rank: 78790	62 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	84 KB
2	lookandfind.me lookandfind.me	1 KB
2	booknower.com 1 redirects 4773.booknower.com	2 KB
2	paramountpluu.com 1 redirects paramountpluu.com	1 KB
1	driftcdn.com embeds.driftcdn.com — Cisco Umbrella Rank: 5545	5 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 559	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	14 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67	438 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	295 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	provenexpert.com images.provenexpert.com — Cisco Umbrella Rank: 196948	16 KB
1	haftpflichthelden.de 1 redirects haftpflichthelden.de	550 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14416	750 B
1	clever-redirect.com 1 redirects clever-redirect.com	445 B
226	35

	Domain	Requested by
85	helden.de	lookandfind.me helden.de
64	js.driftt.com	helden.de js.driftt.com
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn.consentmanager.net	helden.de b.delivery.consentmanager.net cdn.consentmanager.net
5	www.google.com	helden.de www.gstatic.com
4	metrics.api.drift.com	js.driftt.com
4	www.pinterest.de	s.pinimg.com paramountpluu.com
4	fonts.googleapis.com	helden.de
3	bat.bing.com	www.googletagmanager.com bat.bing.com helden.de
3	www.gstatic.com	www.google.com
2	bootstrap.api.drift.com	js.driftt.com
2	trc-events.taboola.com	cdn.taboola.com
2	px.ads.linkedin.com	2 redirects
2	ct.pinterest.com	s.pinimg.com helden.de
2	delivery.consentmanager.net	helden.de
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	t.co	helden.de
2	analytics.twitter.com	static.ads-twitter.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	connect.facebook.net	helden.de connect.facebook.net
2	snap.licdn.com	helden.de snap.licdn.com
2	w.likebtn.com	helden.de w.likebtn.com
2	www.googletagmanager.com	helden.de
2	ajax.googleapis.com	helden.de
2	lookandfind.me	paramountpluu.com
2	4773.booknower.com	1 redirects paramountpluu.com
2	paramountpluu.com	1 redirects
1	embeds.driftcdn.com	js.driftt.com
1	bam.nr-data.net	js-agent.newrelic.com
1	www.pinterest.com	1 redirects
1	js-agent.newrelic.com	helden.de
1	px4.ads.linkedin.com	helden.de
1	www.linkedin.com	1 redirects
1	www.google.de	helden.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	trc.taboola.com	cdn.taboola.com
1	www.facebook.com	helden.de
1	cdn.taboola.com	www.googletagmanager.com
1	b.delivery.consentmanager.net	helden.de
1	c.amazon-adsystem.com	helden.de
1	static.ads-twitter.com	helden.de
1	images.provenexpert.com	helden.de
1	haftpflichthelden.de	1 redirects
1	www.awin1.com	1 redirects
1	clever-redirect.com	1 redirects
226	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.pinterest.de
my.helden.de
www.provenexpert.com
twitter.com
www.linkedin.com
www.xing.com
themeforest.net
acoda.com

Subject Issuer	Validity	Valid
lookandfind.me R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
developer.provenexpert.com GTS CA 1D4	`2022-02-16` - `2022-05-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-08` - `2022-03-08`	3 months	crt.sh
b.delivery.consentmanager.net R3	`2022-01-22` - `2022-04-22`	3 months	crt.sh
1376624012.rsc.cdn77.org R3	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-01-30` - `2022-12-31`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
delivery.consentmanager.net R3	`2022-01-22` - `2022-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.driftcdn.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Frame ID: 8960A426075E45F58A2817C3C330DE82
Requests: 148 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1646070747070&dcc=t
Frame ID: 47EEA06F8AB973254D5690F52A4F153D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=invisible&cb=5mv5q279xr3g
Frame ID: 1F3B35661EFA4FE678C8CB1B2CDAB9EE
Requests: 5 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
Frame ID: E89F290F044E11C6C57710F9B3BBBA66
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
Frame ID: A336503A6BD834991A02B1B77766E63B
Requests: 33 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 891D3A12EFBE170D087E380A1CC86070
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🥇Premiumschutz für deinen Lifestyle // helden.decockadecloud-miningmagnifierspaceshiptime-machineb-love

Page URL History Show full URLs

http://paramountpluu.com/ Page URL
http://paramountpluu.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NjA... HTTP 302
http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd383... Page URL
http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd383... HTTP 302
https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramountpluu.com HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=822... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%... Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=87f5d5e3e9fa809e400cef1559da615a&pref2=DE HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac... HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

226
Requests

99 %
HTTPS

48 %
IPv6

35
Domains

46
Subdomains

37
IPs

6
Countries

4305 kB
Transfer

9144 kB
Size

31
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/helden.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helden.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4A1U61t-ttoV0amitX3ERw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/helden_de/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://my.helden.de/
Title: Login

Search URL Search Domain Scan URL

URL: https://my.helden.de/signup
Title: ABSCHLIESSEN

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/?utm_source=Widget&utm_medium=Widget&utm_campaign=Widget

Search URL Search Domain Scan URL

URL: https://twitter.com/heldende_

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/helden-de/

Search URL Search Domain Scan URL

URL: https://www.xing.com/pages/helden-de

Search URL Search Domain Scan URL

URL: http://themeforest.net/item/you-multipurpose-responsive-wordpress-theme/15175900?ref=-ACODA-
Title: You WordPress Theme

Search URL Search Domain Scan URL

URL: http://acoda.com/
Title: Acoda

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/
Title: Insurance Hero GmbH Versicherungen Anonym hat 4,84 von 5 Sternen 403 Bewertungen auf ProvenExpert.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paramountpluu.com/ Page URL
http://paramountpluu.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NjA3Nzk0NCwiaWF0IjoxNjQ2MDcwNzQ0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmMwOTdvNmhrbWVyM2gyZGcwa29jOGkiLCJuYmYiOjE2NDYwNzA3NDQsInRzIjoxNjQ2MDcwNzQ0ODYwMDk1fQ.1PLOg_j_bZFQUKze8_nhYVGCipG-NTGRkSWlHfxBV1o&sid=2fb8f87e-98bf-11ec-943c-5e0bad3ef871 HTTP 302
http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t/feed Page URL
http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t HTTP 302
https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramountpluu.com HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=822615&s2=&s3=apix07-paramountpluu.com&s5=wc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D87f5d5e3e9fa809e400cef1559da615a%26pref2%3DDE&h=c4d0e68840d6632fbf3dc4ec17f50836 Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=87f5d5e3e9fa809e400cef1559da615a&pref2=DE HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688 HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://paramountpluu.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NjA3Nzk0NCwiaWF0IjoxNjQ2MDcwNzQ0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmMwOTdvNmhrbWVyM2gyZGcwa29jOGkiLCJuYmYiOjE2NDYwNzA3NDQsInRzIjoxNjQ2MDcwNzQ0ODYwMDk1fQ.1PLOg_j_bZFQUKze8_nhYVGCipG-NTGRkSWlHfxBV1o&sid=2fb8f87e-98bf-11ec-943c-5e0bad3ef871 HTTP 302
http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t/feed

Request Chain 2

http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t HTTP 302
https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramountpluu.com HTTP 302
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=822615&s2=&s3=apix07-paramountpluu.com&s5=wc

Request Chain 114

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1646070747070 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1646070747070&dcc=t

Request Chain 148

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3298705%26time%3D1646070748152%26url%3Dhttps%253A%252F%252Fhelden.de%252F%253Futm_source%253Daffilinet%2526src%253Daffnet%2526awc%253D14361_1646070746_eb445303bcc78a3f3837ac702f734688%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&liSync=true&e_ipv6=AQLR8sxNurrLawAAAX9BdlVBcKJiHgcJ0Sh77HqZcrvgYcXrPpjtoOEm4Xf9BMTDhWskTuAjAxeffvBV2jx9v8CR-pBT4g

Request Chain 153

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

226 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
paramountpluu.com/ 473 B
834 B 67ms
29ms Document
text/html 212.32.237.90
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://paramountpluu.com/
Protocol: HTTP/1.1
Server: 212.32.237.90 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: a5462bc6a4998204c89a2c60fae6753af3ab356e53b3d454a6c70bbae64c2bdb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 473
content-type: text/html; charset=utf-8
date: Mon, 28 Feb 2022 17:52:24 GMT
server: nginx

GET
H/1.1

200
OK

feed Show response
4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t/
Redirect Chain

http://paramountpluu.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NjA3Nzk0NCwiaWF0IjoxNjQ2MDcwNzQ0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmMwOTdvNmhrbWVyM2gyZGcwa29...
http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t/feed

3 KB
2 KB

214ms
128ms

Document
text/html

104.206.252.90
EONIX-COMMUNICATI...

General

Check archive.org

Show headers Download Go to

Full URL: http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t/feed
Requested by: Host: paramountpluu.com
URL: http://paramountpluu.com/
Protocol: HTTP/1.1
Server: 104.206.252.90 New York, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS: 90-252-206-104.staticrdns.eonix.net
Software: nginx/1.14.2 /
Resource Hash: 17a4340550389a05ed20a5ec7bda4441ba5d1e7a72944f8771545a7d9707a09a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://paramountpluu.com/

Response headers

Server: nginx/1.14.2
Date: Mon, 28 Feb 2022 17:52:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 28 Feb 2022 17:52:25 GMT
location: http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t/feed
server: nginx

GET
H2

200

a Show response
lookandfind.me/s/
Redirect Chain

http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t
https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramountpluu.com
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=822615&s2=&s3=apix07-paramountpluu.com&s5=wc

376 B
740 B

49ms
25ms

Document
text/html

157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=822615&s2=&s3=apix07-paramountpluu.com&s5=wc
Requested by: Host: paramountpluu.com
URL: http://paramountpluu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: 2acdcdcfd9fa284a9b1403afb193fbb16da2a2ce478064f693cdcec93a9d680d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://4773.booknower.com/match-4773/67091/188758833/1646070745/mf_562f774d-489b-469f-8b4e-5b6d3ddd3832/YXBpeDA3LXBhcmFtb3VudHBsdXUuY29t/feed

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 376
content-type: text/html; charset=UTF-8
date: Mon, 28 Feb 2022 17:52:25 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
location: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=822615&s2=&s3=apix07-paramountpluu.com&s5=wc
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 28 Feb 2022 17:52:25 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27

GET
H2 200 r Show response
lookandfind.me/s/ 306 B
359 B 17ms
16ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D87f5d5e3e9fa809e400cef1559da615a%26pref2%3DDE&h=c4d0e68840d6632fbf3dc4ec17f50836
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: 519dfef52b536231050f7dbb5396d27e4846a21579316daae3cb86b441c41448

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=822615&s2=&s3=apix07-paramountpluu.com&s5=wc

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 306
content-type: text/html; charset=UTF-8
date: Mon, 28 Feb 2022 17:52:26 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

GET
H2

200

Primary Request / Show response
helden.de/
Redirect Chain

https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=87f5d5e3e9fa809e400cef1559da615a&pref2=DE
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

247 KB
48 KB

793ms
758ms

Document
text/html

2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Requested by: Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D87f5d5e3e9fa809e400cef1559da615a%26pref2%3DDE&h=c4d0e68840d6632fbf3dc4ec17f50836
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71e1226f24b5f77f506b29f8bb278e37f2ead9d6fe3a217f0c9b320072431435

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3D87f5d5e3e9fa809e400cef1559da615a%26pref2%3DDE&h=c4d0e68840d6632fbf3dc4ec17f50836

Response headers

date: Mon, 28 Feb 2022 17:52:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://helden.de/wp-json/>; rel="https://api.w.org/" <https://helden.de/>; rel=shortlink
cache-control: max-age=0
expires: Mon, 28 Feb 2022 17:52:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e4b81b3eea59043-FRA
content-encoding: gzip

Redirect headers

date: Mon, 28 Feb 2022 17:52:26 GMT
content-type: text/html; charset=iso-8859-1
location: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soRyjdIKykrX30MwmHcXrv8%2BwvWZqt4PaYTtg3VE19ddnyIc7eCxrqBcY2rDRjMlizOPtgigw2LTYrNi6iWAI0i5qcU%2F74iVy8dMwoi9uRsX699Zt3F27R9w%2Fm9kp51oiwuQ1xLUHd19JpqLwGPMWYa2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e4b81b36f899b5b-FRA

GET
H2 200 helden-custom.css
helden.de/wp-content/themes/you/css/ 1 KB
635 B 21ms
21ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/helden-custom.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 09:04:16 GMT
server: cloudflare
age: 886076
cf-polished: origSize=2130
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8aa2e9043-FRA
cf-bgj: minify

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/ 31 KB
6 KB 38ms
7ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 22:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5770
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2023 22:56:54 GMT

GET
H2 200 wp-notification-bars-public.css
helden.de/wp-content/plugins/wp-notification-bars/public/css/ 4 KB
1 KB 31ms
31ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 886077
cf-polished: origSize=4192
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8aa339043-FRA
cf-bgj: minify

GET
H2 200 acoda_counters.min.css
helden.de/wp-content/plugins/acoda-counters/assets/ 797 B
369 B 21ms
21ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8aa369043-FRA
content-length: 278
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 acoda_gigatools.min.css
helden.de/wp-content/plugins/acoda-gigatools/assets/ 695 B
327 B 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-gigatools/assets/acoda_gigatools.min.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8aa399043-FRA
content-length: 264
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 style.css
helden.de/wp-content/plugins/likebtn-like-button/public/css/ 2 KB
886 B 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/css/style.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 886076
cf-polished: origSize=2476
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8aa3c9043-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 30 KB
7 KB 35ms
33ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8aa3f9043-FRA
content-length: 7036
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 dynamic-mobmenu.css
helden.de/wp-content/uploads/ 8 KB
2 KB 25ms
24ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/uploads/dynamic-mobmenu.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 14:13:59 GMT
server: cloudflare
age: 886077
cf-polished: status=cannot_optimize
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8aa409043-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 1 KB
931 B 47ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 17:29:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Feb 2022 17:52:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
468 B 48ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7edee88862109a0b709cb1801cccd10f6460971dbb1afc945abb81c17bfca85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 17:52:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Feb 2022 17:52:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 js_composer.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 451 KB
44 KB 30ms
29ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8aa439043-FRA
content-length: 44917
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 mobmenu-icons.css
helden.de/wp-content/plugins/mobile-menu/includes/css/ 2 KB
757 B 34ms
34ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 886077
cf-polished: origSize=3886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8aa459043-FRA
cf-bgj: minify

GET
H2 200 style.css
helden.de/wp-content/themes/helden/ 376 KB
60 KB 37ms
36ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/style.css?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6928cc4d50cb193b1c5d09343ecae72c20af5da0483e28b7c48a4c77e0f6d3c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 14:51:16 GMT
server: cloudflare
age: 886077
cf-polished: origSize=448108
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8aa489043-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
helden.de/wp-includes/js/jquery/ 95 KB
33 KB 38ms
35ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 22:08:51 GMT
server: cloudflare
age: 886077
cf-polished: origSize=96873
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8ba519043-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
helden.de/wp-includes/js/jquery/ 10 KB
4 KB 34ms
31ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8ba559043-FRA
content-length: 4014
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 main.js Show response
helden.de/wp-content/themes/helden/ 122 KB
35 KB 35ms
31ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 09 Aug 2021 14:46:59 GMT
server: cloudflare
age: 886077
cf-polished: origSize=179649
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8ba579043-FRA
cf-bgj: minify

GET
H2 200 countid.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 5 KB
2 KB 48ms
44ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/countid.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8ba599043-FRA
content-length: 1975
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 acoda_counters.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 1 KB
586 B 26ms
23ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8ba5a9043-FRA
content-length: 523
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 frontend.js Show response
helden.de/wp-content/plugins/likebtn-like-button/public/js/ 5 KB
2 KB 22ms
19ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 886077
cf-polished: origSize=7114
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8ba5e9043-FRA
cf-bgj: minify

GET
H2 200 wpgmza_data.js Show response
helden.de/wp-content/plugins/wp-google-maps/ 0
66 B 31ms
29ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 13:26:08 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8ba5f9043-FRA
content-length: 0
cf-bgj: minify

GET
H2 200 wp-notification-bars-public.js Show response
helden.de/wp-content/plugins/wp-notification-bars/public/js/ 689 B
354 B 31ms
28ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 886077
cf-polished: origSize=1041
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8ba629043-FRA
cf-bgj: minify

GET
H2 200 mobmenu.js Show response
helden.de/wp-content/plugins/mobile-menu/includes/js/ 6 KB
1 KB 39ms
37ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 886077
cf-polished: origSize=8712
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8ba639043-FRA
cf-bgj: minify

GET
H2 200 waypoints.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/ 8 KB
3 KB 29ms
27ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8ba699043-FRA
content-length: 2615
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 waypoints-sticky.min.js Show response
helden.de/wp-content/themes/you/js/ 3 KB
1 KB 26ms
24ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/waypoints-sticky.min.js?ver=1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b8ba6b9043-FRA
content-length: 1282
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 65ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-71374404-2

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84a55ebffa78c909590dd52162e0ceb742d142d929c8db41578c01a165a71e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37449
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 17:02:49 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 helden_de_custom.js Show response
helden.de/wp-content/themes/you/js/ 6 KB
2 KB 29ms
27ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/helden_de_custom.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Mar 2021 13:18:15 GMT
server: cloudflare
age: 886077
cf-polished: origSize=7385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b8ba719043-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
665 B 42ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 17:16:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Feb 2022 17:52:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 helden.de_Logo.svg
helden.de/wp-content/uploads/2021/02/ 5 KB
2 KB 39ms
33ms Image
image/svg+xml 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/02/helden.de_Logo.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Feb 2021 09:49:41 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e4b81b94bbb9043-FRA
content-length: 1845
expires: Sun, 20 Mar 2022 11:44:30 GMT

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
helden.de/wp-content/assets/profly_dji/ 33 KB
8 KB 38ms
31ms Image
image/svg+xml 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/profly_dji/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6e4b81b94bbc9043-FRA
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 05:21:52 GMT
server: cloudflare
age: 885990
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/svg+xml
content-length: 8356
expires: Sun, 20 Mar 2022 11:45:57 GMT

GET
H2 200 Kundenvertrauen_helden_de.svg
helden.de/wp-content/uploads/2021/07/ 32 KB
8 KB 39ms
32ms Image
image/svg+xml 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/Kundenvertrauen_helden_de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 08:21:20 GMT
server: cloudflare
age: 885990
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e4b81b94bbd9043-FRA
content-length: 8129
expires: Sun, 20 Mar 2022 11:45:57 GMT

GET
H2 200 widget_square_165_1.png
images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/ 16 KB
16 KB 53ms
10ms Image
image/png 34.102.224.29
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/widget_square_165_1.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.224.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.224.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 04f71eff37723c234b63d007d7b38f768f97260702c78056b8fc474812b15ce7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
via: 1.1 google
last-modified: Mon, 21 Feb 2022 11:02:17 GMT
server: nginx
age: 0
etag: "62137139-3f12"
content-type: image/png
cache-control: max-age=86400,no-cache
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16146
expires: Tue, 01 Mar 2022 17:52:27 GMT

GET
H2 200 Helden_Web_Mobile-Mockup_06.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 34ms
28ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_06.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885986
cf-polished: qual=85, origFmt=jpeg, origSize=52798
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_06.webp"
content-length: 27534
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:01 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bbe9043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_05.jpg
helden.de/wp-content/uploads/2019/10/ 19 KB
19 KB 64ms
57ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_05.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 248707
cf-polished: qual=85, origFmt=jpeg, origSize=42408
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_05.webp"
content-length: 19320
last-modified: Mon, 14 Oct 2019 10:34:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 25 Jun 2022 20:47:20 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bbf9043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_04.jpg
helden.de/wp-content/uploads/2019/10/ 25 KB
26 KB 37ms
31ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_04.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 338162
cf-polished: qual=85, origFmt=jpeg, origSize=50929
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_04.webp"
content-length: 25904
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 24 Jun 2022 19:56:25 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc19043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_03.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 40ms
34ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_03.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885986
cf-polished: qual=85, origFmt=jpeg, origSize=55274
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_03.webp"
content-length: 27706
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:01 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc29043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_02.jpg
helden.de/wp-content/uploads/2019/10/ 33 KB
33 KB 44ms
38ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_02.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885987
cf-polished: qual=85, origFmt=jpeg, origSize=59813
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_02.webp"
content-length: 34042
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:00 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc39043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_01.jpg
helden.de/wp-content/uploads/2019/10/ 23 KB
23 KB 40ms
34ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_01.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 248707
cf-polished: qual=85, origFmt=jpeg, origSize=48508
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_01.webp"
content-length: 23826
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 25 Jun 2022 20:47:20 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc49043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1LRK2.jpg
helden.de/wp-content/uploads/2019/10/ 10 KB
10 KB 40ms
34ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_1LRK2.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53080eca44bc02b841d154e159fa515224b4fbf395c7fc9293aa7352c0e76a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 12:24:23 GMT
server: cloudflare
age: 469235
cf-polished: degrade=85, origSize=13627, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 23 Jun 2022 07:31:52 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc59043-FRA
content-length: 10282
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_3C3J3.jpg
helden.de/wp-content/assets/community/ 9 KB
9 KB 45ms
39ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_3C3J3.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf428595fc6bc680e8823567c5fc438c87d239b74db2373d423440d8f55e738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 469240
cf-polished: qual=85, origFmt=jpeg, origSize=13398
content-disposition: inline; filename="helden_code_3C3J3.webp"
content-length: 8778
last-modified: Thu, 29 Jul 2021 09:59:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 23 Jun 2022 07:31:47 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc69043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_3IL53.jpg
helden.de/wp-content/uploads/2019/10/ 14 KB
14 KB 41ms
36ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_3IL53.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088a021299cdae3933d232a2bfc8dc5800fda02156bdfea4353505219357808b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:25:13 GMT
server: cloudflare
age: 247573
cf-polished: degrade=85, origSize=42637, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 25 Jun 2022 21:06:14 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc79043-FRA
content-length: 14190
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_3SJV4.jpg
helden.de/wp-content/uploads/2019/10/ 31 KB
31 KB 70ms
64ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_3SJV4.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a042d589b14eabc1bc3426dde107c2aa18e3b458d12cfc1b244854e17a0f43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 14 Oct 2019 09:25:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc89043-FRA
content-length: 31367
expires: Tue, 28 Jun 2022 17:52:27 GMT

GET
H2 200 helden_code_18P81.jpg
helden.de/wp-content/uploads/2019/10/ 20 KB
19 KB 2183ms
2177ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_18P81.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73047d352c4ebae295da9e02e0982f42d7b1f3d8c5645b0d576879ce4ed7dc0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:29 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 14 Oct 2019 09:25:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bc99043-FRA
content-length: 19528
expires: Tue, 28 Jun 2022 17:52:29 GMT

GET
H2 200 helden_code_3CHV6.jpg
helden.de/wp-content/uploads/2019/10/ 25 KB
25 KB 175ms
169ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_3CHV6.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42bc9aaebd691553a360489b734df085e287eaeffd4414a9c4e04617904a85b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 14 Oct 2019 09:25:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bca9043-FRA
content-length: 25288
expires: Tue, 28 Jun 2022 17:52:27 GMT

GET
H2 200 helden_code_3F9K3.jpg
helden.de/wp-content/assets/community/ 13 KB
13 KB 62ms
57ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_3F9K3.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56baa149b3c57892a87f524848341b20dee79b198cb30f80e53cc480eb7d066

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 29 Jul 2021 09:59:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bcb9043-FRA
content-length: 12983
expires: Tue, 28 Jun 2022 17:52:27 GMT

GET
H2 200 helden_code_1PDW4.jpg
helden.de/wp-content/uploads/2019/10/ 20 KB
19 KB 1186ms
1180ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_1PDW4.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b66d4e90c31bda7e0783f5a7762ce14ca67a5a4757d64d88bed5cbbec250f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 14 Oct 2019 09:24:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bcc9043-FRA
content-length: 19862
expires: Tue, 28 Jun 2022 17:52:28 GMT

GET
H2 200 helden_code_21A68.jpg
helden.de/wp-content/uploads/2019/10/ 29 KB
29 KB 1177ms
1171ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_21A68.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a604a6cf686570c4284c09f1b500551b528c19be1363d264d3d82e50c332a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 14 Oct 2019 09:25:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bcf9043-FRA
content-length: 29301
expires: Tue, 28 Jun 2022 17:52:28 GMT

GET
H2 200 helden_de_NBYR5.jpg
helden.de/wp-content/assets/community/ 48 KB
48 KB 85ms
80ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_de_NBYR5.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ee0c2b51d6acceeda15819fc68ef5eba47b81724410b0797400b01bccb28d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 03 Jan 2022 09:25:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bd09043-FRA
content-length: 49253
expires: Tue, 28 Jun 2022 17:52:27 GMT

GET
H2 200 helden_code_0SH89.jpg
helden.de/wp-content/uploads/2019/06/ 218 KB
200 KB 52ms
47ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/06/helden_code_0SH89.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef9c780b5550e3ef3ba00bf472540197d0e08950d195038038b31635594e7c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2019 10:13:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
cf-ray: 6e4b81b94bd19043-FRA
expires: Tue, 28 Jun 2022 17:52:27 GMT

GET
H2 200 helden_code_1WUW8.jpg
helden.de/wp-content/uploads/2019/10/ 24 KB
24 KB 60ms
54ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_1WUW8.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c4f2b89d1049249d29f0662b40f3006fb604f02e0711216088750a1e675a6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 14 Oct 2019 09:24:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bd39043-FRA
content-length: 24472
expires: Tue, 28 Jun 2022 17:52:27 GMT

GET
H2 200 Versicherungspartner_NV-300x208.jpg
helden.de/wp-content/uploads/2020/04/ 3 KB
3 KB 45ms
40ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_NV-300x208.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 248707
cf-polished: qual=85, origFmt=jpeg, origSize=6159
content-disposition: inline; filename="Versicherungspartner_NV-300x208.webp"
content-length: 2924
last-modified: Fri, 03 Apr 2020 11:30:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 25 Jun 2022 20:47:20 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bd89043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Versicherungspartner_HISCOX-300x182.jpg
helden.de/wp-content/uploads/2020/04/ 4 KB
4 KB 42ms
37ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_HISCOX-300x182.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 425387
cf-polished: qual=85, origFmt=jpeg, origSize=6611
content-disposition: inline; filename="Versicherungspartner_HISCOX-300x182.webp"
content-length: 3982
last-modified: Fri, 03 Apr 2020 11:30:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 23 Jun 2022 19:42:40 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bd99043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
helden.de/wp-content/uploads/2021/07/ 23 KB
23 KB 41ms
37ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 246539
cf-polished: origFmt=png, origSize=56718
content-disposition: inline; filename="WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.webp"
content-length: 23324
last-modified: Mon, 05 Jul 2021 11:39:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 25 Jun 2022 21:23:28 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94bdc9043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
helden.de/wp-content/uploads/2020/06/ 47 KB
47 KB 50ms
45ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/06/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 10:28:11 GMT
server: cloudflare
age: 249055
cf-polished: qual=85, origFmt=jpeg, origSize=69103
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 25 Jun 2022 20:41:32 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.webp"
cf-ray: 6e4b81b94be19043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden.de_Logo_web_retina.png
helden.de/wp-content/uploads/2019/01/ 4 KB
5 KB 42ms
38ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/01/helden.de_Logo_web_retina.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885986
cf-polished: origFmt=png, origSize=8928
content-disposition: inline; filename="helden.webp"
content-length: 4534
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:01 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b94be29043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 js_composer_tta.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 309 KB
14 KB 24ms
24ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b90b229043-FRA
content-length: 14545
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
649 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&ver=5.2.14

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a55eb96ad9952ebf2d6e42d4f44565d00ebe4a6ea1171e4d4dcaa6a653081c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 16:00:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 28 Feb 2022 17:52:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 ihover.min.css
helden.de/wp-content/themes/you/css/ 50 KB
3 KB 26ms
20ms Stylesheet
text/css 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/ihover.min.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 08:00:21 GMT
server: cloudflare
age: 885990
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b93b8c9043-FRA
content-length: 3178
expires: Sat, 18 Feb 2023 11:45:57 GMT

GET
H2 200 core.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 4 KB
2 KB 27ms
20ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b93b979043-FRA
content-length: 1811
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 widget.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 7 KB
3 KB 28ms
21ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b93b999043-FRA
content-length: 2543
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 position.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 6 KB
2 KB 29ms
22ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b93b9d9043-FRA
content-length: 2469
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 menu.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 9 KB
3 KB 31ms
24ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b93b9f9043-FRA
content-length: 2805
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 wp-sanitize.min.js Show response
helden.de/wp-includes/js/ 423 B
320 B 30ms
24ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-sanitize.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b93ba09043-FRA
content-length: 257
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 wp-a11y.min.js Show response
helden.de/wp-includes/js/ 640 B
461 B 29ms
21ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-a11y.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94ba39043-FRA
content-length: 375
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 autocomplete.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 8 KB
3 KB 28ms
20ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94ba49043-FRA
content-length: 2774
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 presVouch.js Show response
helden.de/wp-content/themes/helden/ 3 KB
1 KB 45ms
38ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/presVouch.js?ver=1.2
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 08:40:22 GMT
server: cloudflare
age: 886077
cf-polished: origSize=5783
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:30 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b94ba69043-FRA
cf-bgj: minify

GET
H2 200 underscore.min.js Show response
helden.de/wp-includes/js/ 16 KB
6 KB 31ms
23ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94ba79043-FRA
content-length: 5634
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 backbone.min.js Show response
helden.de/wp-includes/js/ 22 KB
7 KB 31ms
23ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/backbone.min.js?ver=1.2.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 886077
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94ba89043-FRA
content-length: 7433
expires: Sat, 18 Feb 2023 11:44:30 GMT

GET
H2 200 api-request.min.js Show response
helden.de/wp-includes/js/ 768 B
596 B 40ms
32ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/api-request.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886074
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94baa9043-FRA
content-length: 440
expires: Sat, 18 Feb 2023 11:44:33 GMT

GET
H2 200 wp-api.min.js Show response
helden.de/wp-includes/js/ 14 KB
4 KB 25ms
18ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-api.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886074
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bac9043-FRA
content-length: 4086
expires: Sat, 18 Feb 2023 11:44:33 GMT

GET
H2 200 scripts.js Show response
helden.de/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 29ms
21ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886074
cf-polished: origSize=14440
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 18 Feb 2023 11:44:33 GMT
cache-control: max-age=31536000
cf-ray: 6e4b81b94bad9043-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 62ms
15ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8293d3117e7ed170062e6f5c1c3a14f01d72c7f6dab57dcf79bffbe9825f2656

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 effect.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 13 KB
5 KB 65ms
58ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886074
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bae9043-FRA
content-length: 5162
expires: Sat, 18 Feb 2023 11:44:33 GMT

GET
H2 200 wp-embed.min.js Show response
helden.de/wp-includes/js/ 1 KB
866 B 45ms
38ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-embed.min.js?ver=5.2.14
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 886076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bb09043-FRA
content-length: 739
expires: Sat, 18 Feb 2023 11:44:31 GMT

GET
H2 200 js_composer_front.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 36ms
29ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886074
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bb19043-FRA
content-length: 5712
expires: Sat, 18 Feb 2023 11:44:33 GMT

GET
H2 200 vc-accordion.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/ 12 KB
3 KB 29ms
22ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886074
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bb29043-FRA
content-length: 2673
expires: Sat, 18 Feb 2023 11:44:33 GMT

GET
H2 200 vc-tta-autoplay.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/ 2 KB
947 B 26ms
19ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bb39043-FRA
content-length: 831
expires: Sat, 18 Feb 2023 11:44:31 GMT

GET
H2 200 vc-tabs.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/ 4 KB
1 KB 70ms
64ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bb49043-FRA
content-length: 1170
expires: Sat, 18 Feb 2023 11:44:31 GMT

GET
H2 200 skrollr.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/ 12 KB
6 KB 42ms
36ms Script
application/javascript 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 886076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6e4b81b94bb99043-FRA
content-length: 5593
expires: Sat, 18 Feb 2023 11:44:31 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 43ms
10ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: helden.de
URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Feb 2023 17:15:37 GMT

GET
H2 200 widget.js Show response
w.likebtn.com/js/w/ 124 KB
34 KB 75ms
32ms Script
application/javascript 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/js/w/widget.js
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.15.4
Resource Hash: 300bdd3fb2fff5742f615c018430e6edbfcfdd29059da83d79a721523c799aa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16338
x-powered-by: HHVM/3.15.4
last-modified: Mon, 28 Feb 2022 06:01:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhjJgnal0VRI0igdog3Y9W2Whc5lvrIGYTbswvGRh0iegvy6VhslQa2maZo3TuUnMgxQIaPDmXNZkc9%2BhYfQO71MsxuufpsBIqYfhEOqGG55lC2peKbxTBNztuYDjtB7RmyLeAu8Tbk%2F4Ro%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=691200, s-maxage=57600
cf-polished: origSize=126890
cf-ray: 6e4b81b98f2690a0-FRA
cf-bgj: minify

GET
H2 200 h8eubnf2kys7.js Show response
js.driftt.com/include/1646070900000/ 228 KB
65 KB 181ms
132ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1646070900000/h8eubnf2kys7.js

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

36a812e3009bc06685082e8b416e86c3998ba3a177fa6a325c3d202544f5d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: s7mbKXQBeTe7Ti1ObHYPw9olyh3FYJod
content-encoding: gzip
etag: W/"409d8b51f56bf98e578b0d27c682a924"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:25:14 GMT
server: nginx
date: Mon, 28 Feb 2022 17:52:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XKnsvIBnFyA318bPhCNG7oIGjK4HvpiH68gh0JIvO0ebXANu_Xi3Tg==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 978ms
88ms Script
application/x-javascript 2a03:5f80:a::b212:e7c0
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:52:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72519
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 49ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn11552-HHN

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 7 KB
7 KB 44ms
5ms Script
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 09:48:40 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 17:52:19 GMT
server: AmazonS3
age: 29028
etag: "4e42700e21a922978b72507ad18a7fea"
x-cache: Hit from cloudfront
x-amz-version-id: RCjAxJ8CrRqbtKQCS4KIrWhcLcYrBklc
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 6674
x-amz-cf-id: hraL34m6vG0YYJ-isaOtSUkyHoDV4Hb2fBEI2k33CIODjluDbbKBAQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: rvVAS74mhYoJvhsGE27pcbCzTbvn4cE6f8rV3SuH5iVl+19kF5d5H3MWTt74Gf4/o9hC4fUf3Z6N8vo1pqiySA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 28 Feb 2022 17:52:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
47 KB 74ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f3829be787e96cffa3ccf0a0f4f388c8ab5f1d4632fe5ca23a7aa27baa13446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48024
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 17:02:49 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 4 KB
2 KB 80ms
22ms Script
application/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=4a85ab190397&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&&__cmpfcc=1&l=en&o=1646070747077

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

14246cc72e1f9ed27dbe227d911bf322aecb62e4a52c9655a60237e71d4211d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 17:52:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Feb 2022 17:52:27 GMT
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.net/delivery/js/ 345 KB
66 KB 61ms
11ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: 7168a10e18e557428a70c14114d7f68fda18f51039ea0b236ad01c39b576c3a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: RvMjvq36dhw
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 603
x-77-nzt: AcO1rzVxcr7/WwIAAA
x-accel-expires: @1646071944
last-modified: Tue, 15 Feb 2022 22:29:55 GMT
server: CDN77-Turbo
etag: W/"620c2963-562f9"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public

GET
H2 200 helden_de_phv_hero.jpg
helden.de/wp-content/assets/header/old/ 394 KB
395 KB 66ms
66ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/header/old/helden_de_phv_hero.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Feb 2021 14:27:07 GMT
server: cloudflare
age: 885985
cf-polished: qual=85, origFmt=jpeg, origSize=514244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_phv_hero.webp"
cf-ray: 6e4b81b98c599043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_privathaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 70 KB
70 KB 26ms
26ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_privathaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 885985
cf-polished: qual=85, origFmt=jpeg, origSize=92072
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_productimages_overview_privathaftpflicht.webp"
cf-ray: 6e4b81b98c629043-FRA
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 631bbb9222aa4b34439b69e2988652ede383ca956d79eb5fa6a69e69854c2e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 helden_de_productimages_overview_hausratschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 26 KB
26 KB 28ms
28ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hausratschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885985
cf-polished: qual=85, origFmt=jpeg, origSize=37384
content-disposition: inline; filename="helden_de_productimages_overview_hausratschutz.webp"
content-length: 26294
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b98c649043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 59 KB
59 KB 47ms
44ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2020 14:23:55 GMT
server: cloudflare
age: 885985
cf-polished: status=not_needed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b98c699043-FRA
content-length: 60060
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_hundehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 17 KB
17 KB 53ms
51ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hundehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885985
cf-polished: qual=85, origFmt=jpeg, origSize=26654
content-disposition: inline; filename="helden_de_productimages_overview_hundehaftpflicht.webp"
content-length: 17518
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b99c6c9043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_pferdehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 28 KB
28 KB 28ms
26ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_pferdehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 339094
cf-polished: qual=85, origFmt=jpeg, origSize=37445
content-disposition: inline; filename="helden_de_productimages_overview_pferdehaftpflicht.webp"
content-length: 28404
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 24 Jun 2022 19:40:53 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b99c6e9043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_drohenhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 29 KB
30 KB 45ms
43ms Image
image/jpeg 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_drohenhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 885985
cf-polished: degrade=85, origSize=37829, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b99c719043-FRA
content-length: 30032
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_keyvisual_gdh.png
helden.de/wp-content/assets/productimages/keyvisual/ 414 KB
414 KB 35ms
33ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/keyvisual/helden_de_keyvisual_gdh.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935b7f7d141f2bea994d54b9d709d5f15ebb6bce6b73f02b1f59ee40df8eabcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 10:23:29 GMT
server: cloudflare
age: 885985
cf-polished: origFmt=png, origSize=640265
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_keyvisual_gdh.webp"
cf-ray: 6e4b81b99c729043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 23 KB
23 KB 69ms
68ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 427507
cf-polished: qual=85, origFmt=jpeg, origSize=33528
content-disposition: inline; filename="helden_de_productimages_overview_2-in-1_berufshaftpflicht.webp"
content-length: 23796
last-modified: Mon, 02 Nov 2020 14:27:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 23 Jun 2022 19:07:20 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b99c749043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_bue_keyvisual.jpg
helden.de/wp-content/assets/buero_equipmentschutz/ 27 KB
27 KB 44ms
43ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/buero_equipmentschutz/helden_de_bue_keyvisual.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885985
cf-polished: qual=85, origFmt=jpeg, origSize=58681
content-disposition: inline; filename="helden_de_bue_keyvisual.webp"
content-length: 27568
last-modified: Fri, 12 Feb 2021 11:22:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b99c769043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_familienhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 22 KB
23 KB 41ms
40ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_familienhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
age: 885985
cf-polished: qual=85, origFmt=jpeg, origSize=32576
content-disposition: inline; filename="helden_de_productimages_overview_familienhaftpflicht.webp"
content-length: 23000
last-modified: Tue, 25 Aug 2020 10:13:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 11:46:02 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6e4b81b99c7b9043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_keyvisual_drohnenkasko.png
helden.de/wp-content/assets/productimages/keyvisual/ 446 KB
447 KB 41ms
40ms Image
image/webp 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/keyvisual/helden_de_keyvisual_drohnenkasko.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e5b9216b250c80257116d463056200a691f59331c9766e417c0cd4376e394b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 11:03:22 GMT
server: cloudflare
age: 877859
cf-polished: origFmt=png, origSize=598591
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 18 Jun 2022 14:01:28 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_keyvisual_drohnenkasko.webp"
cf-ray: 6e4b81b99c7c9043-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 44ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 426117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
23 KB 37ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 426117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 44ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 426116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:30:31 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 46ms
19ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 426116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:30:31 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 48ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:54:55 GMT
x-content-type-options: nosniff
age: 424652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:54:55 GMT

GET
H2 200 fontawesome-webfont.woff2
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/ 75 KB
76 KB 73ms
72ms Font
font/woff2 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 885985
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=10368000
cf-ray: 6e4b81b9cd039043-FRA
expires: Sat, 18 Jun 2022 11:46:02 GMT

GET
H2 200 / Show response
helden.de/wp-json/wp/v2/ 136 KB
7 KB 1219ms
1219ms XHR
application/json 2606:4700:10::6816:4c41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helden.de/wp-json/wp/v2/

Requested by

Host: helden.de
URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4c41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 6520
access-control-allow-headers: Authorization, Content-Type
allow: GET
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=0
cf-ray: 6e4b81badf599043-FRA
link: <https://helden.de/wp-json/>; rel="https://api.w.org/"
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ 357 KB
142 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helden.de/
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144239
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 21:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 14:07:47 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b

Request headers

Referer
Origin: https://helden.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 47EE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1646070747070
https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1646070747070&dcc=t

65 B
973 B

210ms
209ms

Document
text/html

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1646070747070&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

Server: Server
Date: Mon, 28 Feb 2022 17:52:27 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: JFWKE2S9C840YJNABJ02
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Mon, 28 Feb 2022 17:52:27 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: DH336Y4J1V7HGYCEZQRZ
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?pid=b5aa660d-7816-4a51-88e7-e17865dd5d11&event=PageView&ts=1646070747070&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 bV8xLndfMzIxNTcuZF8xNDA2MC54XzQxLnYucC50XzE0MDYw.js Show response
cdn.consentmanager.net/delivery/customdata/ 19 KB
5 KB 9ms
8ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfMzIxNTcuZF8xNDA2MC54XzQxLnYucC50XzE0MDYw.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=4a85ab190397&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&&__cmpfcc=1&l=en&o=1646070747077

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

90552459d67fda6dbde7d45235c4efce201a250a726d60cf3ad60a64f6a0e81d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 817
x-xss-protection: 0
x-77-nzt: AcO1rzXBoz7/MQMAAA
x-accel-expires: @1646071730
last-modified: Mon, 28 Feb 2022 17:38:49 GMT
server: CDN77-Turbo
x-77-nzt-ray: QSSAXJPzgTU
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *, *
cache-control: public, max-age=1800
expires: Mon, 28 Feb 2022 18:08:49 GMT

GET
H3 200 618036441688877 Show response
connect.facebook.net/signals/config/ 41 KB
11 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/618036441688877?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ba9bb26b083f8a712458b673f21ba8d2803ec04e8dc37d19ae286bfb6c60943

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 10778
x-xss-protection: 0
pragma: public
x-fb-debug: JrPD6m0LVvBResj2Onj3ZOdZtppBXBBjZMTJjKgqTsOWtLKMTxm72yIC//UwL3F0FsvElPjiYi1KkLHQ9b0mIA==
x-frame-options: DENY
date: Mon, 28 Feb 2022 17:52:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.css
w.likebtn.com/css/w/ 72 KB
28 KB 65ms
63ms Stylesheet
text/css 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/css/w/widget.css?v=39
Requested by: Host: w.likebtn.com
URL: https://w.likebtn.com/js/w/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3953
cf-polished: origSize=80956
last-modified: Fri, 21 Jan 2022 11:39:55 GMT
server: cloudflare
etag: W/"61ea9b8b-13c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXEUDzFhhYshXgDeJJXeBLVeCaqUA1wZF9UyPSimBQ0H2UAp%2Fxu2wYMxdLiMH9l52u6AGRyH%2BrPc8ti6FeiQQVkYOhDXpS8Rp9hXy39vfjKYJISNjp6z1ecsBiN5utWY8%2BXAiU%2FhyuHZJxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6e4b81bb8c2990a0-FRA
cf-bgj: minify

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
459 B 150ms
119ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=588f6853-29d2-4294-910f-3460df71c0a5&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 28 Feb 2022 17:52:26 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: bbb7ad358847bdff1dd0823443113edf87fc216d0076c7bf99111be51212723f
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
211 B 146ms
123ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=588f6853-29d2-4294-910f-3460df71c0a5&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 116
date: Mon, 28 Feb 2022 17:52:26 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6718f4c85a615b49b53d45a582a10eb795068bd02ffb4d1e289e5741910c6624
content-length: 43

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71374404-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1054
date: Mon, 28 Feb 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Feb 2022 19:34:53 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 383ms
111ms Script
application/javascript 2a02:26f0:7100:1af::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 50ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:26 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D1B3C137D094B468B664318A7265CDA Ref B: FRA31EDGE0811 Ref C: 2022-02-28T17:52:27Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1336307/ 55 KB
17 KB 28ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1336307/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f916d03d31f0da7a2dd9a9f72f2da64cee02298f75d827d1369ebe856b7b021

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: N3EyFVNT6yUNwGaHapPn7AMm.SoJJ3ak
content-encoding: gzip
etag: "8c6a33681ad16cfea92a9e74279cc607"
age: 9
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17366
x-amz-id-2: 50SxxgUItujFCmjqlNnVXHRUfwcuvBQifffUz4kXqE+5n02kVBfP7pndvz+7tQPVEjKM8fylKv0=
x-served-by: cache-hhn4065-HHN
last-modified: Sun, 27 Feb 2022 11:04:13 GMT
server: AmazonS3
x-timer: S1646070748.502152,VS0,VE1
date: Mon, 28 Feb 2022 17:52:27 GMT
vary: Accept-Encoding
x-amz-request-id: 76X9A6K2NYB31SJG
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 34
x-cache-hits: 1

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
234 B 132ms
119ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=33e7d88f-a731-43a4-986c-d2c3158a861b&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: bbb7ad358847bdff1dd0823443113edf87fc216d0076c7bf99111be51212723f
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
337 B 117ms
113ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5wdg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=33e7d88f-a731-43a4-986c-d2c3158a861b&tw_document_href=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 28 Feb 2022 17:52:27 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6718f4c85a615b49b53d45a582a10eb795068bd02ffb4d1e289e5741910c6624
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 25ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618036441688877&ev=PageView&dl=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1646070747500&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=28&fbp=fb.1.1646070747498.1742618208&it=1646070747430&coo=false&exp=p1&rqm=GET

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1F3B 41 KB
21 KB 44ms
28ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=invisible&cb=5mv5q279xr3g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

815f5b030ee6f911a0a1946d04161c81269dee966627bbd30ac0e0e131f24cf9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nVC4aq0W58dALrkvvJ5IDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Feb 2022 17:52:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-nVC4aq0W58dALrkvvJ5IDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21760
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 langpurpose_de.min.js Show response
cdn.consentmanager.net/delivery/lang/ 42 KB
8 KB 12ms
11ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/lang/langpurpose_de.min.js
Requested by: Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: f74d9d086da77d57a9c1ea196d0fa7b7efc8cde3ee9603c277d524c9b41d3473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: SmbjBpzrETM
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 757
x-77-nzt: AcO1rzW0xaP/9QIAAA
x-accel-expires: @1646071790
last-modified: Tue, 15 Feb 2022 22:30:18 GMT
server: CDN77-Turbo
etag: W/"620c297a-a6d8"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public

GET
H2 200 json Show response
trc.taboola.com/1336307/trc/3/ 2 KB
2 KB 31ms
24ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1336307/trc/3/json?tim=1646070747580&data=%7B%22id%22%3A223%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1646070747573%2C%22cv%22%3A%2220220224-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhelden.de%2F%22%2C%22e%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dinsuranceherogmbh-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1646070747579%2C%22ref%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A18%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336307/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 209ae5b444d29976b7f851083b4d2330894d690cb66527751e501ca43ec289b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms: 17
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
server: nginx
x-timer: S1646070748.591984,VS0,VE17
x-served-by: cache-hhn4065-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=863538198&t=pageview&_s=1&dl=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1301165947&gjid=989137032&cid=2142570847.1646070748&tid=UA-71374404-2&_gid=1206999907.1646070748&_r=1&gtm=2ou2n0&z=988656711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://helden.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 17:52:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://helden.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25084265.js Show response
bat.bing.com/p/action/ 0
94 B 175ms
174ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25084265.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Feb 2022 17:52:26 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC35B3D24B93498DB6A90AA501D09E28 Ref B: FRA31EDGE0811 Ref C: 2022-02-28T17:52:27Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25084265&tm=gtm002&Ver=2&mid=ab870043-42a7-4c72-a08d-37b062f90b51&sid=315d8d9098bf11ec9bd2c58991aa1391&vid=315da10098bf11ec85a69b47843f0beb&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%F0%9F%A5%87Premiumschutz%20f%C3%BCr%20deinen%20Lifestyle%20%2F%2F%20helden.de&p=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&r=https%3A%2F%2Flookandfind.me%2F&lt=1376&evt=pageLoad&msclkid=N&sv=1&rn=59471
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 17:52:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1E1EA10F19346BD9DBD6419EE10F2A1 Ref B: FRA31EDGE0811 Ref C: 2022-02-28T17:52:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 1F3B 51 KB
24 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=invisible&cb=5mv5q279xr3g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 13:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 21:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 13:56:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 1F3B 357 KB
141 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144239
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 21:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 14:07:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 62ms
27ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71374404-2&cid=2142570847.1646070748&jid=1301165947&gjid=989137032&_gid=1206999907.1646070748&_u=YEBAAUAAAAAAAC~&z=159609086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://helden.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 28 Feb 2022 17:52:27 GMT
content-type: text/plain
access-control-allow-origin: https://helden.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
delivery.consentmanager.net/delivery/info/ 43 B
353 B 68ms
19ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://delivery.consentmanager.net/delivery/info/?id=32157&did=1&cfdid=2&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&o=1646070747643&l=DE&lv=40988&d=1&ct=14&e=&e2=&e3=&i=&sv=28&dv=41&

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 17:52:27 GMT
Last-Modified: Mon, 28 Feb 2022 17:52:27 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
delivery.consentmanager.net/delivery/info/ 43 B
353 B 75ms
26ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://delivery.consentmanager.net/delivery/info/?id=32157&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&o=1646070747644&l=DE&lv=40988&d=1&ct=14&e=&e2=&e3=&i=&sv=28&dv=41&

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Feb 2022 17:52:27 GMT
Last-Modified: Mon, 28 Feb 2022 17:52:27 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 recall_cookie.svg
cdn.consentmanager.net/delivery/recall/ 869 B
775 B 7ms
6ms Image
image/svg+xml 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/recall/recall_cookie.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: a701cd4a9cfc02344ae90ef4adacb3ffb69feb8d5922e324df6383a03b1a9921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: 2GoIXYxlOdg
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 66227
x-77-nzt: AcO1rzXbLRr/swIBAA
x-accel-expires: @1646090920
last-modified: Tue, 08 Feb 2022 14:38:47 GMT
server: CDN77-Turbo
etag: W/"365-5d782acc3a098"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/svg+xml
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: max-age=86400, public

GET
H2 200 cmplogo.svg
cdn.consentmanager.net/delivery/ 3 KB
2 KB 7ms
7ms Image
image/svg+xml 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/cmplogo.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: 3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: br
x-77-nzt-ray: c9Ro1oqndoo
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 66233
x-77-nzt: AcO1rzWt56n/uQIBAA
x-accel-expires: @1646090914
last-modified: Tue, 08 Feb 2022 14:38:46 GMT
server: CDN77-Turbo
etag: W/"62028076-d0f"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400, public

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71374404-2&cid=2142570847.1646070748&jid=1301165947&_u=YEBAAUAAAAAAAC~&z=1447560394

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 17:52:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 75ms
50ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71374404-2&cid=2142570847.1646070748&jid=1301165947&_u=YEBAAUAAAAAAAC~&z=1447560394

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 17:52:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1F3B 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89567d8c6d40b4b724c621cd789d46041d7312ca07647afd0f8ce3939e3631cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=invisible&cb=5mv5q279xr3g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 28 Feb 2022 17:52:27 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1F3B 31 KB
18 KB 45ms
45ms XHR
application/json 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f048b430b696914ef3e8762fd2354311dfd0702e624891b282bee2dfdc57552b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=invisible&cb=5mv5q279xr3g
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18150
x-xss-protection: 1; mode=block
expires: Mon, 28 Feb 2022 17:52:27 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 137ms
136ms Script
application/javascript 2a02:26f0:7100:1af::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
827 B 74ms
35ms XHR
application/json 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613082116632&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A1%7D&cb=1646070748054

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:28 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.ac247e68.1646070748.2c94f4ac
x-envoy-upstream-service-time: 1
x-pinterest-rid: 2147007174846498
pin-unauth: dWlkPU9UQm1aR1ExTnpNdFpXTm1aUzAwTWpaakxXSXhaVEF0TWpZeU9ERXlOekk1T1dJdw
access-control-allow-origin: https://helden.de
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 83ms
46ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613082116632&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688%22%2C%22ref%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1646070748056

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 17:52:28 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ac247e68.1646070748.2c94f4b7
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 7718104918983192
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 88ms
88ms Script
application/x-javascript 2a03:5f80:a::b212:e7c0
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:52:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=84750
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac7...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3298705%26time%3D1646070748152%26url%3Dhttps%253A%252F%252Fhelden.de%252F%253Futm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac7...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac...

0
265 B

154ms
133ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&liSync=true&e_ipv6=AQLR8sxNurrLawAAAX9BdlVBcKJiHgcJ0Sh77HqZcrvgYcXrPpjtoOEm4Xf9BMTDhWskTuAjAxeffvBV2jx9v8CR-pBT4g
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:27 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 72A88ADD7720440FA27F66DA89E3B7EB Ref B: FRAEDGE1105 Ref C: 2022-02-28T17:52:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZF7Y+7HEVFJ6Je6Xllw==
x-li-fabric: prod-lva1

Redirect headers

date: Mon, 28 Feb 2022 17:52:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E21837692C2D4A1F816BB42830F20782 Ref B: FRAEDGE1411 Ref C: 2022-02-28T17:52:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3298705&time=1646070748152&url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688&liSync=true&e_ipv6=AQLR8sxNurrLawAAAX9BdlVBcKJiHgcJ0Sh77HqZcrvgYcXrPpjtoOEm4Xf9BMTDhWskTuAjAxeffvBV2jx9v8CR-pBT4g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZF7Y8nOmcntgJwr58Sw==

GET
H2 204 unip Show response
trc-events.taboola.com/1336307/log/3/ 0
243 B 44ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1336307/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=18&ssd=1&est=1646070747576&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1646070749132&vi=1646070747573&ri=224fc3fcb92369bb5209a4f0a43e0206&ref=https%3A%2F%2Flookandfind.me%2F&cv=20220224-6-RELEASE&item-url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336307/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://helden.de
pragma: no-cache
date: Mon, 28 Feb 2022 17:52:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 core Show response
js.driftt.com/ Frame E89F 2 KB
1 KB 117ms
117ms Document
text/html 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1646070900000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 25 Feb 2022 17:24:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: flWmiApTiRw7GWkHxDz42eUeMPE7Y7O6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 28 Feb 2022 17:52:29 GMT
cache-control: no-cache
etag: W/"dc4df856b101857b6a217ee12e411d23"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: huOu8T6tuVifBwifwkI6PPGrmaVtHMsWvu2vdQL69tjIeLnsls2g5g==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame A336 2 KB
1 KB 292ms
292ms Document
text/html 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1646070900000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 25 Feb 2022 17:24:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: flWmiApTiRw7GWkHxDz42eUeMPE7Y7O6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 28 Feb 2022 17:52:29 GMT
cache-control: no-cache
etag: W/"dc4df856b101857b6a217ee12e411d23"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Tzn4VjCUknpBtK_n0fTUp21nQsqGB7JjCswlV41betwaA4awl1KICQ==

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 28ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1646070746_eb445303bcc78a3f3837ac702f734688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
x-amz-request-id: HANXT6RMYA38AG6N
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: uByOKSTv4KgzazDlhqWfALsPFOjA/uUBGVPOtxMFxYc+NMUvzpFK12U4ypzdqi9IdlMsTEo60/s=
x-served-by: cache-hhn4065-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1646070749.296800,VS0,VE0
date: Mon, 28 Feb 2022 17:52:29 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1270

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 891D
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

267ms
266ms

Document
text/html

184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

8cf1b3a80e452a5d77a2a3a261bbe76da23ebd4238bac41bbe3a9f44d589164a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-2e660d50ff6704ffe386d479dc88d25a' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1080660665868666; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-2e660d50ff6704ffe386d479dc88d25a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1080660665868666; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-2e660d50ff6704ffe386d479dc88d25a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 166
pinterest-generated-by: coreapp-webapp-prod-0a011fb8
content-encoding: gzip
pinterest-version: 5ea3c09
referrer-policy: origin
x-pinterest-rid: 1080660665868666
date: Mon, 28 Feb 2022 17:52:29 GMT
akamai-grn: 0.ac247e68.1646070749.2c950475
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 97
pinterest-generated-by: coreapp-webapp-prod-0a011863
content-encoding: gzip
pinterest-version: 5ea3c09
referrer-policy: origin
x-pinterest-rid: 1109682696565961
date: Mon, 28 Feb 2022 17:52:29 GMT
akamai-grn: 0.ac247e68.1646070749.2c9501fc
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H/1.1 200
OK 01dc4771f2 Show response
bam.nr-data.net/1/ 57 B
322 B 418ms
104ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/01dc4771f2?a=91632097&v=1215.1253ab8&to=MlJTZkFUDRAFVxdYCwsYcFFHXAwNS0QCVgE%3D&rst=3271&ck=1&ref=https://helden.de/&ap=654&be=952&fe=3236&dc=1309&perf=%7B%22timing%22:%7B%22of%22:1646070746036,%22n%22:0,%22f%22:143,%22dn%22:144,%22dne%22:157,%22c%22:157,%22s%22:164,%22ce%22:178,%22rq%22:178,%22rp%22:936,%22rpe%22:946,%22dl%22:939,%22di%22:1309,%22ds%22:1309,%22de%22:1376,%22dc%22:3224,%22l%22:3236,%22le%22:3262%7D,%22navigation%22:%7B%7D%7D&fp=1239&fcp=1239&at=HhVQEAlOHh4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runtime~main.517c53cd.js Show response
js.driftt.com/core/assets/js/ Frame E89F 6 KB
3 KB 8ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:19 GMT
server: nginx
etag: W/"19002c68c29af3a15cd00d2060233d41"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hrmkgX4X4zC5lkp3VrxMghTwrOiI0L1v
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u05Vn98xRApqPsAdhN9I08xSv91dpztSB4XIzSfjY0BYsvap28j1Sw==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 58 KB
20 KB 8ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8t6jZPqQyayFtyLg-SWPT409EFBWXM4VX9hJJqNkfp0V1cfkoEcDfA==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 6 KB
3 KB 9ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GJOAMFVsaOAza9d4PnWYFmJWIqHcoQpR5-PaiSoi5NmiX8dZNYxARA==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 47 KB
14 KB 8ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wvqtCO8alnyc_Dn1b51-kY-1ClyD_RhDFZnlAkwu-HV4gp-H6t9Dkw==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 44 KB
13 KB 8ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iMQ2A3WIfPXS89q8qVSllQYolHTx_Tutg91ie5H5wK5jFaTMsXjzuw==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 25 KB
8 KB 9ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yBHTzzvO92DpC6u3zZbY9P0_VotTdl4bv_YpWnfO7ipggbTJUpYCkQ==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 16 KB
5 KB 10ms
6ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7U6347sai4hpUgS-XmMtnpJ-XrohH1NBJwB-5nzFw5eJjC5yVSb3XA==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 72 KB
22 KB 10ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 4759126
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DnVinUf6cR0281T306J5ftaCT2rvMFhokhvDwLsAcjLi9L_480UmBw==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 16 KB
6 KB 10ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1-oOL4r3gCal_hDQTGIfDkXXyL9jK-tV3W2oUrtsY1zLohVAaayPfA==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 59 KB
19 KB 11ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 5416766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MSiQ56sT7tnP-6ovcfMSrlMYM0lceYzg7qngeQpG3jHHuECsWvUWDg==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 91 KB
28 KB 11ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JfTB-fsDZHLb-hweksgU-xxtMBzYIKtYlzwJncCyDMEXC-66jIYAFQ==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 24 KB
7 KB 13ms
10ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0gBoGn4XbjmlfWKV_relwNMYEmlO3QgeIOu0inVZEaR5IgblLXe-9w==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 62 KB
20 KB 13ms
10ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K_pJAb7XshmF7KAVXtbjcKuNY-epQV97oyeBFyOMPQMkttWi2avOGg==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 105 KB
34 KB 15ms
12ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tGHljTXadq48_jUcHc5Yg08ffSpx85X9S2UtzVFPyrWlj6XM48GwwA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 12 KB
4 KB 16ms
13ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oPY60LV-ALFzy7RrOeuoVbkY-dCALZcqshxeG2tUKv3hua8uWCSa-Q==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 12 KB
5 KB 16ms
13ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: trfTkRT2Hsqzt2rUOk0Z6f2HfXgbdfyeLFbuor9nSBpQj5QKh4B-9A==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 17 KB
7 KB 17ms
14ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Of2xKOCJSV0nwNxJaNEt6yDjeaMkdnwewgWOm8qlgibI_OyysbRbQg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame E89F 11 KB
3 KB 16ms
14ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2qRyZAc2BJB0wSwmt-I2Z2RLpdiwAsrxCa2Raaj_wlIljnIVptUI7Q==

GET
H2 200 8.14761f6a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 69 KB
22 KB 17ms
15ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.14761f6a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:18 GMT
server: nginx
etag: W/"d7e7ac040cc38a4014be2dac5911f809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1S_vUKzB1dNvDRU9IvHgH4WqU0q.qWdi
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oEC8qqDKLWyEjReb-wCt0hSq9jqoJRHOpWtQmKU1oSGJAfsfRcw-GA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame E89F 24 B
667 B 16ms
14ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nmv584dfnMZEgp58hP-JZ6wuMEoZ-Y4Elx-u5WuesBJAUgiZB1C2nA==

GET
H2 200 15.7662c098.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 75 KB
19 KB 17ms
16ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.7662c098.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4cdfcf8a0153b5f113c1c52b9d1561e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B_P689676Qm.H7C_2wNidWTRmsrF5U63
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TuJVRYGaB5GEWCVVmRmUrbNF6gYbJDgr58miog_2vmuxsq4RYISrCA==

GET
H2 200 22.668b8a5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 47 KB
13 KB 17ms
16ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.668b8a5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4aa1ed4965ed229dc887a387dbb0e750"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk7pdJKMde0rW3fGmZfi6D0Xi5DBuQ1x
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zQ0IQH1AoFWQq-RsizEKuyIoWGQ6RTxB9gF95F0zdO5LyFYFWZMo5A==

GET
H2 200 13.c0ad52b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 41 KB
13 KB 17ms
16ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c0ad52b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"8f231ce9b25513cb1a87fe2de43ea370"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zMcMlBp5vkU_F7nnrBOdt_lOKr9xUiq_
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oyRHFV-iSSJqoOLY4bMnQ7BGyQX7wSr4FSmzp5JdqqVrtfuhmB9cqg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 9 KB
3 KB 8ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EQZ03PQi4qGuz2HB_3whxDm9734PtBsCse-muvne73CrZYYwRCDl7w==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 33 KB
10 KB 8ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fiqOPsNObhodhj2MugVWs2MgT8x8ISyCqsIiA4WAfY6UhX89Osyu3w==

GET
H2 200 25.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame E89F 8 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bxrqjBCKX9ERzz7WjftbPaYdOBk8_KxN
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ey17JQfZEfV1QPGgqSvkn5Yipl07h5tTa6c1QfdOcbUEo8zz9bH3kQ==

GET
H2 200 25.2e3c0d77.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 12 KB
5 KB 17ms
17ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.2e3c0d77.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1a938735cf14d8329a7b1c12b0a4ed99c3d9f43aba11d1fc326cc5a3159250f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"ae2dc5d2abfa8c0d45e495347a15f6de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bi1OJyoFIiF9itfH_IKgFqEuho_2zhIU
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nfM9LMV0ck_mJFHHYzPr72rcoXwzfRajuHVwzsy0qB11cGth1Nrr7A==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame E89F 365 B
1009 B 17ms
17ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KXeQizzMrf4NOUYM62Ifgo1WhwOKSck54xfHUZfoXP8T7DxzAR52hw==

GET
H2 200 19.dbf97669.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E89F 85 KB
24 KB 17ms
17ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.dbf97669.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=56d50c3a-4cb5-4075-b8fe-62c4313e005f&sessionStarted=1646070749.261&campaignRefreshToken=1a35be3e-0a91-46e6-9b2b-8d47011d5af4&hideController=false&pageLoadStartTime=1646070746982&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"e5d01e169fc99a46f4cbb5ef34e481c4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1C7KEcTG69elg1eC9vdIkv1xid1OAtru
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ie1JjQcI0YllOn7q3t-VAL9rWXHzsZQllTEV501oFX-xDTkzxfywgg==

GET
H2 200 runtime~main.517c53cd.js Show response
js.driftt.com/core/assets/js/ Frame A336 6 KB
3 KB 7ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:19 GMT
server: nginx
etag: W/"19002c68c29af3a15cd00d2060233d41"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hrmkgX4X4zC5lkp3VrxMghTwrOiI0L1v
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xChNKFs5VAf3ABoM0J6yn4Lcg_u0QwbQyd1gtGYki7k_1gApm0-rPA==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 58 KB
20 KB 8ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UW4wK2bCtLajSMopNJOZ7uiAWQVUzgPEjvamYZFXkmTQRhoXVE_yXA==

GET
H2 200 main~493df0b3.91d188cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 6 KB
3 KB 9ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.91d188cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:19 GMT
server: nginx
etag: W/"364091b90499473799e7470f551ae597"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1JY.0LVfNng8iNIWI44BrilEq.Gn8MTC
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yOrMNFMYS5VLsbthjn7yEnxCKD93nKTw0bdTIhHwb28bWvWH4CWrNg==

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 47 KB
14 KB 8ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SIJLtOk7PXIgJIf54NBJQngGjZ1AQW3g
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _qHJwNrd0kPY-a9V-7FxaZsszUvloYpjUQuiRymIFIl03WDN8dkzEA==

GET
H2 200 18.8ef42267.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 44 KB
13 KB 9ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PPtTtdSpBOSMBefYfR5Bd8WyV1q0GYxHFT9HuzJLQEPY0Uzm1BD_aA==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 25 KB
8 KB 9ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o8cOmfm32T_E53VbEIa-dx1IFlyejFcD84XAR_F3_bwxvtgIXOqzVA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 16 KB
5 KB 9ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cFaYEXNUj7-5Ob83I4h4VtCrtSUZJSIVpdEW9Y0Sy5EBQQ6Z2ai2DQ==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 72 KB
22 KB 9ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:43 GMT
content-encoding: gzip
age: 4759126
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KnFSWGFHBbM_YiLTkeT0_LDiX31bjsusYC0Xjz8h-G9zVkwhigY3rw==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 16 KB
6 KB 10ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CeESJkccO-jvhl8kRJas2TodwxW4HNRGr9_ZxrViMBwfVsYmMMLdZw==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 59 KB
19 KB 10ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 01:13:03 GMT
content-encoding: gzip
age: 5416766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 23 Dec 2021 18:12:25 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Bdv9za4ewi1R4NTlGUkoo6fm44Zvqf4Q6DoqE7xJ9vkuRehOutuoOg==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 91 KB
28 KB 11ms
10ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AJ2-C0EeHUyCrfvLiOpyDL5JXTlQ-9uTUNu_CFKLdBmWzVAA_vewWw==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 24 KB
7 KB 12ms
10ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fy8ariG_Hac9cKPeY76Yzmedqd9VIlwOtpfXIbaFkCLECb_h8CRVNg==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 62 KB
20 KB 14ms
12ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jyA4_gphDvrDttFNU-x-R1A9IYDBqtKBsHdcaMfF0MtlheACoqj9MQ==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 105 KB
34 KB 15ms
13ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zPzW11YOqEPGvtYFWseAB_s6xfTkWl8Lpbpx4bdXccLOuyjAPSgCpw==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 12 KB
4 KB 15ms
13ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RP5DeGajK2p5-Y53MmNlfX252fDPPb242qRDL748E-RgXTJVv5kL6w==

GET
H2 200 26.d9eb886e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 12 KB
5 KB 15ms
14ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4oD98gkvtHh51iIVUGs4iSxldN6dDpjOS28oXJweMa3vJo7-gN4WaQ==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 17 KB
7 KB 16ms
14ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NwTNH4i4nbd1-nICaz79AzDYhBjh7AX6dTHa_jnXNWlO0plgq1xgfg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame A336 11 KB
3 KB 15ms
14ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8FzmLVoRu0Pzie_QRNKX7ZmDNE6S-ewPOJQhRHjWJmaqk7cPsBRspw==

GET
H2 200 8.14761f6a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 69 KB
22 KB 16ms
15ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.14761f6a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:18 GMT
server: nginx
etag: W/"d7e7ac040cc38a4014be2dac5911f809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1S_vUKzB1dNvDRU9IvHgH4WqU0q.qWdi
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WobxaignOq6B1p5CqP7xN1slI7jv0Vi4d4o_aNfppBvBRN7YtVYKeg==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame A336 24 B
668 B 17ms
16ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
age: 4759128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PSyZtdELyZvGSG0y44P0LxpFhu3Z-a47b1zdFtIEYvGUBd4M93EUEg==

GET
H2 200 15.7662c098.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 75 KB
19 KB 17ms
16ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.7662c098.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4cdfcf8a0153b5f113c1c52b9d1561e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B_P689676Qm.H7C_2wNidWTRmsrF5U63
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IISqqK93Y9CBdC4bB1UYCsSSSTQhgMPnVcl9kS-Z5ULHPfbjkVN90w==

GET
H2 200 22.668b8a5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 47 KB
13 KB 17ms
17ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.668b8a5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"4aa1ed4965ed229dc887a387dbb0e750"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk7pdJKMde0rW3fGmZfi6D0Xi5DBuQ1x
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9ePcol4DgwRBH2D8yK7sYIC6j4p6LfZKH4Mou9O7XWB9v9RVVl6N-g==

GET
H2 200 13.c0ad52b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 41 KB
13 KB 18ms
18ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c0ad52b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"8f231ce9b25513cb1a87fe2de43ea370"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zMcMlBp5vkU_F7nnrBOdt_lOKr9xUiq_
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YEPaCpYqyFK0RVYhTJxdw-hnIa1ScncK3jFpUD8-BArhAVhdwPfpsA==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame A336 3 KB
1 KB 8ms
7ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Okq2bH1J23LQFF9Zu2N_-jIgpCxFAogcSzYDn9_KlOHR3e4c0oPtFg==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 3 KB
2 KB 9ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:05:36 GMT
content-encoding: gzip
age: 3361613
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 18:53:54 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qEIcJ5RodjqOI9Qhp5DYGa-w6MQQ5a2jV7QSsd1Ityu45NbSr99wsg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 9 KB
3 KB 8ms
8ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dfc1gKiWkFbYk-pH6lYDr5wYFWKsx2S9f_-XMS5BOUDtk7ESoa0RxA==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame A336 7 KB
2 KB 9ms
8ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7v8pIKu-iW1TcEN0lofDrWMSjTABDHd6nxie2qjAvaZAXEglkP8gKQ==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 54 KB
16 KB 10ms
9ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 4759127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DYBORwGzpFeTns_lj-1kSUPBCO_4i6M-pJoaK1UF7E4bQlrCeFV6WA==

GET
H2 200 1.e250bb71.chunk.css
js.driftt.com/core/assets/css/ Frame A336 44 KB
7 KB 10ms
10ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e250bb71.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 2079449
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"2b7f0e5ff08649a2d71db9fdde0609ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U0zOe09_ThzYcAoSvmLbLojXTsJVu6PB
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UIdR5D4WMgPcXH-7ySuNAMjcoQAvj5uwsvlK2zcPKujjZ9p9AdhyOQ==

GET
H2 200 1.19a2e22a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 71 KB
24 KB 11ms
10ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.19a2e22a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

8d06b89fce1308b54fc204a2ea41e96ad6a034c075dbf396eea0611b71ffa7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:15 GMT
server: nginx
etag: W/"e1ca1e814dcbca2657c8795cba51dab9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H3WkY2wyImzg96kEeVoZBSZ5Xs5uT9xg
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EOartvQVtIVSRvmSirPbiXL4yR4X1_Fm4vyao9YyLf-3QV0bQziagg==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame A336 12 KB
3 KB 11ms
11ms Stylesheet
text/css 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 2079449
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RY0fkA5btMCkQ17rCD7JTKc_4CBDXo-RKpRq2PzKe9qQMYIYBl5fhw==

GET
H2 200 30.06ea9e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame A336 12 KB
5 KB 12ms
12ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.06ea9e6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.517c53cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-47.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

78913609a9836662923c497915aa1e3804160e068c21f01bb21e0a3d6582886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1646070746982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 17:24:58 GMT
content-encoding: gzip
age: 260851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Feb 2022 17:16:16 GMT
server: nginx
etag: W/"9ad3e8e9ed7458e666e1cdccbf6fdfed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u1oYyEHPReh5D_oj3y6CAtENmhC681Wu
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BTsEAFfx6AFajAQgs9nBPraqVCK5kWOYK-3egQAB34I9gzVI8tAotw==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame E89F 25 B
146 B 117ms
116ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Feb 2022 17:52:30 GMT
server: istio-envoy
requestid: 31cf90f340be705e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 321ms
104ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 28 Feb 2022 17:52:29 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift97fcdf24480aaea69d913be32e4
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 303ms
101ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 28 Feb 2022 17:52:29 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftf0fb0084c2eb7d7d0cba6cca8c0
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame E89F 126 B
246 B 102ms
101ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

2dc1572e1265760dd29d3751371f98026681e0bd04bc8febfa0fcc57fd01241b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Feb 2022 17:52:30 GMT
server: istio-envoy
requestid: 5283897da35a5840
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 126
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 891D 0
4 KB 135ms
134ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1080660665868666

Requested by

Host: paramountpluu.com
URL: http://paramountpluu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-85346055359a106f97f885e1b8931adc' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4417423542212724; frame-ancestors 'self' , script-src 'nonce-85346055359a106f97f885e1b8931adc' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4417423542212724
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-85346055359a106f97f885e1b8931adc' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4417423542212724; frame-ancestors 'self' , script-src 'nonce-85346055359a106f97f885e1b8931adc' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4417423542212724
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.ac247e68.1646070749.2c9507c2
content-security-policy-report-only: script-src 'nonce-85346055359a106f97f885e1b8931adc' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 32
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 4417423542212724
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 5ea3c09
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 28 Feb 2022 17:52:29 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0116fe

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 891D 0
4 KB 142ms
142ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: paramountpluu.com
URL: http://paramountpluu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-245fe1670b92f9fd0477ae239832d222' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6050296648679726; frame-ancestors 'self' , script-src 'nonce-245fe1670b92f9fd0477ae239832d222' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6050296648679726
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-245fe1670b92f9fd0477ae239832d222' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6050296648679726; frame-ancestors 'self' , script-src 'nonce-245fe1670b92f9fd0477ae239832d222' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=6050296648679726
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.ac247e68.1646070749.2c9507ca
content-security-policy-report-only: script-src 'nonce-245fe1670b92f9fd0477ae239832d222' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 33
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 6050296648679726
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 5ea3c09
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 28 Feb 2022 17:52:29 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0112f9

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 891D 0
4 KB 198ms
198ms Other
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: paramountpluu.com
URL: http://paramountpluu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-945eec8a72fd68fc72aeeb87309dc3c5' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1591297239350081; frame-ancestors 'self' , script-src 'nonce-945eec8a72fd68fc72aeeb87309dc3c5' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1591297239350081
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-945eec8a72fd68fc72aeeb87309dc3c5' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1591297239350081; frame-ancestors 'self' , script-src 'nonce-945eec8a72fd68fc72aeeb87309dc3c5' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1591297239350081
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.ac247e68.1646070749.2c9507d3
content-security-policy-report-only: script-src 'nonce-945eec8a72fd68fc72aeeb87309dc3c5' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 80
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1591297239350081
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 5ea3c09
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 28 Feb 2022 17:52:29 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011f56

GET
H2 200 h8eubnf2kys7.json Show response
embeds.driftcdn.com/embeds/ Frame E89F 11 KB
5 KB 424ms
391ms XHR
application/json 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/h8eubnf2kys7.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 383c85e04fc02a5b649c9eb074df667c953a0c707486f7a1b9fe90aa8005c42c

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 17:52:31 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 28 Feb 2022 16:58:44 GMT
server: AmazonS3
etag: W/"da5ffeabebce8dbad3e8fa9ecb14a64b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: oJRMjO0xdT340iIsmjvgWWsmgGpchNugjSsiEfVUqOvrJQovowLFsA==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame E89F 25 B
88 B 118ms
118ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Feb 2022 17:52:31 GMT
server: istio-envoy
requestid: a4f137b92b4993b6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 103ms
103ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 28 Feb 2022 17:52:31 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift75dfc4f4295bbfc664926ae2752
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 204 unip Show response
trc-events.taboola.com/1336307/log/3/ 0
242 B 13ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1336307/log/3/unip?en=pre_d_eng_tb&tos=4558&scd=18&ssd=1&est=1646070747576&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1646070752133&vi=1646070747573&ri=224fc3fcb92369bb5209a4f0a43e0206&ref=https%3A%2F%2Flookandfind.me%2F&cv=20220224-6-RELEASE&item-url=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1646070746_eb445303bcc78a3f3837ac702f734688
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336307/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://helden.de
pragma: no-cache
date: Mon, 28 Feb 2022 17:52:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 05:33:42	Name: _GRECAPTCHA Value: 09AKRA80_huOUhM_OEEYARzyP-1rRnerEDPZACDbNtU2Ry2LZpGKHqvNIrnOu1oUVg956ktRIxPSM3CUJdUBB2H0s
.paramountpluu.com/	1970-02-13 21:45:54	Name: sid Value: 2fb8f87e-98bf-11ec-943c-5e0bad3ef871
clever-redirect.com/	1970-01-20 01:15:57	Name: c117f0622f03d99aab5423f9b8f953ab Value: ca17c9e7a0dacda749859bd91e2aca6cec604ba5f7adb223f4537e2d37befe51a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22c117f0622f03d99aab5423f9b8f953ab%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
lookandfind.me/	1970-01-20 01:15:57	Name: 3e864b9c418f9203b44891786f5cab70 Value: 0702da0940a31c3540fe8c5174a49ebcadfa1afeb9c0cff47c843ec0de903ebba%3A2%3A%7Bi%3A0%3Bs%3A32%3A%223e864b9c418f9203b44891786f5cab70%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.awin1.com/	1970-01-20 02:40:54	Name: aw14361 Value: 926315\|0\|0\|1646070746\|87f5d5e3e9fa809e400cef1559da615a\|aw\|0
.awin1.com/	1970-01-20 10:00:06	Name: bId Value: HLEX_621d0bdae73663.55191574
.helden.de/	1970-01-20 02:40:54	Name: a_ident Value: affnet.14361_1646070746_eb445303bcc78a3f3837ac702f734688
.helden.de/	1970-01-20 03:24:06	Name: _fbp Value: fb.1.1646070747498.1742618208
.bing.com/	1970-01-20 10:36:06	Name: MUID Value: 24F2F0403E7460FD2DA1E1193FD86134
.helden.de/	1970-01-20 18:45:42	Name: _ga Value: GA1.2.2142570847.1646070748
.helden.de/	1970-01-20 01:15:57	Name: _gid Value: GA1.2.1206999907.1646070748
.helden.de/	1970-01-20 01:14:30	Name: _gat_gtag_UA_71374404_2 Value: 1
.helden.de/	1970-01-20 01:15:57	Name: _uetsid Value: 315d8d9098bf11ec9bd2c58991aa1391
.helden.de/	1970-01-20 10:36:06	Name: _uetvid Value: 315da10098bf11ec85a69b47843f0beb
.t.co/	1970-01-20 18:45:42	Name: muc_ads Value: 0b8be245-e3bd-4f9e-84a1-4c4fa1c2873d
.twitter.com/	1970-01-20 18:45:42	Name: personalization_id Value: "v1_typiSQhpDvWAOqiiQQEoOw=="
.helden.de/	1970-01-20 01:34:40	Name: __cmpcccu20848 Value: aBPVInaUAAgAzAEgAuADAAOAAggWBACIMQX94A
.amazon-adsystem.com/	1970-01-20 06:24:06	Name: ad-id Value: A1ikbHCWvE7woJ_lQ1X-SEQ
.amazon-adsystem.com/	1970-01-21 21:50:01	Name: ad-privacy Value: 0
.helden.de/	1970-01-20 10:00:06	Name: _pin_unauth Value: dWlkPU9UQm1aR1ExTnpNdFpXTm1aUzAwTWpaakxXSXhaVEF0TWpZeU9ERXlOekk1T1dJdw
.linkedin.com/	1970-01-20 01:57:42	Name: UserMatchHistory Value: AQJQBdfKhpch8AAAAX9BdlRLtbR27NZSyU-KHsS0XNc_dlm7KIs16L7r_eFO2YY04zQt8M7lu2Sx5g
.linkedin.com/	1970-01-20 01:57:42	Name: AnalyticsSyncHistory Value: AQKHxHjZxFARPgAAAX9BdlRLvCUp71V0sTu6QmJTZqSUAG64DbRlhS0Dlc6UQA42jx8F-NHyYelLTRo5akiq_w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:46:24	Name: bcookie Value: "v=2&5d88a2d6-60ae-4560-831e-5cbbff7dd834"
.linkedin.com/	1970-01-20 01:15:57	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2308:u=1:x=1:i=1646070748:t=1646157148:v=2:sig=AQFN5ETJF2A7apOh1M52_tO2JVIAPodD"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:46:24	Name: bscookie Value: "v=1&20220228175228a4ddcab6-cd58-4555-8b53-ad3dfc35e993AQE8zqfEKrEV9HLT3JNaSgv_Oqwu0ee8"
.linkedin.com/	1970-01-20 18:41:44	Name: li_gc Value: MTswOzE2NDYwNzA3NDg7MjswMjEE8yrRjBqsmwDuwXm+7tLXv2iJ1TR1J2JZGp6RRGS6kQ==
helden.de/	1970-01-20 01:14:32	Name: drift_campaign_refresh Value: 1a35be3e-0a91-46e6-9b2b-8d47011d5af4
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4f7377727615efc8
www.pinterest.de/	1970-01-20 09:52:54	Name: _pinterest_sess Value: TWc9PSZXWmpQNm00SlhlZnFaQTVETW5ORkpRcnBpZmZNSzk3bkdIMjVlY1RVeHRLWEg2NGQxOWpUeTZwRDdyM0tLbHBDYlcrMHhaWm40cUwvNGhSb1U3ZjIrWlR1OW9sc3hndjJLMUpVby80Qjhobz0mV0Q1Z2wyMy8xVHlKQzh5YWw3SXpLNHZyanpFPQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-2e660d50ff6704ffe386d479dc88d25a' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4773.booknower.com
aax-eu.amazon-adsystem.com
ajax.googleapis.com
analytics.twitter.com
b.delivery.consentmanager.net
bam.nr-data.net
bat.bing.com
bootstrap.api.drift.com
c.amazon-adsystem.com
cdn.consentmanager.net
cdn.taboola.com
clever-redirect.com
connect.facebook.net
ct.pinterest.com
delivery.consentmanager.net
embeds.driftcdn.com
fonts.googleapis.com
fonts.gstatic.com
haftpflichthelden.de
helden.de
images.provenexpert.com
js-agent.newrelic.com
js.driftt.com
lookandfind.me
metrics.api.drift.com
paramountpluu.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trc-events.taboola.com
trc.taboola.com
w.likebtn.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.pinterest.com
www.pinterest.de
104.111.239.217
104.206.252.90
104.244.42.3
104.244.42.69
13.107.42.14
141.226.228.48
143.204.95.188
143.204.98.47
143.204.98.58
151.101.1.44
151.101.66.137
157.90.169.168
162.247.242.20
184.30.24.193
199.232.136.157
212.32.237.90
2606:4700:10::6816:4c41
2606:4700:20::681a:b29
2606:4700:20::ac43:48bf
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9b
2a02:26f0:7100:1af::1931
2a02:6ea0:c700::4
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:5f80:a::b212:e7c0
34.102.224.29
50.16.7.188
52.95.126.160
78.46.197.88
87.230.98.74
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f
024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d
03c4f2b89d1049249d29f0662b40f3006fb604f02e0711216088750a1e675a6c
04f71eff37723c234b63d007d7b38f768f97260702c78056b8fc474812b15ce7
050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
088a021299cdae3933d232a2bfc8dc5800fda02156bdfea4353505219357808b
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
0f3829be787e96cffa3ccf0a0f4f388c8ab5f1d4632fe5ca23a7aa27baa13446
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb
14246cc72e1f9ed27dbe227d911bf322aecb62e4a52c9655a60237e71d4211d6
160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22
1787cb259c57ce6cd27152c77d90363b2917ff8b5f34dd377f691042d787e408
17a4340550389a05ed20a5ec7bda4441ba5d1e7a72944f8771545a7d9707a09a
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1a938735cf14d8329a7b1c12b0a4ed99c3d9f43aba11d1fc326cc5a3159250f0
1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa
209ae5b444d29976b7f851083b4d2330894d690cb66527751e501ca43ec289b2
20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6
22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008
22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2
26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad
2acdcdcfd9fa284a9b1403afb193fbb16da2a2ce478064f693cdcec93a9d680d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dc1572e1265760dd29d3751371f98026681e0bd04bc8febfa0fcc57fd01241b
2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e
300bdd3fb2fff5742f615c018430e6edbfcfdd29059da83d79a721523c799aa9
32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a
341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5
36a812e3009bc06685082e8b416e86c3998ba3a177fa6a325c3d202544f5d72c
36e5b9216b250c80257116d463056200a691f59331c9766e417c0cd4376e394b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
383c85e04fc02a5b649c9eb074df667c953a0c707486f7a1b9fe90aa8005c42c
395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705
39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf
39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9
3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
42bc9aaebd691553a360489b734df085e287eaeffd4414a9c4e04617904a85b0
45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec
46a604a6cf686570c4284c09f1b500551b528c19be1363d264d3d82e50c332a1
47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4b66d4e90c31bda7e0783f5a7762ce14ca67a5a4757d64d88bed5cbbec250f77
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4ef9c780b5550e3ef3ba00bf472540197d0e08950d195038038b31635594e7c8
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
519dfef52b536231050f7dbb5396d27e4846a21579316daae3cb86b441c41448
5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389
53080eca44bc02b841d154e159fa515224b4fbf395c7fc9293aa7352c0e76a8b
536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c
5ba9bb26b083f8a712458b673f21ba8d2803ec04e8dc37d19ae286bfb6c60943
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8
61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581
631bbb9222aa4b34439b69e2988652ede383ca956d79eb5fa6a69e69854c2e5e
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
67339ddd57bfadccc7db0301c04748abfd5fe9f6ea21b0b9afa5e03aeb080fe6
6754bd59e77debd17bde0e93a50f3e0c70322c34fd3496dc3f19167db71d77d8
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
6928cc4d50cb193b1c5d09343ecae72c20af5da0483e28b7c48a4c77e0f6d3c3
6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1
7168a10e18e557428a70c14114d7f68fda18f51039ea0b236ad01c39b576c3a4
71e1226f24b5f77f506b29f8bb278e37f2ead9d6fe3a217f0c9b320072431435
73047d352c4ebae295da9e02e0982f42d7b1f3d8c5645b0d576879ce4ed7dc0a
73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a
7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6
78913609a9836662923c497915aa1e3804160e068c21f01bb21e0a3d6582886e
798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5
7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169
7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7
7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed
7edee88862109a0b709cb1801cccd10f6460971dbb1afc945abb81c17bfca85e
7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6
7fac9a43ab09cf21eafe26af20439d52313fa761cf6100c10ef950a6af22f7d4
8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
815f5b030ee6f911a0a1946d04161c81269dee966627bbd30ac0e0e131f24cf9
8293d3117e7ed170062e6f5c1c3a14f01d72c7f6dab57dcf79bffbe9825f2656
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84a55ebffa78c909590dd52162e0ceb742d142d929c8db41578c01a165a71e9e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41
89567d8c6d40b4b724c621cd789d46041d7312ca07647afd0f8ce3939e3631cc
8bf428595fc6bc680e8823567c5fc438c87d239b74db2373d423440d8f55e738
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cf1b3a80e452a5d77a2a3a261bbe76da23ebd4238bac41bbe3a9f44d589164a
8d06b89fce1308b54fc204a2ea41e96ad6a034c075dbf396eea0611b71ffa7a6
8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e
8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303
8f916d03d31f0da7a2dd9a9f72f2da64cee02298f75d827d1369ebe856b7b021
90552459d67fda6dbde7d45235c4efce201a250a726d60cf3ad60a64f6a0e81d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b
935b7f7d141f2bea994d54b9d709d5f15ebb6bce6b73f02b1f59ee40df8eabcd
95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b
96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644
998cd3cb10d4cc054aaf25824f3a9cf37526441124d9d98277937b76fb738604
9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df
9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a
a5462bc6a4998204c89a2c60fae6753af3ab356e53b3d454a6c70bbae64c2bdb
a55eb96ad9952ebf2d6e42d4f44565d00ebe4a6ea1171e4d4dcaa6a653081c9d
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a701cd4a9cfc02344ae90ef4adacb3ffb69feb8d5922e324df6383a03b1a9921
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7
b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c
b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151
b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f
b56baa149b3c57892a87f524848341b20dee79b198cb30f80e53cc480eb7d066
b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d
bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92
c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b
d0140fb02b20c12a1743ca95ef1e7afb7423bbb3b93ac32f3392d013b23664db
d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d1b077ad91dc6d449f971f581046afff929ab4f742fdfdb7c3017418425c9a56
d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d4ee0c2b51d6acceeda15819fc68ef5eba47b81724410b0797400b01bccb28d6
d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a
d9eb312999bd404e2f08d1d0181f76d89b107e7066eeca64667e44ed712178af
db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165
dcfc540946183ee12e6ccb43e706ad1a30b4f0205c25adcfa316829075f94a31
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c
e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f048b430b696914ef3e8762fd2354311dfd0702e624891b282bee2dfdc57552b
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533
f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f5a042d589b14eabc1bc3426dde107c2aa18e3b458d12cfc1b244854e17a0f43
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f74d9d086da77d57a9c1ea196d0fa7b7efc8cde3ee9603c277d524c9b41d3473
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9163f3372bf09f2bcb3c8fa8b218443c557dbb32c78a36ee9221ca5abf8b193
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

helden.de Open in urlscan Pro 2606:4700:10::6816:4c41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

99 %HTTPS

48 %IPv6

35 Domains

46 Subdomains

37 IPs

6 Countries

4305 kBTransfer

9144 kBSize

31 Cookies

13 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helden.de Open in urlscan Pro
2606:4700:10::6816:4c41 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

99 %
HTTPS

48 %
IPv6

35
Domains

46
Subdomains

37
IPs

6
Countries

4305 kB
Transfer

9144 kB
Size

31
Cookies

226 HTTP transactions
2 data transactions