k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
193.168.252.2 

URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Submission: On October 15 via manual from DE — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 193.168.252.2, located in Germany and belongs to NESSUS, AT. The main domain is k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de.
TLS certificate: Issued by R3 on September 14th 2021. Valid for: 3 months.
This is the only time k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 193.168.252.2 47692 (NESSUS)
2 2a00:1450:400... 15169 (GOOGLE)
2 51.89.65.42 16276 (OVH)
1 34.96.122.219 15169 (GOOGLE)
1 185.181.105.108 48596 (INWX)
1 2 136.243.10.236 24940 (HETZNER-AS)
7 2a00:1450:400... 15169 (GOOGLE)
15 7
Domain Requested by
7 fonts.gstatic.com fonts.googleapis.com
3 k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de 2 redirects
2 emma-ld.de 1 redirects k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
2 jobmatch.pro k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
2 fonts.googleapis.com k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
1 ps-news.de k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
1 mcusercontent.com k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
15 7

This site contains no links.

Subject Issuer Validity Valid
www.apl-track21.de
R3
2021-09-14 -
2021-12-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.jobmatch.pro
AlphaSSL CA - SHA256 - G2
2020-01-17 -
2022-01-17
2 years crt.sh
mcusercontent.com
GTS CA 1D4
2021-08-27 -
2021-11-25
3 months crt.sh
www8.web-server.biz
R3
2021-09-05 -
2021-12-04
3 months crt.sh
emma-ld.de
R3
2021-08-18 -
2021-11-16
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 1 frames:

Primary Page: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Frame ID: F10F1F69C68C9DB35B9256709D757C45
Requests: 15 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

93 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

227 kB
Transfer

253 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/d/d.png?q00gyi4yb6g7nkbih0000lzy000000000mjitoh01014 HTTP 302
  • https://ps-news.de/trackingpixel.png
Request Chain 6
  • https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/d?q00gyi50000000bic0000lzy000000000mjiu2wq1014&emmrcid=32620245 HTTP 302
  • https://emma-ld.de/l/4028d0837c314dff017c82f9b2ab40ba?emmrcid=32620245 HTTP 302
  • https://emma-ld.de/p

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
18 KB
5 KB
Document
General
Full URL
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.168.252.2 , Germany, ASN47692 (NESSUS, AT),
Reverse DNS
smtp01.alphadial.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bf8b79cd38db05da854b28f2f0607e44e5e589fa57fae996cf041d855f7ce486

Request headers

Host
k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 10:55:28 GMT
server
Apache/2.4.18 (Ubuntu)
x-robots-tag
noindex, nofollow
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
content-length
4803
connection
close
css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
Requested by
Host: k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
028a9537e7b98a899768812f6cef683e7c3db4d14fdc1b34056e2e874b3cbee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 10:55:28 GMT
server
ESF
date
Fri, 15 Oct 2021 10:55:28 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 10:55:28 GMT
css2?family=Lato:wght@300;400;900&family=Open+Sans&family=Roboto+Condensed:wght@700&family=Roboto+Slab:wght@800&display=swap
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&family=Open+Sans&family=Roboto+Condensed:wght@700&family=Roboto+Slab:wght@800&display=swap
Requested by
Host: k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b7958d4f550734c28f6c860caeac37f097b912f08151ea886af96e14b3d6ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 10:55:28 GMT
server
ESF
date
Fri, 15 Oct 2021 10:55:28 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 10:55:28 GMT
jobmatch-logo-email.png
jobmatch.pro/img/brand/
6 KB
6 KB
Image
General
Full URL
https://jobmatch.pro/img/brand/jobmatch-logo-email.png
Requested by
Host: k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.65.42 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3160403.ip-51-89-65.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
b2fdd6a13ef8a8ed1681767a6786f9edcfb540075dbf374add75e8b53c6ef7a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 10:55:28 GMT
Last-Modified
Thu, 25 Feb 2021 08:05:42 GMT
Server
Apache/2.4.25 (Debian)
ETag
"18b0-5bc249e3921ab"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=100
Content-Length
6320
8a92e01b-9854-4236-9ba6-0aedcb205905.jpg
mcusercontent.com/93c9d8264d3034ace79bfe5f6/images/
50 KB
51 KB
Image
General
Full URL
https://mcusercontent.com/93c9d8264d3034ace79bfe5f6/images/8a92e01b-9854-4236-9ba6-0aedcb205905.jpg
Requested by
Host: k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
81bb256abd3c108d4c38dfca5b3121bc1fc13eb0a3a93fe9b3da22eb9c5e88d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 10:04:18 GMT
age
3070
x-guploader-uploadid
ADPycdsTZJ5RLL9blD9hnyxYY0yw76SO1on0Puk1D09cnxeI5FICYsPRKb3iUjdOaxlhKsk5n0mTqgF5hXaAyO-ZNWI32Ed_yg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51370
last-modified
Tue, 09 Mar 2021 12:08:44 GMT
server
UploadServer
etag
"09f8911a9436937a3723ba4418824b6d"
x-goog-hash
crc32c=Mb2aaA==, md5=CfiRGpQ2k3o3I7pEGIJLbQ==
x-goog-generation
1615291724118011
cache-control
public, max-age=3600
x-goog-stored-content-length
51370
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 15 Oct 2021 11:04:18 GMT
ps_sign.png
jobmatch.pro/img/signatures/
5 KB
5 KB
Image
General
Full URL
https://jobmatch.pro/img/signatures/ps_sign.png
Requested by
Host: k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.65.42 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ns3160403.ip-51-89-65.eu
Software
Apache/2.4.25 (Debian) /
Resource Hash
ea980d72accf91f13a27391f7c98c219929d0f47a6c40da686232e25b5cd8e91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 10:55:28 GMT
Last-Modified
Thu, 09 Jul 2020 11:27:22 GMT
Server
Apache/2.4.25 (Debian)
ETag
"13e3-5aa0082159598"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=100
Content-Length
5091
trackingpixel.png
ps-news.de/
Redirect Chain
  • https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/d/d.png?q00gyi4yb6g7nkbih0000lzy000000000mjitoh01014
  • https://ps-news.de/trackingpixel.png
0
0
Image
General
Full URL
https://ps-news.de/trackingpixel.png
Requested by
Host: k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.181.105.108 Berlin, Germany, ASN48596 (INWX, DE),
Reverse DNS
www8.web-server.biz
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

location
http://ps-news.de/trackingpixel.png
date
Fri, 15 Oct 2021 10:55:28 GMT
server
Apache/2.4.18 (Ubuntu)
connection
close
content-length
0
content-type
image/png
p
emma-ld.de/
Redirect Chain
  • https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/d?q00gyi50000000bic0000lzy000000000mjiu2wq1014&emmrcid=32620245
  • https://emma-ld.de/l/4028d0837c314dff017c82f9b2ab40ba?emmrcid=32620245
  • https://emma-ld.de/p
167 B
508 B
Image
General
Full URL
https://emma-ld.de/p
Requested by
Host: k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
URL: https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/html_mail.jsp?params=32620245+vetabt%40lhl.hessen.de+0+000zlqy000b7m000000000dckf2g7s3w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.10.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sepp.nubos.de
Software
/
Resource Hash
b4671a5e3b84e8ce16b67cecc9043374d0e05b5cc7f2b6d3277d6a1fca823f08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 10:55:27 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
close
Content-Length
167
X-XSS-Protection
1; mode=block
X-Application-Context
emma:burda:8080
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 10:55:27 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Language
de-DE
Location
http://emma-ld.de/p
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
close
Content-Length
0
X-XSS-Protection
1; mode=block
X-Application-Context
emma:burda:8080
Expires
0
c4mv1nF8G8_swA3J0Q.woff2
fonts.gstatic.com/s/aleo/v4/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/aleo/v4/c4mv1nF8G8_swA3J0Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 07:22:40 GMT
x-content-type-options
nosniff
age
358368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:49:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 07:22:40 GMT
LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v10/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/teko/v10/LYjNdG7kmE0gfaN9pQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 14:37:06 GMT
x-content-type-options
nosniff
age
418702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:26:11 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Oct 2022 14:37:06 GMT
LYjCdG7kmE0gdRhYsCRgqA.woff2
fonts.gstatic.com/s/teko/v10/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/teko/v10/LYjCdG7kmE0gdRhYsCRgqA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3a8b7336bec502f846c8101cd4b1a751bdbf3d3fff3949949462517f27e1cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 03:42:19 GMT
x-content-type-options
nosniff
age
198789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12888
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:54:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 03:42:19 GMT
c4mg1nF8G8_syLbsxDJJnw.woff2
fonts.gstatic.com/s/aleo/v4/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/aleo/v4/c4mg1nF8G8_syLbsxDJJnw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f663b242fc066ab4ee3760a76816084c21560dbe757adbbe88955f794ce7b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 03:41:22 GMT
x-content-type-options
nosniff
age
198846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25204
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:49:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 03:41:22 GMT
c4mh1nF8G8_swAj50xVs.woff2
fonts.gstatic.com/s/aleo/v4/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/aleo/v4/c4mh1nF8G8_swAj50xVs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d252fc5041e3d505868902f94b9531effc12ce7f674e6f8fbe7ba7419e15b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:27:18 GMT
x-content-type-options
nosniff
age
5290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28972
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:49:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 15 Oct 2022 09:27:18 GMT
c4mi1nF8G8_swAjxaDB5nad4.woff2
fonts.gstatic.com/s/aleo/v4/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/aleo/v4/c4mi1nF8G8_swAjxaDB5nad4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Teko:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
864ac1f990a87d1b75326fd073e09abc2a6ce549ea057392821485b97887648b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 11:38:11 GMT
x-content-type-options
nosniff
age
343037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26296
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:53:13 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 11:38:11 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;900&family=Open+Sans&family=Roboto+Condensed:wght@700&family=Roboto+Slab:wght@800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://k58i37e.g8u8kury.rmdu6yke.niiv47o.bji12hu.zwoz6pu.apl-track21.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 15:11:30 GMT
x-content-type-options
nosniff
age
330238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Oct 2022 15:11:30 GMT

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://ps-news.de/trackingpixel.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)