helden.de Open in urlscan Pro
2606:4700:10::6816:4d41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://purchase.news/
Effective URL:
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Submission: On May 26 via automatic, source rescanner (May 26th 2022, 9:14:53 pm UTC) — Scanned from DE

Summary HTTP 196 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 196 HTTP transactions. The main IP is 2606:4700:10::6816:4d41, located in United States and belongs to CLOUDFLARENET, US. The main domain is helden.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 16th 2022. Valid for: a year.

This is the only time helden.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.250 103.224.182.250	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:4700:20:... 2606:4700:20::ac43:4545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
87	2606:4700:10:... 2606:4700:10::6816:4d41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	34.102.224.29 34.102.224.29	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	143.204.215.107 143.204.215.107	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
4	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.242.31 162.247.242.31	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
4	34.193.113.164 34.193.113.164	() ()
2	50.16.7.188 50.16.7.188	() ()
196	20

1 103.224.182.250 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-250.above.com

purchase.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4545 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

haftpflichthelden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 2606:4700:10::6816:4d41 (United States)

ASN13335 (CLOUDFLARENET, US)

helden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.224.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.224.102.34.bc.googleusercontent.com

images.provenexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

w.likebtn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 143.204.215.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-107.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.230.98.74 (Roesrath, Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.193.113.164 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	helden.de helden.de	2 MB
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 4817	754 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	452 KB
7	consentmanager.net b.delivery.consentmanager.net — Cisco Umbrella Rank: 87551 cdn.consentmanager.net — Cisco Umbrella Rank: 25065 delivery.consentmanager.net — Cisco Umbrella Rank: 26592	90 KB
6	drift.com metrics.api.drift.com bootstrap.api.drift.com	475 B
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 277 fonts.googleapis.com — Cisco Umbrella Rank: 42	39 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 212450	8 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	40 KB
2	likebtn.com w.likebtn.com — Cisco Umbrella Rank: 82090	62 KB
2	lookandfind.me lookandfind.me — Cisco Umbrella Rank: 830515	857 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 582	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 347	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	79 KB
1	provenexpert.com images.provenexpert.com — Cisco Umbrella Rank: 242435	16 KB
1	haftpflichthelden.de 1 redirects haftpflichthelden.de	558 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15006	749 B
1	clever-redirect.com clever-redirect.com	681 B
1	purchase.news 1 redirects purchase.news	1 KB
196	18

	Domain	Requested by
87	helden.de	lookandfind.me helden.de
64	js.driftt.com	helden.de js.driftt.com
6	fonts.gstatic.com	fonts.googleapis.com
5	1redirc.com	1 redirects 1redirc.com
4	metrics.api.drift.com	js.driftt.com
4	cdn.consentmanager.net	helden.de b.delivery.consentmanager.net cdn.consentmanager.net
4	www.google.com	helden.de www.gstatic.com www.google.com
4	fonts.googleapis.com	helden.de
3	www.gstatic.com	www.google.com
2	bootstrap.api.drift.com	js.driftt.com
2	delivery.consentmanager.net	helden.de
2	w.likebtn.com	helden.de w.likebtn.com
2	ajax.googleapis.com	helden.de
2	lookandfind.me	clever-redirect.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	helden.de
1	b.delivery.consentmanager.net	helden.de
1	www.googletagmanager.com	helden.de
1	images.provenexpert.com	helden.de
1	haftpflichthelden.de	1 redirects
1	www.awin1.com	1 redirects
1	clever-redirect.com	1redirc.com
1	purchase.news	1 redirects
196	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
www.pinterest.de
my.helden.de
www.provenexpert.com
twitter.com
www.linkedin.com
www.xing.com
themeforest.net
acoda.com

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
lookandfind.me R3	`2022-05-03` - `2022-08-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
developer.provenexpert.com GTS CA 1D4	`2022-04-14` - `2022-07-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
b.delivery.consentmanager.net R3	`2022-05-22` - `2022-08-20`	3 months	crt.sh
1376624012.rsc.cdn77.org R3	`2022-04-21` - `2022-07-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
delivery.consentmanager.net R3	`2022-05-22` - `2022-08-20`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Frame ID: 0B13F6DCE5DCB7DB155D07C714971DBF
Requests: 124 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=zd81iw5yaqqm
Frame ID: 9C15C9A05C5EF8B293EC75D9F6854532
Requests: 5 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 09B45B0A479B5BA60459A5FD035D5F69
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
Frame ID: D3EF29E42469F9F6FFF60106EF70F97D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🥇Premiumschutz für deinen Lifestyle // helden.decockadecloud-miningmagnifierspaceshiptime-machineb-love

Page URL History Show full URLs

https://purchase.news/ HTTP 302
http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnb... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D14539... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1453973705&sid=2022052707144679be6d75b330cc0dda Page URL
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%... Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=cb1f110977dff57839f15c6400f374d9 HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199... HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

196
Requests

98 %
HTTPS

45 %
IPv6

18
Domains

23
Subdomains

20
IPs

3
Countries

4107 kB
Transfer

8757 kB
Size

12
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/helden.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helden.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4A1U61t-ttoV0amitX3ERw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/helden_de/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://my.helden.de/
Title: Login

Search URL Search Domain Scan URL

URL: https://my.helden.de/signup
Title: ABSCHLIESSEN

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/?utm_source=Widget&utm_medium=Widget&utm_campaign=Widget

Search URL Search Domain Scan URL

URL: https://twitter.com/heldende_

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/helden-de/

Search URL Search Domain Scan URL

URL: https://www.xing.com/pages/helden-de

Search URL Search Domain Scan URL

URL: http://themeforest.net/item/you-multipurpose-responsive-wordpress-theme/15175900?ref=-ACODA-
Title: You WordPress Theme

Search URL Search Domain Scan URL

URL: http://acoda.com/
Title: Acoda

Search URL Search Domain Scan URL

URL: https://www.provenexpert.com/insurance-hero-gmbh/
Title: Insurance Hero GmbH Versicherungen Anonym hat 4,84 von 5 Sternen 420 Bewertungen auf ProvenExpert.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://purchase.news/ HTTP 302
http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1453973705%26sid%3D2022052707144679be6d75b330cc0dda&s=j&enc=iwsxveJ0iUIIEJKibGMiY349fkpsSFI1UVVIYkhsRWhqckwwRWpTQ0NJRW1uU2lOMXhzODlIc2ZIR05FbDcveFFHR3c2WFYxZEVmVnJNaC9mR1RxYTNZanJ6MndHcHdmVFRuZUk0YzByYVZ6QU5aazNIYTlxTWUyekRWK2NaRlBUM2oxVkVRTElxVmRaeXFtMzVKQi95UEg0bjZKZ1pZYzdVSWtSaVdEamdoREo2a2lqejVCL3krWnFCLzA3VlpYaXdNQ3QrY2JTOFNBQm9yQWRHdUVQZlhiR21peHVBSDBELzlrTmxTWm5iYUVMcTJHRkUzVlNmQzZNTWFSTUVCVitCcHUxSTNOYXlsNHFTNGUrU0x0L29mdFJDR3Q1K1dUcUNabGlnUWZTZytMcTFIZDdQd3puMXFXbmhselVPN0lHUi8xcWNXMlYzOGY0NWlnaUp2bUNQUzVCZXY4dGcxUDF2MWNZUll0cTZlTHNWb2p3M2lQd2RBS1d2RE51c3ZOSFJ1Y0liY3ZuVnp4OHR2K3YzVnh3TE5SOG1RUFVqWDNJQUJKallpMFlMTVFCb2dPM0libUdZU2EveDVPQVdIVFRDMVVNVHhTdmxrWlRyT0VRd3loWEJyVlZTdUR1dmhJNFJJdFhSRTZjSDdJWmhYSTlGb09WeTZmRmdCcXlyTm95WUcwd2dONmZIT3JkNEl5SDNmaHFSSGNja3JlM241R1VpS2NLMmV6NWx6ak0renhucjBzZVJ6MUpnUmdybjFHQjdEVUJQQUR5Z2w3SGtyYUhxbXFjQkcvOEF2cE93RmZzV0pZRytCaE9HSEttMzJDeVZiNGZhaEczVE9BcXo2WHc4Ui80c25yckVrMGlvK2tlOTlzL3NhOHgybC9Memxsc1NGYkUyNWhvcWtNYURad0tUSGhVN0pOY1REWGRmNWQ1TVMwRU80YkMrQnQ3THFlMVBtaE8vMWQwRUZjdXlJcytWeWp0Z2wrdkhWSXllVFNGbm5tckN4M1p0NWl1VjFRRWZQV1ZsMnVZWUpLL285RDQxcDhBSnc3UTNxS0FXZUcvZzVOdWp4T01qTm5OclJEQVN1VWFSQnZlNXFNVVMwdU92U2dGSXJQUTVrNkNOdzFlK2V1SEVHOHZjK1pIV1p0UHEyaUtnK3ZRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1453973705&sid=2022052707144679be6d75b330cc0dda Page URL
https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1453973705&s5=wc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3Dcb1f110977dff57839f15c6400f374d9&h=92773f8feda4efed1bd9c6db407f5040 Page URL
https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=cb1f110977dff57839f15c6400f374d9 HTTP 302
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0 HTTP 301
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://purchase.news/ HTTP 302
http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1453973705%26sid%3D2022052707144679be6d75b330cc0dda&s=j&enc=iwsxveJ0iUIIEJKibGMiY349fkpsSFI1UVVIYkhsRWhqckwwRWpTQ0NJRW1uU2lOMXhzODlIc2ZIR05FbDcveFFHR3c2WFYxZEVmVnJNaC9mR1RxYTNZanJ6MndHcHdmVFRuZUk0YzByYVZ6QU5aazNIYTlxTWUyekRWK2NaRlBUM2oxVkVRTElxVmRaeXFtMzVKQi95UEg0bjZKZ1pZYzdVSWtSaVdEamdoREo2a2lqejVCL3krWnFCLzA3VlpYaXdNQ3QrY2JTOFNBQm9yQWRHdUVQZlhiR21peHVBSDBELzlrTmxTWm5iYUVMcTJHRkUzVlNmQzZNTWFSTUVCVitCcHUxSTNOYXlsNHFTNGUrU0x0L29mdFJDR3Q1K1dUcUNabGlnUWZTZytMcTFIZDdQd3puMXFXbmhselVPN0lHUi8xcWNXMlYzOGY0NWlnaUp2bUNQUzVCZXY4dGcxUDF2MWNZUll0cTZlTHNWb2p3M2lQd2RBS1d2RE51c3ZOSFJ1Y0liY3ZuVnp4OHR2K3YzVnh3TE5SOG1RUFVqWDNJQUJKallpMFlMTVFCb2dPM0libUdZU2EveDVPQVdIVFRDMVVNVHhTdmxrWlRyT0VRd3loWEJyVlZTdUR1dmhJNFJJdFhSRTZjSDdJWmhYSTlGb09WeTZmRmdCcXlyTm95WUcwd2dONmZIT3JkNEl5SDNmaHFSSGNja3JlM241R1VpS2NLMmV6NWx6ak0renhucjBzZVJ6MUpnUmdybjFHQjdEVUJQQUR5Z2w3SGtyYUhxbXFjQkcvOEF2cE93RmZzV0pZRytCaE9HSEttMzJDeVZiNGZhaEczVE9BcXo2WHc4Ui80c25yckVrMGlvK2tlOTlzL3NhOHgybC9Memxsc1NGYkUyNWhvcWtNYURad0tUSGhVN0pOY1REWGRmNWQ1TVMwRU80YkMrQnQ3THFlMVBtaE8vMWQwRUZjdXlJcytWeWp0Z2wrdkhWSXllVFNGbm5tckN4M1p0NWl1VjFRRWZQV1ZsMnVZWUpLL285RDQxcDhBSnc3UTNxS0FXZUcvZzVOdWp4T01qTm5OclJEQVN1VWFSQnZlNXFNVVMwdU92U2dGSXJQUTVrNkNOdzFlK2V1SEVHOHZjK1pIV1p0UHEyaUtnK3ZRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1453973705&sid=2022052707144679be6d75b330cc0dda

196 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

https://purchase.news/
http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms...

4 KB
2 KB

364ms
180ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5973908152d2da6c720ac25de34e5a76daa60ba661dd1befc8dab84e987005a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2031
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 May 2022 21:14:46 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 May 2022 21:14:46 GMT
Location: http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 347ms
173ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 26 May 2022 21:14:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "383-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 350ms
176ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 26 May 2022 21:14:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 363ms
188ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=iwsxveJ0iUIIEJKibGMiY349fkpsSFI1UVVIYkhsRWhqckwwRWpTQ0NJRW1uU2lOMXhzODlIc2ZIR05FbDcveFFHR3c2WFYxZEVmVnJNaC9mR1RxYTNZanJ6MndHcHdmVFRuZUk0YzByYVZ6QU5aazNIYTlxTWUyekRWK2NaRlBUM2oxVkVRTElxVmRaeXFtMzVKQi95UEg0bjZKZ1pZYzdVSWtSaVdEamdoREo2a2lqejVCL3krWnFCLzA3VlpYaXdNQ3QrY2JTOFNBQm9yQWRHdUVQZlhiR21peHVBSDBELzlrTmxTWm5iYUVMcTJHRkUzVlNmQzZNTWFSTUVCVitCcHUxSTNOYXlsNHFTNGUrU0x0L29mdFJDR3Q1K1dUcUNabGlnUWZTZytMcTFIZDdQd3puMXFXbmhselVPN0lHUi8xcWNXMlYzOGY0NWlnaUp2bUNQUzVCZXY4dGcxUDF2MWNZUll0cTZlTHNWb2p3M2lQd2RBS1d2RE51c3ZOSFJ1Y0liY3ZuVnp4OHR2K3YzVnh3TE5SOG1RUFVqWDNJQUJKallpMFlMTVFCb2dPM0libUdZU2EveDVPQVdIVFRDMVVNVHhTdmxrWlRyT0VRd3loWEJyVlZTdUR1dmhJNFJJdFhSRTZjSDdJWmhYSTlGb09WeTZmRmdCcXlyTm95WUcwd2dONmZIT3JkNEl5SDNmaHFSSGNja3JlM241R1VpS2NLMmV6NWx6ak0renhucjBzZVJ6MUpnUmdybjFHQjdEVUJQQUR5Z2w3SGtyYUhxbXFjQkcvOEF2cE93RmZzV0pZRytCaE9HSEttMzJDeVZiNGZhaEczVE9BcXo2WHc4Ui80c25yckVrMGlvK2tlOTlzL3NhOHgybC9Memxsc1NGYkUyNWhvcWtNYURad0tUSGhVN0pOY1REWGRmNWQ1TVMwRU80YkMrQnQ3THFlMVBtaE8vMWQwRUZjdXlJcytWeWp0Z2wrdkhWSXllVFNGbm5tckN4M1p0NWl1VjFRRWZQV1ZsMnVZWUpLL285RDQxcDhBSnc3UTNxS0FXZUcvZzVOdWp4T01qTm5OclJEQVN1VWFSQnZlNXFNVVMwdU92U2dGSXJQUTVrNkNOdzFlK2V1SEVHOHZjK1pIV1p0UHEyaUtnK3ZRPT0%3D&rand=0.15926840014203147
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=ACDpP4pE5itF1f7JHpDx%2BH49flJtZVhMcGpxN1FUZjNTYlEwNFdkdEpKK2krbFBnbXJjMmswaWYzcDB2eWdJT25mVWRVdVFybC83akFjQ2p3NDZ5TkQzT3daWlgrWk9xZXc0aHhPVnhxYTJ2dUtkV243SGhyTVVrNHkyRms0dHhRSzloY3l2elVmMzJyaHlidVZVRFpiMWg5M2ZWdVA0VWZ5ZDR5NW56NVU2Nk5kMHhmOHZYU0dvbm1HZmFzRjFGc0RkTkk1bHdZOGFWMHNaQ1RPdWpiNnB4YWZUajVyYUVjZ0E2RVNpYUdwWWFLelNNUGlWdjI3Y0UvdnVyeVRLelk1ZXNZZ0hCdXZ1VFhtT3ZIZWU2blBsQktsT3ZpZFpETFlNVXQ3c1d5YzVodU5HQm42V3BCa3o2bjBOOFdMTkE4QS9SaUJoUzFtdGQzUFZjRkFrcU5MK1BnRVVYRkgrYVRTRy9hRTh3dGZMb3ZZSmJTZ3VqZU90VFYxRWZrVzI1RzY0aGtHZFdyaHpUNDdicng0aFpUYUdPSEsvRFBERU5TU3lsWlhvekM0Zy9HeHBBdWtmRGtRZWErQ3BUdFFFa1NxVi8vS2pOMEZVaTROMnp1Vjc3TWhTUG1UZXVCNXkwV05LSXQzTHJjcEZxckMvenZRclFtMTFnUXpHT3FmTGU1UDY5bjlSN2RaNDAxd242QUJqN2lKNUdWNjB3aEdNOGJ6a1Z6QUh5KzlqTU5uN1RSUWlzWEpKM0RIcUVTZWN3TnZuVEwrK1EyV0diS3JhR01MUmZFZTZJWnY4RkRId01VY3dCUnNnY3dFaitiUXpRR2k3elFQNi9yS2lMdmZhRnBrTERWLzVwblpuYm1JRE9XMHhMUVZxUHNVVUpWcTBlTUxiTXpGY2Vsd1RWZjh1S0t6U2NkNy8xZEl3blpDbjhMenBkQWxUMlZaVVVUTXNTZ01sb3A2L3p0aHFua2VFRGxjbkdtVnRjSEVHOHpuMUlQRnNzY0ZqVXVua1JhZlgwN2ZzMDQ5VWtSY21jZEdNWnI4UA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 26 May 2022 21:14:47 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1453973705%26sid%3D2022052707144679be6d75b330cc0dda&s=j&enc=iwsxveJ0iUIIEJKibGMiY349fkpsSFI1UVVIYkhsRWhqckw...
https://clever-redirect.com/s/r6?s=721614&s3=1453973705&sid=2022052707144679be6d75b330cc0dda

331 B
681 B

106ms
38ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=1453973705&sid=2022052707144679be6d75b330cc0dda
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 331
content-type: text/html; charset=UTF-8
date: Thu, 26 May 2022 21:14:48 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 26 May 2022 21:14:48 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=1453973705&sid=2022052707144679be6d75b330cc0dda
Server: Apache/2.4.38 (Debian)

GET
H2 200 a
lookandfind.me/s/ 363 B
530 B 105ms
41ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1453973705&s5=wc
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1453973705&sid=2022052707144679be6d75b330cc0dda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 363
content-type: text/html; charset=UTF-8
date: Thu, 26 May 2022 21:14:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H2 200 r
lookandfind.me/s/ 297 B
327 B 32ms
31ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3Dcb1f110977dff57839f15c6400f374d9&h=92773f8feda4efed1bd9c6db407f5040
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Referer: https://lookandfind.me/s/a?t=7&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=haftpflichthelden.de&s1=721614&s2=&s3=1453973705&s5=wc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 297
content-type: text/html; charset=UTF-8
date: Thu, 26 May 2022 21:14:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H2

200

Primary Request / Show response
helden.de/
Redirect Chain

https://www.awin1.com/awclick.php?mid=14361&id=926315&pref1=cb1f110977dff57839f15c6400f374d9
https://haftpflichthelden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

246 KB
48 KB

891ms
775ms

Document
text/html

2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Requested by: Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3Dcb1f110977dff57839f15c6400f374d9&h=92773f8feda4efed1bd9c6db407f5040
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43092d1165010edd3b00de12fb3c1e0687e540470d89e547d181e1ef4e2bb694

Request headers

Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fmid%3D14361%26id%3D926315%26pref1%3Dcb1f110977dff57839f15c6400f374d9&h=92773f8feda4efed1bd9c6db407f5040
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 711985c6d9ac9bca-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 26 May 2022 21:14:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 26 May 2022 21:14:48 GMT
link: <https://helden.de/wp-json/>; rel="https://api.w.org/" <https://helden.de/>; rel=shortlink
server: cloudflare
vary: Accept-Encoding

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 711985c5de6990b2-FRA
content-type: text/html; charset=iso-8859-1
date: Thu, 26 May 2022 21:14:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vna%2BoofsQslm2Qevc8QEGoj%2BEcHdR2x3LB%2FYQyA%2FdUr0QOKM3aAJSnlzCD2Rh0vKXxlIwL%2BnsiNie8tx3mnz9XMK8qZjkSEWqmBhrLNTsmu2j2fTGB0%2BeYxuggbdMtu1FLe3A1qM%2FUC8nN5GUHpTMu%2Bn"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 helden-custom.css
helden.de/wp-content/themes/you/css/ 1 KB
697 B 34ms
31ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/helden-custom.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Oct 2021 09:04:16 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=2130
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbd9fd9bca-FRA
cf-bgj: minify

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/ 31 KB
31 KB 77ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 19:06:58 GMT
x-content-type-options: nosniff
age: 7671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31344
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 19:06:58 GMT

GET
H2 200 wp-notification-bars-public.css
helden.de/wp-content/plugins/wp-notification-bars/public/css/ 4 KB
1 KB 37ms
32ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/css/wp-notification-bars-public.css?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=4192
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbda0b9bca-FRA
cf-bgj: minify

GET
H2 200 acoda_counters.min.css
helden.de/wp-content/plugins/acoda-counters/assets/ 797 B
370 B 40ms
34ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.css?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709482
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbda149bca-FRA
content-length: 278
expires: Tue, 25 Apr 2023 12:36:47 GMT

GET
H2 200 acoda_gigatools.min.css
helden.de/wp-content/plugins/acoda-gigatools/assets/ 695 B
355 B 36ms
28ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-gigatools/assets/acoda_gigatools.min.css?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbea289bca-FRA
content-length: 264
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 style.css
helden.de/wp-content/plugins/likebtn-like-button/public/css/ 2 KB
801 B 37ms
30ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/css/style.css?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=2476
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbea299bca-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 30 KB
7 KB 46ms
38ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbea349bca-FRA
content-length: 7036
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 dynamic-mobmenu.css
helden.de/wp-content/uploads/ 8 KB
2 KB 50ms
42ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/uploads/dynamic-mobmenu.css?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 14:13:59 GMT
server: cloudflare
age: 2709497
cf-polished: status=cannot_optimize
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbea389bca-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 1 KB
502 B 89ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=5.2.15

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d11e8ffa177f0d0928cc9a9f28cfd8e2706dfa32d93008541cb26f2fa04ca60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:19:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 26 May 2022 21:14:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 May 2022 21:14:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
468 B 90ms
33ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.15

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e874735132d9ee43ec40c50da6ffa44b4bf13051a108a77dc686c1c782fa5dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 May 2022 21:14:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 26 May 2022 21:14:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 May 2022 21:14:49 GMT

GET
H2 200 js_composer.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 451 KB
44 KB 41ms
33ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbea489bca-FRA
content-length: 44917
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 mobmenu-icons.css
helden.de/wp-content/plugins/mobile-menu/includes/css/ 2 KB
757 B 47ms
40ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=3886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbea4d9bca-FRA
cf-bgj: minify

GET
H2 200 style.css
helden.de/wp-content/themes/helden/ 376 KB
60 KB 49ms
42ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/style.css?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1177d617a777f16368ce9929c57e19545580c18ccfab34d15e4e376707ab01ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Mar 2022 10:29:38 GMT
server: cloudflare
age: 2709482
cf-polished: origSize=448160
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:47 GMT
cache-control: max-age=31536000
cf-ray: 711985cbea519bca-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
helden.de/wp-includes/js/jquery/ 95 KB
33 KB 64ms
58ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 May 2019 22:08:51 GMT
server: cloudflare
age: 1803322
cf-polished: origSize=96873
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 06 May 2023 00:19:27 GMT
cache-control: max-age=31536000
cf-ray: 711985cbfa7d9bca-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
helden.de/wp-includes/js/jquery/ 10 KB
4 KB 64ms
58ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 591
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbfa829bca-FRA
content-length: 4014
expires: Fri, 26 May 2023 21:04:58 GMT

GET
H2 200 main.js Show response
helden.de/wp-content/themes/helden/ 122 KB
35 KB 60ms
56ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 09 Aug 2021 14:46:59 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=179649
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbfa869bca-FRA
cf-bgj: minify

GET
H2 200 countid.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 5 KB
2 KB 62ms
58ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/countid.min.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbfa899bca-FRA
content-length: 1975
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 acoda_counters.min.js Show response
helden.de/wp-content/plugins/acoda-counters/assets/ 1 KB
613 B 59ms
55ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/acoda-counters/assets/acoda_counters.min.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbfa8e9bca-FRA
content-length: 523
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 frontend.js Show response
helden.de/wp-content/plugins/likebtn-like-button/public/js/ 5 KB
2 KB 61ms
58ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Sep 2021 06:40:34 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=7114
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbfa939bca-FRA
cf-bgj: minify

GET
H2 200 wpgmza_data.js Show response
helden.de/wp-content/plugins/wp-google-maps/ 0
101 B 60ms
57ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 13:26:08 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbfa959bca-FRA
content-length: 0
cf-bgj: minify

GET
H2 200 wp-notification-bars-public.js Show response
helden.de/wp-content/plugins/wp-notification-bars/public/js/ 689 B
354 B 59ms
56ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/wp-notification-bars/public/js/wp-notification-bars-public.js?ver=1.0.5
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 09:48:36 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=1041
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbfa969bca-FRA
cf-bgj: minify

GET
H2 200 mobmenu.js Show response
helden.de/wp-content/plugins/mobile-menu/includes/js/ 6 KB
1 KB 59ms
57ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=8712
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbfa989bca-FRA
cf-bgj: minify

GET
H2 200 waypoints.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/ 8 KB
3 KB 58ms
56ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbfa999bca-FRA
content-length: 2615
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 waypoints-sticky.min.js Show response
helden.de/wp-content/themes/you/js/ 3 KB
1 KB 56ms
55ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/waypoints-sticky.min.js?ver=1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cbfa9b9bca-FRA
content-length: 1282
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 helden_de_custom.js Show response
helden.de/wp-content/themes/you/js/ 6 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/js/helden_de_custom.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Mar 2021 13:18:15 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=7385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985cbfa9d9bca-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 78ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 May 2022 19:34:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 26 May 2022 21:14:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 May 2022 21:14:49 GMT

GET
H2 200 helden.de_Logo.svg
helden.de/wp-content/uploads/2021/02/ 5 KB
2 KB 73ms
64ms Image
image/svg+xml 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/02/helden.de_Logo.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Feb 2021 09:49:41 GMT
server: cloudflare
age: 117493
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 711985cccd149bca-FRA
content-length: 1845
expires: Fri, 24 Jun 2022 12:36:36 GMT

GET
H2 200 Tierdirekt_Logo_helden_de_powered.png
helden.de/wp-content/assets/tierdirekt/ 18 KB
19 KB 70ms
61ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/tierdirekt/Tierdirekt_Logo_helden_de_powered.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592de4e199b5d26c55c6f24e7fdb02080aba9305421b7190d2e2d5cbf874cd36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 178453
cf-polished: origFmt=png, origSize=35279
content-disposition: inline; filename="Tierdirekt_Logo_helden_de_powered.webp"
content-length: 18910
last-modified: Tue, 12 Apr 2022 08:18:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 21 Sep 2022 19:40:36 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd169bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
helden.de/wp-content/assets/profly_dji/ 33 KB
8 KB 58ms
49ms Image
image/svg+xml 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/profly_dji/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 711985cccd1a9bca-FRA
date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 05:21:52 GMT
server: cloudflare
age: 117377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/svg+xml
content-length: 8356
expires: Fri, 24 Jun 2022 12:38:32 GMT

GET
H2 200 Kundenvertrauen_helden_de.svg
helden.de/wp-content/uploads/2021/07/ 32 KB
8 KB 66ms
57ms Image
image/svg+xml 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/Kundenvertrauen_helden_de.svg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 08:21:20 GMT
server: cloudflare
age: 117377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 711985cccd1e9bca-FRA
content-length: 8129
expires: Fri, 24 Jun 2022 12:38:32 GMT

GET
H2 200 widget_square_165_1.png
images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/ 16 KB
16 KB 203ms
26ms Image
image/png 34.102.224.29
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.provenexpert.com/45/14/0b86840a13b7f9399eece676ff57/widget_square_165_1.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.224.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.224.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5561b0168139f470a7f53b9f11f838851d343cd3c09c25af0c9885d82d85d510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
via: 1.1 google
last-modified: Tue, 24 May 2022 07:54:41 GMT
server: nginx
age: 0
etag: "628c8f41-3e57"
content-type: image/png
cache-control: max-age=86400,no-cache
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15959
expires: Fri, 27 May 2022 21:14:49 GMT

GET
H2 200 Helden_Web_Mobile-Mockup_06.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 60ms
51ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_06.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 699164
cf-polished: qual=85, origFmt=jpeg, origSize=52798
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_06.webp"
content-length: 27534
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 15 Sep 2022 19:02:05 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd209bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_05.jpg
helden.de/wp-content/uploads/2019/10/ 19 KB
19 KB 61ms
53ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_05.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 174464
cf-polished: qual=85, origFmt=jpeg, origSize=42408
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_05.webp"
content-length: 19320
last-modified: Mon, 14 Oct 2019 10:34:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 21 Sep 2022 20:47:05 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd229bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_04.jpg
helden.de/wp-content/uploads/2019/10/ 25 KB
26 KB 68ms
60ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_04.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 91442
cf-polished: qual=85, origFmt=jpeg, origSize=50929
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_04.webp"
content-length: 25904
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 22 Sep 2022 19:50:47 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd249bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_03.jpg
helden.de/wp-content/uploads/2019/10/ 27 KB
27 KB 70ms
62ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_03.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 12671
cf-polished: qual=85, origFmt=jpeg, origSize=55274
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_03.webp"
content-length: 27706
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 17:43:38 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd269bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_02.jpg
helden.de/wp-content/uploads/2019/10/ 33 KB
33 KB 60ms
52ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_02.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 18423
cf-polished: qual=85, origFmt=jpeg, origSize=59813
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_02.webp"
content-length: 34042
last-modified: Mon, 14 Oct 2019 10:34:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 16:07:46 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd289bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Helden_Web_Mobile-Mockup_01.jpg
helden.de/wp-content/uploads/2019/10/ 23 KB
23 KB 67ms
59ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/Helden_Web_Mobile-Mockup_01.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 90948
cf-polished: qual=85, origFmt=jpeg, origSize=48508
content-disposition: inline; filename="Helden_Web_Mobile-Mockup_01.webp"
content-length: 23826
last-modified: Mon, 14 Oct 2019 10:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 22 Sep 2022 19:59:01 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd299bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_24VQ9.jpg
helden.de/wp-content/uploads/2019/11/ 8 KB
9 KB 72ms
64ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/11/helden_code_24VQ9.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495ae15b7ea9c85d3bf79b70443e685e9185e94e179345a8637a16a147f54cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 655796
cf-polished: qual=85, origFmt=jpeg, origSize=12574
content-disposition: inline; filename="helden_code_24VQ9.webp"
content-length: 8688
last-modified: Mon, 25 Nov 2019 08:19:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 16 Sep 2022 07:04:53 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd2a9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1UPG5.jpg
helden.de/wp-content/uploads/2020/01/ 13 KB
13 KB 72ms
65ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/01/helden_code_1UPG5.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af8dec5faa0fea6c9debdd56b4c795b7c536334afcd1d9e014478712fb288ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Jan 2020 09:44:57 GMT
server: cloudflare
age: 29712
cf-polished: degrade=85, origSize=17062, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 23 Sep 2022 12:59:37 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd2c9bca-FRA
content-length: 13184
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_2FRW9.jpg
helden.de/wp-content/uploads/2019/10/ 8 KB
8 KB 67ms
60ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_2FRW9.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1e2aa923af814d09f8d42a64a31fa095164242a3b476b216951cf959df7d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:52 GMT
server: cloudflare
age: 29714
cf-polished: degrade=85, origSize=19964, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 23 Sep 2022 12:59:35 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd2f9bca-FRA
content-length: 7684
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_0P9N3.jpg
helden.de/wp-content/uploads/2020/08/ 18 KB
19 KB 67ms
59ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/08/helden_code_0P9N3.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7677f73b08b762d4e3a9f4cdd367211094350f5111a40dc099697d94124b04a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 42229
cf-polished: qual=85, origFmt=jpeg, origSize=30560
content-disposition: inline; filename="helden_code_0P9N3.webp"
content-length: 18876
last-modified: Tue, 04 Aug 2020 07:46:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 09:31:00 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd339bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_2B945.jpg
helden.de/wp-content/uploads/2019/10/ 13 KB
13 KB 68ms
61ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_2B945.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7261e1e739516b0d3bd919e73dd9b6a19cde0f868d315f84134f389ec5ac600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:48 GMT
server: cloudflare
age: 29712
cf-polished: degrade=85, origSize=37754, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 23 Sep 2022 12:59:37 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd349bca-FRA
content-length: 12959
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_42LM5.jpg
helden.de/wp-content/uploads/2019/10/ 9 KB
9 KB 69ms
62ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_42LM5.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f988ef29bc7fd270f4f0d8ffa3d2c915050e5df509bb8123f95dfdfee4461bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 12:21:18 GMT
server: cloudflare
age: 2702769
cf-polished: degrade=85, origSize=11596, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 23 Aug 2022 14:28:40 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd359bca-FRA
content-length: 9223
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_1LNQ4.jpg
helden.de/wp-content/uploads/2019/10/ 11 KB
11 KB 68ms
61ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_1LNQ4.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c24cbb1284038ad458c34d9f885fe9a4622cb5337d4254384f630fb9b48dfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:30 GMT
server: cloudflare
age: 12489
cf-polished: degrade=85, origSize=34987, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 23 Sep 2022 17:46:40 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd379bca-FRA
content-length: 11478
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_2LJW7.jpg
helden.de/wp-content/uploads/2019/10/ 9 KB
9 KB 72ms
65ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_2LJW7.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75dc94286d9fd0993744876ce2c71d6f2a4a4592fc2a1f71a96559e418d84352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:24:55 GMT
server: cloudflare
age: 29711
cf-polished: degrade=85, origSize=21411, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 23 Sep 2022 12:59:38 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd399bca-FRA
content-length: 9005
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_4JJ64.jpg
helden.de/wp-content/assets/community/ 7 KB
7 KB 71ms
64ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/community/helden_code_4JJ64.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ac8d0769a3209e0f5078669a78ed7c20c6e1520734c23b6fd15f946f7861895

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 29720
cf-polished: qual=85, origFmt=jpeg, origSize=11042
content-disposition: inline; filename="helden_code_4JJ64.webp"
content-length: 6948
last-modified: Mon, 11 Jan 2021 09:58:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 12:59:29 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd3b9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_2EHF1.jpg
helden.de/wp-content/uploads/2020/08/ 43 KB
43 KB 64ms
58ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/08/helden_code_2EHF1.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d235817fea78de6229c249c291bce725593d5296790b9430ef3f97ec963679a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 29712
cf-polished: qual=85, origFmt=jpeg, origSize=62951
content-disposition: inline; filename="helden_code_2EHF1.webp"
content-length: 43598
last-modified: Mon, 03 Aug 2020 13:17:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 12:59:37 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd429bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_0RR77.jpg
helden.de/wp-content/uploads/2019/06/ 14 KB
14 KB 69ms
63ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/06/helden_code_0RR77.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c0fb93eabfe7c80adef9da1824d825a75927dd2d28274551b8e0e36e50da5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2019 10:13:26 GMT
server: cloudflare
age: 50034
cf-polished: qual=85, origFmt=jpeg, origSize=114495
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 07:20:55 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_code_0RR77.webp"
cf-ray: 711985cccd449bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_code_3QFV8.jpg
helden.de/wp-content/uploads/2019/10/ 8 KB
8 KB 63ms
57ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/10/helden_code_3QFV8.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de977fcb9f3bbb77f560e470d16c562f750fe99f8589dd3c7e5f84f3518991de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Oct 2019 09:25:20 GMT
server: cloudflare
age: 2707403
cf-polished: degrade=85, origSize=23654, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 23 Aug 2022 13:11:26 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd469bca-FRA
content-length: 8272
cf-bgj: imgq:85,h2pri

GET
H2 200 Versicherungspartner_NV-300x208.jpg
helden.de/wp-content/uploads/2020/04/ 3 KB
3 KB 71ms
65ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_NV-300x208.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 2709301
cf-polished: qual=85, origFmt=jpeg, origSize=6159
content-disposition: inline; filename="Versicherungspartner_NV-300x208.webp"
content-length: 2924
last-modified: Fri, 03 Apr 2020 11:30:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 23 Aug 2022 12:39:48 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd499bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Versicherungspartner_HISCOX-300x182.jpg
helden.de/wp-content/uploads/2020/04/ 4 KB
4 KB 73ms
67ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/04/Versicherungspartner_HISCOX-300x182.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 2709301
cf-polished: qual=85, origFmt=jpeg, origSize=6611
content-disposition: inline; filename="Versicherungspartner_HISCOX-300x182.webp"
content-length: 3982
last-modified: Fri, 03 Apr 2020 11:30:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 23 Aug 2022 12:39:48 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd4b9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
helden.de/wp-content/uploads/2021/07/ 23 KB
23 KB 76ms
70ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2021/07/WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 17159
cf-polished: origFmt=png, origSize=56718
content-disposition: inline; filename="WiWo_Hoechstes_Kundenvertrauen_2020_helden_de.webp"
content-length: 23324
last-modified: Mon, 05 Jul 2021 11:39:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 16:28:50 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd519bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
helden.de/wp-content/uploads/2020/06/ 47 KB
47 KB 68ms
62ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2020/06/Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.de_.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Jun 2020 10:28:11 GMT
server: cloudflare
age: 13786
cf-polished: qual=85, origFmt=jpeg, origSize=69103
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 17:25:03 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="Fairness_InsurTechs_2019_Fairster_Schadenservice_helden.webp"
cf-ray: 711985cccd559bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden.de_Logo_web_retina.png
helden.de/wp-content/uploads/2019/01/ 4 KB
5 KB 65ms
59ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/uploads/2019/01/helden.de_Logo_web_retina.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 18480
cf-polished: origFmt=png, origSize=8928
content-disposition: inline; filename="helden.webp"
content-length: 4534
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 16:06:49 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cccd599bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 js_composer_tta.min.css
helden.de/wp-content/plugins/js_composer/assets/css/ 309 KB
14 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cc7c079bca-FRA
content-length: 14545
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
649 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&ver=5.2.15

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:28:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 26 May 2022 21:14:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 May 2022 21:14:49 GMT

GET
H2 200 ihover.min.css
helden.de/wp-content/themes/you/css/ 50 KB
3 KB 49ms
43ms Stylesheet
text/css 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/you/css/ihover.min.css
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 Jun 2019 08:00:21 GMT
server: cloudflare
age: 2492514
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cc9c7f9bca-FRA
content-length: 3178
expires: Fri, 28 Apr 2023 00:52:55 GMT

GET
H2 200 core.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 4 KB
2 KB 46ms
38ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cc9c8d9bca-FRA
content-length: 1811
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 widget.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 7 KB
3 KB 42ms
33ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cc9c929bca-FRA
content-length: 2543
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 position.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 6 KB
3 KB 46ms
38ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709482
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cc9c949bca-FRA
content-length: 2469
expires: Tue, 25 Apr 2023 12:36:47 GMT

GET
H2 200 menu.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 9 KB
3 KB 41ms
33ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709482
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985cc9c959bca-FRA
content-length: 2805
expires: Tue, 25 Apr 2023 12:36:47 GMT

GET
H2 200 wp-sanitize.min.js Show response
helden.de/wp-includes/js/ 423 B
320 B 47ms
37ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-sanitize.min.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccac9c9bca-FRA
content-length: 257
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 wp-a11y.min.js Show response
helden.de/wp-includes/js/ 640 B
440 B 51ms
41ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-a11y.min.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccac9f9bca-FRA
content-length: 375
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 autocomplete.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 8 KB
3 KB 46ms
36ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709482
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccaca19bca-FRA
content-length: 2774
expires: Tue, 25 Apr 2023 12:36:47 GMT

GET
H2 200 presVouch.js Show response
helden.de/wp-content/themes/helden/ 3 KB
1 KB 45ms
34ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/themes/helden/presVouch.js?ver=1.2
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 08:40:22 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=5783
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985ccaca39bca-FRA
cf-bgj: minify

GET
H2 200 underscore.min.js Show response
helden.de/wp-includes/js/ 16 KB
6 KB 49ms
39ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccaca59bca-FRA
content-length: 5634
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 backbone.min.js Show response
helden.de/wp-includes/js/ 22 KB
7 KB 47ms
37ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/backbone.min.js?ver=1.2.3
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:22 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccaca79bca-FRA
content-length: 7433
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 api-request.min.js Show response
helden.de/wp-includes/js/ 768 B
527 B 56ms
46ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/api-request.min.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccaca99bca-FRA
content-length: 440
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 wp-api.min.js Show response
helden.de/wp-includes/js/ 14 KB
4 KB 46ms
36ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-api.min.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709482
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccacac9bca-FRA
content-length: 4086
expires: Tue, 25 Apr 2023 12:36:47 GMT

GET
H2 200 scripts.js Show response
helden.de/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 50ms
41ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
cf-polished: origSize=14440
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Tue, 25 Apr 2023 12:36:32 GMT
cache-control: max-age=31536000
cf-ray: 711985ccacaf9bca-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 210ms
31ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0e1118ebbde5c7e1b91ee1c3b745ef87c5518b00528fcc33cdf735c9e317f83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Thu, 26 May 2022 21:14:49 GMT

GET
H2 200 effect.min.js Show response
helden.de/wp-includes/js/jquery/ui/ 13 KB
5 KB 48ms
38ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/jquery/ui/effect.min.js?ver=1.11.4
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccacc29bca-FRA
content-length: 5162
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 wp-embed.min.js Show response
helden.de/wp-includes/js/ 1 KB
829 B 47ms
37ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-includes/js/wp-embed.min.js?ver=5.2.15
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Aug 2021 09:41:23 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccacc69bca-FRA
content-length: 739
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 js_composer_front.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 56ms
46ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccacc99bca-FRA
content-length: 5712
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 vc-accordion.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/ 12 KB
3 KB 59ms
49ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccaccd9bca-FRA
content-length: 2673
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 vc-tta-autoplay.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/ 2 KB
896 B 58ms
49ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccacd19bca-FRA
content-length: 831
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 vc-tabs.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/ 4 KB
1 KB 58ms
48ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccacd39bca-FRA
content-length: 1170
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 skrollr.min.js Show response
helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/ 12 KB
6 KB 48ms
39ms Script
application/javascript 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.4.7
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 2709497
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 711985ccacd79bca-FRA
content-length: 5593
expires: Tue, 25 Apr 2023 12:36:32 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: helden.de
URL: https://helden.de/wp-content/themes/helden/main.js?ver=5.2.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2023 13:20:17 GMT

GET
H2 200 widget.js Show response
w.likebtn.com/js/w/ 124 KB
35 KB 198ms
32ms Script
application/javascript 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/js/w/widget.js
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/likebtn-like-button/public/js/frontend.js?ver=5.2.15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.15.4
Resource Hash: 43d83509dd8fda7412e53f2c81c13dce67f42a8d5731dad5d4a57a720b634a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46480
x-powered-by: HHVM/3.15.4
last-modified: Wed, 25 May 2022 19:41:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwfLWRcHdT%2Ff9ELd6OQ6bZcnp4WQLyaUYjuHnrCPrIF2U%2FIDzDsTxhc%2BNTzqt3iGWXIVxq4f6kc36ZFxGmnhvs0K%2FnA3WnJR2uerQ%2FE%2BhXepL5LkZ2L5Y1kWn55gFzqKzVc5uD0BO0jMuVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=691200, s-maxage=57600
cf-polished: origSize=126890
cf-ray: 711985cdac049b80-FRA
cf-bgj: minify

GET
H2 200 h8eubnf2kys7.js Show response
js.driftt.com/include/1653599700000/ 232 KB
66 KB 318ms
149ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1653599700000/h8eubnf2kys7.js

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

12272e905b4845f9f793c999472269b47d638cf31274916b27dc4c514ce46846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 14:37:01 GMT
server: nginx
etag: W/"a55d488da3fab0964f2f7529d48102ea"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7OSZhYEXnr46Zw8.jTGTEPr6J8IoNIUp
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CX9omj5KBgepHkk4buk2T_q1pYOMioy5wN4ET9YnY11njMVS07KBFA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
79 KB 217ms
43ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPDPCB6

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c080b771c7804511967c72072bd3228ce126f12edddb1a784d1fadae46b74955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79955
x-xss-protection: 0
expires: Thu, 26 May 2022 21:14:49 GMT

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 5 KB
2 KB 230ms
38ms Script
application/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=4a85ab190397&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0&&__cmpfcc=1&l=en&o=1653599689690

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Roesrath, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

e1140a55ecef7135519b9e726097736707528548fff7c79384085216bd65abd7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 May 2022 21:14:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 21:14:49 GMT
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.net/delivery/js/ 382 KB
72 KB 234ms
65ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/js/cmp_en.min.js

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

8c7eda2967b00bdf6a370cbaed77d757182c34f733277045a00e19193fafff6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
etag: W/"6284ece9-5f7cf"
x-77-nzt: AcO1ry9k6+L/8gYAAA
x-accel-expires: @1653599711
last-modified: Wed, 18 May 2022 12:56:09 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
x-77-nzt-ray: JiKsFWra0Hs
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public
x-age: 1778

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 200ms
60ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 187600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 186ms
50ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 187350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:12:19 GMT

GET
H2 200 helden_de_phv_hero.jpg
helden.de/wp-content/assets/header/old/ 394 KB
395 KB 33ms
33ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/header/old/helden_de_phv_hero.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Feb 2021 14:27:07 GMT
server: cloudflare
age: 96541
cf-polished: qual=85, origFmt=jpeg, origSize=514244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 22 Sep 2022 18:25:48 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_phv_hero.webp"
cf-ray: 711985cd3ea89bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_privathaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 70 KB
70 KB 53ms
53ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_privathaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 18423
cf-polished: qual=85, origFmt=jpeg, origSize=92072
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 16:07:46 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_productimages_overview_privathaftpflicht.webp"
cf-ray: 711985cd3eac9bca-FRA
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 631bbb9222aa4b34439b69e2988652ede383ca956d79eb5fa6a69e69854c2e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 helden_de_productimages_overview_hausratschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 26 KB
26 KB 53ms
52ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hausratschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 29779
cf-polished: qual=85, origFmt=jpeg, origSize=37384
content-disposition: inline; filename="helden_de_productimages_overview_hausratschutz.webp"
content-length: 26294
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 12:58:30 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3eb29bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
helden.de/wp-content/assets/productimages/overview/ 59 KB
59 KB 53ms
52ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_e-bike-_und_fahrradschutz.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2020 14:23:55 GMT
server: cloudflare
age: 2709481
cf-polished: status=not_needed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 23 Aug 2022 12:36:48 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3eb59bca-FRA
content-length: 60060
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_hundehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 17 KB
17 KB 53ms
53ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_hundehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 7931
cf-polished: qual=85, origFmt=jpeg, origSize=26654
content-disposition: inline; filename="helden_de_productimages_overview_hundehaftpflicht.webp"
content-length: 17518
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 19:02:38 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3eb79bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_pferdehaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 28 KB
28 KB 53ms
53ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_pferdehaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 3993
cf-polished: qual=85, origFmt=jpeg, origSize=37445
content-disposition: inline; filename="helden_de_productimages_overview_pferdehaftpflicht.webp"
content-length: 28404
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 20:08:16 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3eb99bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_drohenhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 29 KB
29 KB 53ms
53ms Image
image/jpeg 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_drohenhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Aug 2020 10:09:01 GMT
server: cloudflare
age: 2709481
cf-polished: degrade=85, origSize=37829, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 23 Aug 2022 12:36:48 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3ebc9bca-FRA
content-length: 30032
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_keyvisual_gdh.png
helden.de/wp-content/assets/productimages/keyvisual/ 414 KB
415 KB 52ms
52ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/keyvisual/helden_de_keyvisual_gdh.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935b7f7d141f2bea994d54b9d709d5f15ebb6bce6b73f02b1f59ee40df8eabcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 10:23:29 GMT
server: cloudflare
age: 1207536
cf-polished: origFmt=png, origSize=640265
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 09 Sep 2022 21:49:13 GMT
cache-control: max-age=10368000
content-disposition: inline; filename="helden_de_keyvisual_gdh.webp"
cf-ray: 711985cd3ebe9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 23 KB
23 KB 52ms
52ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_2-in-1_berufshaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 4513
cf-polished: qual=85, origFmt=jpeg, origSize=33528
content-disposition: inline; filename="helden_de_productimages_overview_2-in-1_berufshaftpflicht.webp"
content-length: 23796
last-modified: Mon, 02 Nov 2020 14:27:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 19:59:36 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3ebf9bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_bue_keyvisual.jpg
helden.de/wp-content/assets/buero_equipmentschutz/ 27 KB
27 KB 52ms
52ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/buero_equipmentschutz/helden_de_bue_keyvisual.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 7763
cf-polished: qual=85, origFmt=jpeg, origSize=58681
content-disposition: inline; filename="helden_de_bue_keyvisual.webp"
content-length: 27568
last-modified: Fri, 12 Feb 2021 11:22:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Fri, 23 Sep 2022 19:05:26 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3ec19bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_productimages_overview_familienhaftpflicht.jpg
helden.de/wp-content/assets/productimages/overview/ 22 KB
23 KB 53ms
52ms Image
image/webp 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/overview/helden_de_productimages_overview_familienhaftpflicht.jpg
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
cf-cache-status: HIT
age: 1791739
cf-polished: qual=85, origFmt=jpeg, origSize=32576
content-disposition: inline; filename="helden_de_productimages_overview_familienhaftpflicht.webp"
content-length: 23000
last-modified: Tue, 25 Aug 2020 10:13:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 03 Sep 2022 03:32:30 GMT
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd3ec59bca-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 helden_de_keyvisual_drohnenkasko.png
helden.de/wp-content/assets/productimages/keyvisual/ 585 KB
585 KB 72ms
72ms Image
image/png 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://helden.de/wp-content/assets/productimages/keyvisual/helden_de_keyvisual_drohnenkasko.png
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467ea9255be185c790d0537e51145b7f3828f0e5d6c350d80ee48f21a2baa124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 10 Feb 2022 11:03:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000
cf-ray: 711985cd3ec69bca-FRA
expires: Fri, 23 Sep 2022 21:14:49 GMT

GET
H2 200 mobmenu.ttf
helden.de/wp-content/plugins/mobile-menu/includes/css/font/ 12 KB
8 KB 45ms
45ms Font
font/ttf 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/font/mobmenu.ttf?31192480
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d49ea099481e01f6c80d0098144b28710ed7e27ffadee7cdac797ed87ef5740b

Request headers

Referer: https://helden.de/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.2.15
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 May 2019 15:42:48 GMT
server: cloudflare
age: 2709481
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 711985cd4ee89bca-FRA
content-length: 7707
expires: Tue, 23 Aug 2022 12:36:48 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 110ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A900%2C400&subset=latin%2Clatin-ext&ver=5.2.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 187350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:12:19 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 91ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 187600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:08:09 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 136ms
67ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 187350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:12:19 GMT

GET
H2 200 fontawesome-webfont.woff2
helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/ 75 KB
76 KB 44ms
44ms Font
font/woff2 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: helden.de
URL: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://helden.de/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 May 2019 16:07:40 GMT
server: cloudflare
age: 1142
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=10368000
cf-ray: 711985cd4ef29bca-FRA
expires: Fri, 23 Sep 2022 20:55:47 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 108ms
73ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:09:03 GMT
x-content-type-options: nosniff
age: 187546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:09:03 GMT

GET
H2 200 / Show response
helden.de/wp-json/wp/v2/ 136 KB
7 KB 459ms
458ms XHR
application/json 2606:4700:10::6816:4d41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helden.de/wp-json/wp/v2/

Requested by

Host: helden.de
URL: https://helden.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 6520
access-control-allow-headers: Authorization, Content-Type
allow: GET
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=0
cf-ray: 711985ce29c19bca-FRA
link: <https://helden.de/wp-json/>; rel="https://api.w.org/"
expires: Thu, 26 May 2022 21:14:49 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 365 KB
145 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://helden.de/
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 19:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147703
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 May 2023 19:45:49 GMT

GET
H2 200 widget.css
w.likebtn.com/css/w/ 72 KB
28 KB 30ms
30ms Stylesheet
text/css 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/css/w/widget.css?v=39
Requested by: Host: w.likebtn.com
URL: https://w.likebtn.com/js/w/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 718
cf-polished: origSize=80956
last-modified: Mon, 07 Mar 2022 17:52:40 GMT
server: cloudflare
etag: W/"62264668-13c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmZHSEFNET%2BwB5D3pRWepaV3V5piyB2t%2BSp2446pbXyOwhTXnGjUJNnpse0oe8qS6qmvOnGXfzPxj%2BbG9ht217vhOEK6Edo3r67NP5fWIV8%2FY%2Fy1lSvsx81ecmmB5ecQ%2FMRIi8e%2BLkhiLmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 711985ce9ee49b80-FRA
cf-bgj: minify

GET
H2 200 bV8xLndfMzIxNTcuZF8xNDA2MC54XzQyLnYucC50XzE0MDYw.js Show response
cdn.consentmanager.net/delivery/customdata/ 21 KB
5 KB 36ms
36ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfMzIxNTcuZF8xNDA2MC54XzQyLnYucC50XzE0MDYw.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=4a85ab190397&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0&&__cmpfcc=1&l=en&o=1653599689690

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

cc3a58e6701f24c1474e3bae8a18e0dd194f5afb8eaac6eebeb0b6f7efbd5236

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 26 May 2022 21:14:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 0
x-77-nzt: AcO1ry/sPaH/XgMAAA
x-accel-expires: @1653600628
last-modified: Thu, 26 May 2022 21:00:28 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
x-77-nzt-ray: 7gYAW2Tme9Q
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *, *
cache-control: public, max-age=1800
x-age: 862
expires: Thu, 26 May 2022 21:30:28 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b

Request headers

Referer
Origin: https://helden.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9C15 41 KB
21 KB 93ms
44ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=zd81iw5yaqqm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8b4a8cd59b57a51bd5369e60620960e73af731c94ac51697407f6152fa79118

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W95VSH6vgVUFdlTpB8_nLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://helden.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21750
content-security-policy: script-src 'report-sample' 'nonce-W95VSH6vgVUFdlTpB8_nLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 26 May 2022 21:14:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 langpurpose_de.min.js Show response
cdn.consentmanager.net/delivery/lang/ 50 KB
8 KB 40ms
40ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/lang/langpurpose_de.min.js

Requested by

Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

df05a5688e7ee2bd5223e90b377692e88e9e3348e49b609848efc10c150e28fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 26 May 2022 21:14:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
etag: W/"6282bcb8-c825"
x-77-nzt: AcO1ry9Kv1P/DwAAAA
x-accel-expires: @1653601475
last-modified: Mon, 16 May 2022 21:06:00 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
x-77-nzt-ray: TnoABj7AMqE
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public
x-age: 15

GET
H/1.1 200
OK /
delivery.consentmanager.net/delivery/info/ 43 B
353 B 117ms
31ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://delivery.consentmanager.net/delivery/info/?id=32157&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0&o=1653599690256&l=DE&lv=42148&d=1&ct=14&e=&e2=&e3=&i=&sv=33&dv=42&

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Roesrath, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 May 2022 21:14:50 GMT
Last-Modified: Thu, 26 May 2022 21:14:50 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
delivery.consentmanager.net/delivery/info/ 43 B
353 B 122ms
34ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://delivery.consentmanager.net/delivery/info/?id=32157&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fhelden.de%2F%3Futm_source%3Daffilinet%26src%3Daffnet%26awc%3D14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0&o=1653599690256&l=DE&lv=42148&d=1&ct=14&e=&e2=&e3=&i=&sv=33&dv=42&

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Roesrath, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 May 2022 21:14:50 GMT
Last-Modified: Thu, 26 May 2022 21:14:50 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmplogo.svg
cdn.consentmanager.net/delivery/ 3 KB
2 KB 34ms
34ms Image
image/svg+xml 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.consentmanager.net/delivery/cmplogo.svg

Requested by

Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 26 May 2022 21:14:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: FTXY2LmAjWY
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
strict-transport-security: max-age=63072000; includeSubDomains
x-77-nzt: AcO1ry8kn4P/OXIAAA
x-accel-expires: @1653656849
last-modified: Tue, 08 Feb 2022 14:38:46 GMT
server: CDN77-Turbo
x-frame-options: sameorigin
etag: W/"62028076-d0f"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400, public
x-age: 29241

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 9C15 51 KB
24 KB 68ms
22ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=zd81iw5yaqqm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 16:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 May 2023 16:36:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 9C15 365 KB
144 KB 77ms
32ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 19:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147703
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 May 2023 19:45:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9C15 102 B
134 B 32ms
31ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=zd81iw5yaqqm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 26 May 2022 21:14:50 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 09B4 2 KB
1 KB 130ms
130ms Document
text/html 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1653599700000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

26c512e9477c3eba1749a41323be44485a9b3a53e2cb6f14dafabc750a7f776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helden.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 26 May 2022 21:14:50 GMT
etag: W/"9596435895846e9e7f10e685f5b9f7de"
last-modified: Thu, 26 May 2022 14:36:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-id: mmHV6mSlZmC2NVJfrBqgFJP_rzuEkmGsMjDWz56AF6_E0HZFo7cTnA==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: duwr3pOoMYNUkVrV3ozvgOL3.5YN7YD9
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame D3EF 2 KB
1 KB 129ms
128ms Document
text/html 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1653599700000/h8eubnf2kys7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

26c512e9477c3eba1749a41323be44485a9b3a53e2cb6f14dafabc750a7f776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://helden.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 26 May 2022 21:14:50 GMT
etag: W/"9596435895846e9e7f10e685f5b9f7de"
last-modified: Thu, 26 May 2022 14:36:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-id: BPvmNOBy3XWcXJlBUmVDHzDMpVTuIj_mA56nZPPKY48pZlmAHeWOLQ==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: duwr3pOoMYNUkVrV3ozvgOL3.5YN7YD9
x-cache: RefreshHit from cloudfront

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 74ms
22ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: helden.de
URL: https://helden.de/?utm_source=affilinet&src=affnet&awc=14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: 702BXDH9DS50TBSA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: 5vd9vstz3V3z74kfjj1dCPZWEqafZIkasHjA0BdDCJvZTnwH4UnkRjWckumVI0cOdusYAlzF0pM=
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1653599691.551968,VS0,VE0
date: Thu, 26 May 2022 21:14:50 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13426

GET
H/1.1 200
OK 01dc4771f2 Show response
bam.nr-data.net/1/ 57 B
322 B 560ms
133ms Script
text/javascript 162.247.242.31
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/01dc4771f2?a=91632097&v=1216.487a282&to=MlJTZkFUDRAFVxdYCwsYcFFHXAwNS0QCVgE%3D&rst=2207&ck=1&ref=https://helden.de/&ap=704&be=1179&fe=2074&dc=1630&perf=%7B%22timing%22:%7B%22of%22:1653599688413,%22n%22:0,%22f%22:239,%22dn%22:239,%22dne%22:305,%22c%22:305,%22s%22:327,%22ce%22:355,%22rq%22:355,%22rp%22:1129,%22rpe%22:1142,%22dl%22:1139,%22di%22:1629,%22ds%22:1629,%22de%22:1685,%22dc%22:2066,%22l%22:2073,%22le%22:2106%7D,%22navigation%22:%7B%7D%7D&fp=1427&fcp=1427&at=HhVQEAlOHh4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.uk
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://helden.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runtime~main.cfab691f.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 6 KB
3 KB 23ms
23ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0399016962fc0a41a6f7a2cec931995c146c3aceb48a7c3bfe89ea9495952760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 14:36:50 GMT
content-encoding: gzip
age: 23880
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 14:17:19 GMT
server: nginx
etag: W/"9393a833f04b0976b6b675fb69ff8d77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MqPWMvFtL6HQes0ISVI8TBBQSOSNUfsX
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xco_Fd8dKSJN8-cFSQgvKftxUxcw6__xA6yg0hpjRL1IlrVgyitwWQ==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 58 KB
20 KB 27ms
26ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 2926286
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X9RC4ORYZL2cSjZZB7yfkiGPoyt8KznSHL_5jCG-SGcrlWvSlBb1PQ==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 6 KB
3 KB 28ms
27ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 703060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p7ffS1flBL0Vd7eCkQXowe9thmpUI3ClGwr17nAFLvGBZ-b9kgd-vA==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9C15 31 KB
18 KB 58ms
58ms XHR
application/json 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98b70695436a371779c83521145a8f47d75488435a99af31957551d2c5122c96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_tAAVAAAAAAveMVi-2b3nfbxTn9wql0C3-QWx&co=aHR0cHM6Ly9oZWxkZW4uZGU6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=zd81iw5yaqqm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 26 May 2022 21:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18171
x-xss-protection: 1; mode=block
expires: Thu, 26 May 2022 21:14:50 GMT

GET
H2 200 runtime~main.cfab691f.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 6 KB
3 KB 23ms
23ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0399016962fc0a41a6f7a2cec931995c146c3aceb48a7c3bfe89ea9495952760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 14:36:50 GMT
content-encoding: gzip
age: 23880
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 14:17:19 GMT
server: nginx
etag: W/"9393a833f04b0976b6b675fb69ff8d77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MqPWMvFtL6HQes0ISVI8TBBQSOSNUfsX
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C17tT0-dja95EPqIPrnD1X1tqgNNmBGTdKLQoSD2qj7gw7OJm-eJvg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 58 KB
20 KB 27ms
27ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 2926286
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zk1R8tXfNUp_IvkcLQzeNf40FrlI2ysfGqWprATqZWt9lrgAf42NRA==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 6 KB
3 KB 28ms
28ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 703060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qZtB88USZlo91BOo9BH6XM_E7BicYx9b8HM2D7QByv69lIqw11ls1A==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 47 KB
14 KB 25ms
25ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3968716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RE876VKbdGX4YPALueRpVY1i8qDozyp2-c-gxoDbC5fy-mK2UK0JHw==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 44 KB
13 KB 28ms
27ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 2673564
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oJV-s2uayBEPXy1vwdKW15an8XFime6-k6ccHfOjCHwqIARiX1HmXg==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 25 KB
8 KB 29ms
29ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4475276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vKbfuupFATroRl3aNDGfs3ThogQLzb9z
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cHAl48xsvogEMFrxK_b8ZzySsW6NzCjTYo0IXeq9yO7OCaGNwzNx3Q==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 16 KB
5 KB 31ms
30ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 12288068
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bbamcmVZ_7KGBge9vQDDRPtqEwJeMNEY6tSAPJ1vxM0NYfSqUtpbMg==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 72 KB
22 KB 34ms
34ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4475276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0Z8Vcg-64jiZv-iyqFGVKl978lDukRLBCaBe2usKuDnjbLC-bkZbiQ==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 16 KB
6 KB 36ms
36ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lKdT83hFk6oc4yzwjkCPtmRufEzn_1y9
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BMcq_-BdTfocTVw60HdehcYZRWztlyWckh9eFkG5O2HoeHMI9F4mVQ==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 59 KB
19 KB 40ms
39ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3570580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u2I8g8OmqgCSsXTMATEixmj0tblTdbUEIhiTRV-01WMD0NPKzQhyUg==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 91 KB
28 KB 44ms
43ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LyspfqQ7YOM4X1GmhegNBXkdtxQfh-VCH8PFL9n2-alGWBePqpGauQ==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 23 KB
7 KB 47ms
47ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1221514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _z28TfX3ZFNIxVR5xq9RhigqztR3FqHFPS4XHG9IVL6SnYWJRqIwlA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 62 KB
20 KB 51ms
50ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12288069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5AGLDc-6z_Qw2ZKCHdhazOY2VEfxvSEbIl8X6zxLuSnwlEaqtsPabA==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 105 KB
34 KB 55ms
54ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3968716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k0rwOu0GPQZGlN7Cau-ggn_TYGfPC1t0pJjf_hv9p5WCoAqJ7zdDxg==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 12 KB
4 KB 59ms
59ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4489344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Zui0kJ5MSbHpImulx8UM9hDRN0gPHQk
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g35pXxCp_rA6QuRis1tysKh0RC-HmM69npo9sDABd8poIxiStu9Slw==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 12 KB
5 KB 60ms
60ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3570580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RRbic1OKMg3tRAooDrgxjSdhCUNSZGewfehFeotKCqeG6uiJ3EVdRA==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 17 KB
7 KB 61ms
61ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 703060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4z4KEUkRv7Oj4Raqb_rH2GcCG1PUZazRnNm4o5OZKJwH_wn5RKDC0Q==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame D3EF 11 KB
3 KB 61ms
61ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y92vd-J55Pu5mNxsmMJzvfLeTrS1mLhg-2LNyi-did_2iVQXAuLyew==

GET
H2 200 8.5fbd69d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 70 KB
22 KB 64ms
63ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.5fbd69d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:59 GMT
server: nginx
etag: W/"cd43284d05406552f494bbd44734ee0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XsFmR2GAc1_QnHVkrdDFEKicPq3qlHBV
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _hsbnS0eCsqin0CA0MuBxn0qbEipa4_2KOGmgsM3uRUVD0x8m5R9zA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame D3EF 24 B
667 B 65ms
64ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age: 12288069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jn1ftN-p-8GQuew1EG-6oDV9C4fJs_V6aYwsXw2pGY99OJWrfPOKLA==

GET
H2 200 15.9a7b783c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 78 KB
20 KB 65ms
65ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9a7b783c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"36f679f36770acf3a24e07795d54926d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PCpq1M7KNBx.60DMcPGYQas..FYGHvAh
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VKdVvJx7fSKBWN6wVG0kHMwZhr3O4vhy1TWSS5n9p1dDz39XWT5VKw==

GET
H2 200 22.6f487465.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 47 KB
13 KB 66ms
66ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6f487465.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"e07a6f8e3170641ee90cd70e1515d1cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E.s_VR33a7iHVinnc1SG22v5OxH76qwY
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tfb3Qws0It3Par__2xO9BjJQqWOwlbTPR1h4vK9_M8gStqDtsqhc2g==

GET
H2 200 13.f8c555bf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 40 KB
13 KB 66ms
66ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.f8c555bf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a707dd8d9db227ea0ed7a0721ee26f3425db76d56611f8a287597f28da745cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 14:36:51 GMT
content-encoding: gzip
age: 23879
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 14:17:17 GMT
server: nginx
etag: W/"ce3db793771688660c32782852b5d4b9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yeRirJMVQfeJc_FEDC9Uwn.zv09oSepm
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zlsajXUTpEqYR75uTFguWIOyHv2ckjlqKBTjKshavQSmS-YlGnu6TQ==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 47 KB
14 KB 54ms
54ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3968716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8LQnIMgMlDQwKVyLj5Y9rY6LskblmJaFGsI0FEINzzuAW8IO-I-IAA==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 44 KB
13 KB 55ms
54ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 2673564
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: piE5mcqXbbIIwLOTeFyZSf1R0-dPskxTjeuU6VuyFszA28UZRO-2FA==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 25 KB
8 KB 55ms
55ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4475276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vKbfuupFATroRl3aNDGfs3ThogQLzb9z
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IyTX5bjZTtIG35my4dDgKOUbRLBiZE1MKqoSEeOtF35vA6QMQUOhDg==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 16 KB
5 KB 56ms
55ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:42 GMT
content-encoding: gzip
age: 12288068
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4ax8s6QduFMpjFNk6Ue6QN3bTYArkCZPqKypWlDhoZVaHPgBbnwyaA==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 72 KB
22 KB 56ms
55ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4475276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FFtVN_Bu4sGjFAmXbRQ-8V6lCxi0GhIfH-Z43oisrabdcTK9JagBaA==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 16 KB
6 KB 57ms
56ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lKdT83hFk6oc4yzwjkCPtmRufEzn_1y9
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YY3fYhiwGv9ecx2qdBiicTwYkYmhv2tfzHbpwciC0lDULMh2Z_CBOA==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 59 KB
19 KB 58ms
57ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3570580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Itt15l5hyhn4MNqNi89q5woqPcqTUxoGfQhf9V556NanPbOpRQ0TcA==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 91 KB
28 KB 59ms
58ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f1bjW2sOGwBYXxL6HkXiusSzlTPLF-6N4FzaMmNseS5z-6iaLhM7gQ==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 23 KB
7 KB 61ms
60ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1221514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7-qVblRknOLsHEFOdbE2VWhES2JoezongcDb-dmyw4DqQaVKzYid3Q==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 62 KB
20 KB 62ms
61ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12288069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5sVoaNoIy14-avjWg_DV1NWylFszZ-FbCvDNH2G2r4Ya68fTxkdBqg==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 105 KB
34 KB 64ms
63ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3968716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1Iwge6ID-3sCbT7UScLpl0cHaQ42OaPuPHvo_fU7A3nBt0GHt2qfKA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 12 KB
4 KB 66ms
65ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4489344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:20 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Zui0kJ5MSbHpImulx8UM9hDRN0gPHQk
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x1yCOUdkG2nARkAzbp5XVyilSU3rwZnDd0mQl64WQOryqDoKeMCsQg==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 12 KB
5 KB 66ms
65ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 3570580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ivpq7PyDWPnxtjSq4daaVx6wdKEDh2-its3W0cC2rKyJeJ-QAUHvCg==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 17 KB
7 KB 67ms
66ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 703060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lTRnaEDxJo1c2ZRXTDYa5ylbT3Swsv5fA-GgEy8XWjqp-2mSdeHlxA==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 09B4 11 KB
3 KB 67ms
66ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7tHZH8LRO8LjCi241l2haqOaxq5cafBvR-yQihtOWsiXnelC2aSgqQ==

GET
H2 200 8.5fbd69d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 70 KB
22 KB 68ms
67ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.5fbd69d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:59 GMT
server: nginx
etag: W/"cd43284d05406552f494bbd44734ee0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XsFmR2GAc1_QnHVkrdDFEKicPq3qlHBV
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W7PuTz035bcaoeZ0PxfqshfCmkFaBrkbVwSbT-6d93I712DfRYgVlw==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 09B4 24 B
666 B 68ms
67ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age: 12288069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Lcsn21mCiBn9rWryuqzETqLFZ4wx0Sala0yfnl4JDZv5X80dsygmaw==

GET
H2 200 15.9a7b783c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 78 KB
20 KB 69ms
68ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.9a7b783c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"36f679f36770acf3a24e07795d54926d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PCpq1M7KNBx.60DMcPGYQas..FYGHvAh
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8ijr6LONK-N2KI8ozBntrvQ7Ue1KNANOUIweutHsnELRo96o_j8ZGQ==

GET
H2 200 22.6f487465.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 47 KB
13 KB 70ms
69ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6f487465.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"e07a6f8e3170641ee90cd70e1515d1cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: E.s_VR33a7iHVinnc1SG22v5OxH76qwY
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hFr85qPJzj0990Y2VMUhalioPShvD3FgJnbRPUDcb4d53CoT6Rxd1g==

GET
H2 200 13.f8c555bf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 40 KB
13 KB 70ms
70ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.f8c555bf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a707dd8d9db227ea0ed7a0721ee26f3425db76d56611f8a287597f28da745cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 14:36:51 GMT
content-encoding: gzip
age: 23879
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 26 May 2022 14:17:17 GMT
server: nginx
etag: W/"ce3db793771688660c32782852b5d4b9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yeRirJMVQfeJc_FEDC9Uwn.zv09oSepm
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mk_x4q4sn7b78MrTdbHbsFT87M1UVXcY7VmfrEnl9q-OoLHQ6P67cg==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame D3EF 3 KB
1 KB 23ms
22ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4489344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:17 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: o4YHS2mkjmPJ8FYb.psnWR.Z9AgjdeMR
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kYHbs1Yj1jhZdmNeS9qo4KFJHN0x4phUQCpv6AqSVghTFc7HtHgwnQ==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 3 KB
2 KB 23ms
23ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 01:21:23 GMT
content-encoding: gzip
age: 6378806
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 09 Mar 2022 19:39:00 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nKLZ1eCZgJyATnvQHZL81PT0kMSSnbMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B6ehZ06az5tsxgeeJ-8Wuj4fc6yNbHGep-k4Q0bZmaHYPWTk9yUbRQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 9 KB
3 KB 23ms
23ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:34 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f0vFdvUsVaxkS7BUVekCPez6OhG1f.hd
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T_A7_yAgRzYJp37SJwKMX-1bNPn4mpqr0QE3HS9P0stitsKeW_R0cw==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 33 KB
10 KB 24ms
23ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4489344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dJ6wMYR.EkVgKolqllYLjIlhrPfZzaVa
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xz9sybX9fFxsxA_NlCNaQLapSGDHAyJOBr2d4tIq2f6EzZqK3cmNlQ==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 09B4 8 KB
2 KB 24ms
24ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Yw4dEFczUjGKvjvS8RVZki_SV8inukYJ
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eCjDrXCrIM1JQ0126_SP6YZbO9jX5HU-ZGXxbTaUHweHd3PqLaGlKQ==

GET
H2 200 25.b36a979b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 12 KB
5 KB 24ms
24ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b36a979b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9a5c3883eada0e4577732081b0979554f9c24570ec71bd766e9a2658e7703603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"bb1fc605abd6c0ba2c1eb7021ba58d04"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SjE9cVAK33cTH9HWQZWwr9_vpF1Vn6tr
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kGasLAfaudFaWUIB4G-p5p3x96cQJ6QKRWf2eiRyyVhdvLortf2WoQ==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 09B4 365 B
1009 B 25ms
25ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age: 703060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PhpnUwCKVw_tmw5w1.GT3kRVBeTcpzl
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DHPXpQxHJZyTnF9TWufFxzOJX3F4OUkYKspbdPBLLlteJAloiOcMEw==

GET
H2 200 17.c37e2c32.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 09B4 86 KB
24 KB 25ms
25ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.c37e2c32.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3d49f3b6d0b55212e3a8d188be8bc0a4e84ead196d23ae8c535c5c04eb83ac8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=h8eubnf2kys7&region=US&forceShow=false&skipCampaigns=false&sessionId=b820b3c5-ee67-423f-b848-59111fd38baa&sessionStarted=1653599690.48&campaignRefreshToken=9318b4c3-7ddc-4e8c-ba6b-b7acf446c185&hideController=false&pageLoadStartTime=1653599689555&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"4fd774d3e6a9b5d671b82fde4c56f6c0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: v.A4lvrt538jUTgbt_9o596UsTJ7MRcv
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0CX6OWDuanlrsjuheUGTt0qlEhxV03kMMQKEFGz7fsSIez_b4gNdyg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 9 KB
3 KB 23ms
22ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:34 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: f0vFdvUsVaxkS7BUVekCPez6OhG1f.hd
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: psY0dv91XiK594Za2ZMHwb8k757oKYn1FpOWJFmMhXJ6CQOwMFAMig==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame D3EF 7 KB
2 KB 23ms
23ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145043
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eJJ8iIcGQeeOyHqQZhPH9NjVmZe46DWE
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f_K6MmShdFhBFsZlKTVVL_pHcV8KhP4EIAeDK2_q8jUEoqTwJN0tcg==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 54 KB
16 KB 24ms
24ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 23:30:53 GMT
content-encoding: gzip
age: 4743837
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 18:31:22 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk3GS24HgDEmPXUslSsjyTbGLAUWg7zo
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sdOwTMf-WI5PIU6z1h9Y3pY7y_Z_2b_EPr31b19IBbdwD3NxTligfQ==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame D3EF 43 KB
7 KB 25ms
24ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:02:23 GMT
content-encoding: gzip
age: 2095947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NDVBsNLgITAyanG2chz6_hhZC25SbNrt
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Av-6A5xhhlu3G2uYeYLIgNl0WJJ1IWMlJriWAvMkVfS5m12TOCTMwQ==

GET
H2 200 1.460851df.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 73 KB
25 KB 25ms
25ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.460851df.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

6986c4bd74aede5172574e0254fbce3ddb445c135dcf3d41c8af8bf8edde7a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:57 GMT
server: nginx
etag: W/"502542c5326e44a24723bb8758064798"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wQts6oQEz389.FoLPu2yuRyQvXjz8BcZ
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cYpRqn1jiY2WsQLKOekGUzE-0-Usp2EPrldQp1x1xOo_nBf9wiAAYg==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame D3EF 12 KB
3 KB 26ms
25ms Stylesheet
text/css 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5145043
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pHw9X_j3lnHYAPELEWozrhov_rOIKMZh
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UnZeMDVhCpfXE_c2C1l7gGA4qbPrwOO7HZ-vtKoiQnNt2Tz8vgmiYw==

GET
H2 200 30.b309d6ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D3EF 11 KB
5 KB 26ms
26ms Script
application/javascript 143.204.215.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.b309d6ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.cfab691f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-107.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2d0cdd09c5006ed29290e45afc7c2cd37751bb446e99fc5767252b5f0111be59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653599689555
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:02:23 GMT
content-encoding: gzip
age: 94347
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 25 May 2022 18:29:58 GMT
server: nginx
etag: W/"7dd277950241bcebd0bdbbb7d9cdab6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hKJsDkMxRQ0R_AMuTupCkkz.ZnAAlr5B
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bHfhxVOtZ0uENQlepPCJP1diYoOgsipG0Olo9Qe6qteIRSdCuqyOQg==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 371ms
107ms Preflight
text/plain 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 26 May 2022 21:14:51 GMT
requestid: driftf90164f4d86b7b3a158b25d9592
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 09B4 25 B
123 B 130ms
129ms XHR
application/json 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 26 May 2022 21:14:51 GMT
server: istio-envoy
requestid: 4f9a7f33eef76eed
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 09B4 147 B
245 B 110ms
109ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

10ddbab6bd39158ba9fd5af15da2e22b4793ee2d22db1c0c68d7027283910e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 26 May 2022 21:14:51 GMT
server: istio-envoy
requestid: db5dd7871b6cf210
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 355ms
109ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 26 May 2022 21:14:51 GMT
requestid: driftc1700e84111a33e5556d4d09e13
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 09B4 25 B
107 B 121ms
121ms XHR
application/json 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 26 May 2022 21:14:53 GMT
server: istio-envoy
requestid: 23afcd40bc661ecc
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 109ms
108ms Preflight
text/plain 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 26 May 2022 21:14:52 GMT
requestid: drift93ab8c843daad6f699bb40c2c1e
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 07:39:11	Name: _GRECAPTCHA Value: 09AFhSOcYuxvmf_0QLYxvUYQVvBHjMwlkpm57_gmM0S8OtIEp2oCTtqfuq9B1QGXWSbQ106JvZz-FnpihASJFTtd8
purchase.news/	1970-01-23 18:55:59	Name: __tad Value: 1653599686.5063966
.1redirc.com/	1970-01-20 12:05:35	Name: __dsnsid Value: 2022052707144679be6d75b330cc0dda
clever-redirect.com/	1970-01-20 03:21:26	Name: a6f71ff97b8e123782e35598ef1cd3d9 Value: 20936b5f36e8a63f8ffe1605a069f9c9a9d0936a7079b6dc097e0d96cfb5a7e5a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a6f71ff97b8e123782e35598ef1cd3d9%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.awin1.com/	1970-01-20 04:46:23	Name: aw14361 Value: 926315\|0\|0\|1653599688\|cb1f110977dff57839f15c6400f374d9\|aw\|0
.awin1.com/	1970-01-20 12:05:35	Name: bId Value: HLEX_628fedc8471940.78558535
.helden.de/	1970-01-20 04:46:23	Name: a_ident Value: affnet.14361_1653599688_1cef1983fb9c9383bc8199dda0ea97c0
.helden.de/	1970-01-20 03:40:09	Name: __cmpcvcu20848 Value: __c25469_s65_s23_s56_s1409_c16776_s24_c25471_c24542__
.helden.de/	1970-01-20 03:40:09	Name: __cmpcpcu20848 Value: __51__
.helden.de/	1970-01-20 04:03:11	Name: __cmpcviab20848 Value: ,c25469,s65,s23,s56,s1409,c16776,s24,c25471,c24542,
helden.de/	1970-01-20 03:20:01	Name: drift_campaign_refresh Value: 9318b4c3-7ddc-4e8c-ba6b-b7acf446c185
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 81e9941bd4535ef3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
ajax.googleapis.com
b.delivery.consentmanager.net
bam.nr-data.net
bootstrap.api.drift.com
cdn.consentmanager.net
clever-redirect.com
delivery.consentmanager.net
fonts.googleapis.com
fonts.gstatic.com
haftpflichthelden.de
helden.de
images.provenexpert.com
js-agent.newrelic.com
js.driftt.com
lookandfind.me
metrics.api.drift.com
purchase.news
w.likebtn.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.gstatic.com
103.224.182.206
103.224.182.250
104.111.239.217
143.204.215.107
151.101.194.137
157.90.169.168
162.247.242.31
2606:4700:10::6816:4d41
2606:4700:20::681a:e45
2606:4700:20::ac43:4545
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::200a
2a02:6ea0:c700::2
34.102.224.29
34.193.113.164
50.16.7.188
78.46.197.88
87.230.98.74
0157ac2ffc801dbd94534b6c3bae2999697912e970c8281d7c7d736f00a597cb
01f2c507dce67cd34f1fb75780c52221946800029092456ed02470059af2c05f
024bbe37586effe93a17f4f8800ff6c67e2aca1061c5f23625bb16a6e3d13c8d
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
0399016962fc0a41a6f7a2cec931995c146c3aceb48a7c3bfe89ea9495952760
050afadcae8e995d4d71c6c7d05bdb3ef24691fc81526eb0357de319184c747b
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06b4780df9b383519f51c2b0d374f45c26bf05e1cbc1518b2a2b309e5ea9ae86
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
09f9370d4f6c68191a996dc948f16e1b1f6d3a417e34b907c778c7d82b8718a3
0ce51090b148a45a0e3d652719ed6ef7f1a38e5d272dbf874f86a49664e897a3
10ddbab6bd39158ba9fd5af15da2e22b4793ee2d22db1c0c68d7027283910e4b
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1177d617a777f16368ce9929c57e19545580c18ccfab34d15e4e376707ab01ba
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
12272e905b4845f9f793c999472269b47d638cf31274916b27dc4c514ce46846
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
1b4f1024fa4887b47765e2ad4db9bc1f6ea96335f77fd44c62b8538d75e7190c
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
2031ce9d387c585aeed7e46b4c88ab74c996834aa6f10cbf32dd7df4170065fa
20c746611e73d61b96d867c123847699572e0d13bf3a6823bcc2d956e9d4c0d6
22b3231e59d776f31161af44b04a744b9004ae1fac2b14e6405a97d27507a008
22ce8bdb090315b4f4f6f8c78f9c7cd2cf53962924d86761982fdb4e5dc3c2c2
24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f
26c512e9477c3eba1749a41323be44485a9b3a53e2cb6f14dafabc750a7f776d
26d127f27e68eb24704f93210ac87b36c92c2a9ef01d6a47dc0048dac9cfa23f
29d1e5cff2718260f00fc9012476253e8664c99287d2a1866886e65060deb4ad
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c24cbb1284038ad458c34d9f885fe9a4622cb5337d4254384f630fb9b48dfcf
2d0cdd09c5006ed29290e45afc7c2cd37751bb446e99fc5767252b5f0111be59
2f08025c18eab8673f7f960a21cba44a48aa0ce870ce96305a21d1c887b8be7e
32d9329d48ccd5a058fc1f4a6be8b010c4c9afb03d046ffe8a211ce474db2b6a
341c5d176dfcd3bd94a476a34fcb8be8f7d4c6d667ad95185c4d656f5ac9c9d5
395daa8d0ec9bd1d7922530074e8fbe6aaf2bd26191dc773c135cf6a3d029705
39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf
39cb45cdec9f9b9b863e331beff20776476ad3a77aa2c828a0aea8a0779044d9
3ac8d0769a3209e0f5078669a78ed7c20c6e1520734c23b6fd15f946f7861895
3b3f44e74412baa296267a5c6bdcaef3e06ba0ed23c662786b35b923a515180c
3c1e2aa923af814d09f8d42a64a31fa095164242a3b476b216951cf959df7d9c
3d49f3b6d0b55212e3a8d188be8bc0a4e84ead196d23ae8c535c5c04eb83ac8e
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
3ea06dea77b421db90da42160e691163836ef51e17aa1fd4669e1805e5291e21
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
43092d1165010edd3b00de12fb3c1e0687e540470d89e547d181e1ef4e2bb694
43c0fb93eabfe7c80adef9da1824d825a75927dd2d28274551b8e0e36e50da5e
43d83509dd8fda7412e53f2c81c13dce67f42a8d5731dad5d4a57a720b634a6a
467ea9255be185c790d0537e51145b7f3828f0e5d6c350d80ee48f21a2baa124
47c52cc923758f90e6e92f82d19e909e36bf000902e60047a27c84e8d0ccb73a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01
495ae15b7ea9c85d3bf79b70443e685e9185e94e179345a8637a16a147f54cfd
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5232ff2bcc1c6fb542e55ebb4d41413554cfe0681613a01799e2477bb9cac389
536550431ea6247d6ae10b550cedbac11f93d133b096e475bd1f3915bf4bb6dd
5561b0168139f470a7f53b9f11f838851d343cd3c09c25af0c9885d82d85d510
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
592de4e199b5d26c55c6f24e7fdb02080aba9305421b7190d2e2d5cbf874cd36
5973908152d2da6c720ac25de34e5a76daa60ba661dd1befc8dab84e987005a3
5ad4b93f0116490bf6d6b3cb8b6adaa354588c845b1f0994ce80456e5afb7d8c
5d11e8ffa177f0d0928cc9a9f28cfd8e2706dfa32d93008541cb26f2fa04ca60
5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5fd0406a9f1fa9ae65bc5ab523b7160d7c8a64383a51f520c25270697f3408a8
61a5bc4056a0cab35fde3bdad2f3f76444aa322f292ecaa1ae8734bef49e4581
631bbb9222aa4b34439b69e2988652ede383ca956d79eb5fa6a69e69854c2e5e
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
6986c4bd74aede5172574e0254fbce3ddb445c135dcf3d41c8af8bf8edde7a5e
6aa8093f92b4ebb8c5a083db689a2231ed086d33c640a69d136c7d8abf22e3c8
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
70d5e7aca1f4340b317eb66c3f7a0201cd4c417bea613a46f7989950f0a1fba1
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
73d7e52c552160d0265f12c7d6c523a3c646b6f831a8d677adb7a2c1d481f32a
75dc94286d9fd0993744876ce2c71d6f2a4a4592fc2a1f71a96559e418d84352
7677f73b08b762d4e3a9f4cdd367211094350f5111a40dc099697d94124b04a7
7846d72cd2af20d85e1c27032cd4a44f4c8c5b914a03ce9d56979b4376b24be6
798622f5f53245245cdf0f44468acdce4e537cd44c86e1f58b170ad253783ad5
7a7425d844b9582c4d0595dfcb216285c112683ba86ed98572b36daf3b93a169
7e528c1449a6cfc70975bfd57546d23b752a883a8ee9fcc3904d3af6548468ed
7f0e3823d56e753cf5f2fbe91a1d167ca59726c9cbb3c97f04f146beea32c0e6
8088d1aa0d0b0f7e062406dba15010d166d7303c04ebb407be952d50ee378752
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c
882e09e84100347579816f61badf4459092dc59beb26b9317a8f1312d6752b41
89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8c7eda2967b00bdf6a370cbaed77d757182c34f733277045a00e19193fafff6a
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e
8dd2fcd0919b8552fa24ea240e875bd8d0d2e04f9949d12dc18a605e7b063303
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92bfa0c40e4ac63bd4250520dc726bdb5f28bc45d2b420c07d6d1e0b726bd56b
935b7f7d141f2bea994d54b9d709d5f15ebb6bce6b73f02b1f59ee40df8eabcd
946e4dd225b51376533446d20da312e3a25554fba768e0e06f8da5d2b8d80036
95fb764d4a5e0045febd02f88e1c80b7958a6946696721e78c20f497b1e0ec7b
96885eb92fe4f03a59536aacb336a3a999876f8d311dca71e8e953726a61e644
98b70695436a371779c83521145a8f47d75488435a99af31957551d2c5122c96
9a5c3883eada0e4577732081b0979554f9c24570ec71bd766e9a2658e7703603
9ab6e4f17cb28892a00ee982b483ac79222bd8b945c226694e554af917e569df
9bccc337c264422750cff6f2b3c70a350a2a40e80766f11e3a16ecabc89ae4b1
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d0297d001e90af1cb9081ee9a40edebaa5584387e10732ffbd217281ba9b03f
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
a145e8cb30994054a87ba4ac07f8a49f55e2fbfcd3b689ef889eae0a2250bc37
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a469b4c7949c96cce86a741f3498f000e1fd64b2a6fff556579a6588acabf48a
a707dd8d9db227ea0ed7a0721ee26f3425db76d56611f8a287597f28da745cef
ad44888e6834dd14372d63691245513cda17cad9bb7f5ac9df10163ba83108f7
af8dec5faa0fea6c9debdd56b4c795b7c536334afcd1d9e014478712fb288ce7
b13c9daefcbfa434816cbf0a272da7a7887486cedbe40218e4234977e526854c
b244db5267a8a4f291e0c4a1e82ccbc4ae211e7b22cad2ca530d743397894151
b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b719e8b64d94bf16d44b5a331b9028f738286b49d00844a122a1f854ca9c1c2c
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bf8c217e6b5fed93e68518ddd25e1bedfbb683b1f9aa18f84b099677d0f79355
c080b771c7804511967c72072bd3228ce126f12edddb1a784d1fadae46b74955
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7261e1e739516b0d3bd919e73dd9b6a19cde0f868d315f84134f389ec5ac600
c7f5e3b0b3a282b46aa5bbd5e7952b90ce98d0d1d214b3308d9abb6053becd92
c8b4a8cd59b57a51bd5369e60620960e73af731c94ac51697407f6152fa79118
c9c0cfef39145e7473f09d950460309a29fbddcbe88830881aef4a0c16f5546b
cc3a58e6701f24c1474e3bae8a18e0dd194f5afb8eaac6eebeb0b6f7efbd5236
d03b85482d005248f184137ab739c6222882e5d76d0765757cd6313a2b90146a
d0e1118ebbde5c7e1b91ee1c3b745ef87c5518b00528fcc33cdf735c9e317f83
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d235817fea78de6229c249c291bce725593d5296790b9430ef3f97ec963679a7
d26ead62c04b7c1d9b9fe15ea7310d2c3ef4400a5c0a390e6c3a8ff4c5f381ec
d49ea099481e01f6c80d0098144b28710ed7e27ffadee7cdac797ed87ef5740b
d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9
d8a783e252ceb14237c76c14e552516b112795955f5491053f5e0c56c6e06c5a
db9ff4cde12468ee4def39092beef68a94523797d588f245067a96d943a01165
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de977fcb9f3bbb77f560e470d16c562f750fe99f8589dd3c7e5f84f3518991de
df05a5688e7ee2bd5223e90b377692e88e9e3348e49b609848efc10c150e28fb
e1140a55ecef7135519b9e726097736707528548fff7c79384085216bd65abd7
e2795aded1755123cbe59bba5a8348d2c8ea012c9021e56d3b532f176963950b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c
e6a6a0c2a744fc0d665244acab63b9ac3b43779414217bc62a7698e31d5471de
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e874735132d9ee43ec40c50da6ffa44b4bf13051a108a77dc686c1c782fa5dc8
eae9587fd982a18dc1cc3391201a06a8ce5efb066c62cc4f3003a901506269c2
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f1d691d09ce0090a6da571070f4404989f56b83bd51aa9c0076f1761f5888533
f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f988ef29bc7fd270f4f0d8ffa3d2c915050e5df509bb8123f95dfdfee4461bcd

helden.de Open in urlscan Pro 2606:4700:10::6816:4d41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

196 Requests

98 %HTTPS

45 %IPv6

18 Domains

23 Subdomains

20 IPs

3 Countries

4107 kBTransfer

8757 kBSize

12 Cookies

13 Outgoing links

Page URL History

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

helden.de Open in urlscan Pro
2606:4700:10::6816:4d41 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

98 %
HTTPS

45 %
IPv6

18
Domains

23
Subdomains

20
IPs

3
Countries

4107 kB
Transfer

8757 kB
Size

12
Cookies

196 HTTP transactions
2 data transactions