urlscan.io logo urlscan.io
SecurityTrails logo

www.startfenster.de Open in urlscan Pro
87.230.43.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sm.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.s...
Effective URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.s...
Submission: On January 04 via manual from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 25 HTTP transactions. The main IP is 87.230.43.108, located in Cologne, Germany and belongs to GD-EMEA-DC-CGN1, DE. The main domain is www.startfenster.de. The Cisco Umbrella rank of the primary domain is 843800.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on November 23rd 2023. Valid for: a year.
This is the only time www.startfenster.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 87.230.43.108 34011 (GD-EMEA-D...)
4 2a00:1288:110... 34010 (YAHOO-IRD)
1 66.211.163.66 11643 (EBAY)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2a01:4f8:13b:... 24940 (HETZNER-AS)
1 2606:2800:133... 15133 (EDGECAST)
2 2620:1ec:46::63 8075 (MICROSOFT...)
1 212.82.100.137 34010 (YAHOO-IRD)
1 13.107.5.80 8068 (MICROSOFT...)
1 20.10.16.51 8075 (MICROSOFT...)
1 20.42.65.90 8075 (MICROSOFT...)
25 11
11    87.230.43.108 (Cologne, Germany)

ASN34011 (GD-EMEA-DC-CGN1, DE)
PTR: vwp2854.webpack.hosteurope.de
www.sm.de
www.startfenster.de
4    2a00:1288:110:c104::2000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
search.yahoo.com
1    66.211.163.66 (United States)

ASN11643 (EBAY, US)
PTR: explorer43-public-rnoaz05-1-1.ebay.com
epnt.ebay.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    2a01:4f8:13b:192e:2:2:ffff:2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
www.thinksuggest.org
api.thinksuggest.org
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
msadsscale.azureedge.net
2    2620:1ec:46::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    212.82.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: ats1.l7.search.vip.ir2.yahoo.com
xmlp.search.yahoo.com
1    13.107.5.80 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api.bing.com
1    20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
z.clarity.ms
1    20.42.65.90 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
10 startfenster.de
www.startfenster.de — Cisco Umbrella Rank: 843800
115 KB
5 yahoo.com
search.yahoo.com — Cisco Umbrella Rank: 3714
xmlp.search.yahoo.com — Cisco Umbrella Rank: 41847
3 KB
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1280
z.clarity.ms — Cisco Umbrella Rank: 12767
26 KB
2 thinksuggest.org
www.thinksuggest.org — Cisco Umbrella Rank: 194120
api.thinksuggest.org — Cisco Umbrella Rank: 140787
38 KB
1 microsoft.com
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 665
262 B
1 bing.com
api.bing.com — Cisco Umbrella Rank: 23127
2 KB
1 azureedge.net
msadsscale.azureedge.net — Cisco Umbrella Rank: 45389
24 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 876
4 KB
1 ebay.com
epnt.ebay.com — Cisco Umbrella Rank: 92206
312 KB
1 sm.de
www.sm.de
322 B
25 10
Domain Requested by
10 www.startfenster.de www.startfenster.de
4 search.yahoo.com www.startfenster.de
msadsscale.azureedge.net
2 www.clarity.ms s.yimg.com
www.clarity.ms
1 browser.pipe.aria.microsoft.com msadsscale.azureedge.net
1 z.clarity.ms www.clarity.ms
1 api.bing.com www.startfenster.de
1 api.thinksuggest.org www.startfenster.de
1 xmlp.search.yahoo.com www.startfenster.de
1 msadsscale.azureedge.net s.yimg.com
1 www.thinksuggest.org www.startfenster.de
1 s.yimg.com www.startfenster.de
1 epnt.ebay.com www.startfenster.de
1 www.sm.de 1 redirects
25 13
Subject Issuer Validity Valid
*.startfenster.de
AlphaSSL CA - SHA256 - G4		 2023-11-23 -
2024-12-24		 a year crt.sh
*.answers.search.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2024-03-13		 6 months crt.sh
epnt.ebay.at
Sectigo RSA Organization Validation Secure Server CA		 2023-06-02 -
2024-06-01		 a year crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-12 -
2024-01-31		 2 months crt.sh
thinksuggest.org
R3		 2023-11-25 -
2024-02-23		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-10-02 -
2024-09-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Frame ID: 1043E176F714A5EA4778DC9C0B3C9011
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Startfenster - Suchen

Page URL History Show full URLs

  1. http://www.sm.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Cc... HTTP 302
    https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Cc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

45 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

524 kB
Transfer

876 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sm.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer HTTP 302
    https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.startfenster.de/
Redirect Chain
  • http://www.sm.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
  • https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
1e6093cd54878923babe3dfd8de972653bbfc4a5b610cb4efbc691b29c0ef9cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4336
Content-Type
text/html
Date
Thu, 04 Jan 2024 14:29:05 GMT
Link
</styles/merged.css>; rel=preload; as=style </scripts/jquery.addons.merged.js>; rel=preload; as=script </scripts/std.js>; rel=preload; as=script
Server
Apache
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Thu, 04 Jan 2024 14:29:04 GMT
Location
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Server
Apache
merged.css
www.startfenster.de/styles/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.startfenster.de/styles/merged.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
7690fd93a3094a5adfa0375488ec8adf3f005c85ceab378884048f6f86f76cb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Dec 2022 19:39:15 GMT
Server
Apache
ETag
"83f3-5eec9604c3ec0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6493
Expires
Fri, 03 Jan 2025 14:29:05 GMT
jquery.addons.merged.js
www.startfenster.de/scripts/ 		243 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.startfenster.de/scripts/jquery.addons.merged.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
4b1c13692fe1d29db86f8e41cffa9c05b24d71056d2cfe1f73a2eccd4626e3c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Dec 2022 20:04:22 GMT
Server
Apache
ETag
"3cdea-5eec9ba1f3d80-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 03 Jan 2025 14:29:05 GMT
std.js
www.startfenster.de/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.startfenster.de/scripts/std.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
d6b6f1cad5a191369fc75c60f7145db62ecb6c5bde251828533b39801f5f9188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 May 2022 16:03:10 GMT
Server
Apache
ETag
"2073-5de1da52ada2e-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2419
Expires
Fri, 03 Jan 2025 14:29:05 GMT
jquery.js
www.startfenster.de/scripts/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.startfenster.de/scripts/jquery.js
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jan 2016 13:46:00 GMT
Server
Apache
ETag
"169d5-52a5105b4b600-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32775
Expires
Fri, 03 Jan 2025 14:29:05 GMT
user-check.php
www.startfenster.de/ 		116 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.startfenster.de/user-check.php?t=1704378544
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
0571ccbe8ce14be4e7aac4adb149da9108cd07b3a17082a7035a47bce89b70c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
Date
Thu, 04 Jan 2024 14:29:05 GMT
Cache-Control
max-age=31536000
Server
Apache
Connection
keep-alive
Content-Length
116
Expires
Fri, 03 Jan 2025 14:29:05 GMT
ico-search3.png
www.startfenster.de/images/ 		400 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.startfenster.de/images/ico-search3.png
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
03bd0e8f47ed758b171af8478f4c3579450e7cdc45cada6cdeaf6fda9d0ca587

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Last-Modified
Thu, 01 Dec 2022 20:21:13 GMT
Server
Apache
ETag
"190-5eec9f661e040"
Vary
Accept
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
400
p
search.yahoo.com/beacon/geop/ 		43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.yahoo.com/beacon/geop/p?s=1197774733&ysid=5F8EDAEF59FC471C&traffic_source=foxload_xml_de_syndication_sm
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 14:29:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, enforce
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
x-xss-protection
1; mode=block; report=https://csp.search.yahoo.com/xssreport
monetize.js
www.startfenster.de/ta/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.startfenster.de/ta/js/monetize.js
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
89af39c8593788cc8c941cc8f5bf57e5b0bbb557532e746d1e4ec7b75ef417ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Sep 2023 08:11:36 GMT
Server
Apache
ETag
"7ae-60666db4f8cd1-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
947
Expires
Fri, 03 Jan 2025 14:29:05 GMT
epn-smart-tools.js
epnt.ebay.com/static/ 		312 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epnt.ebay.com/static/epn-smart-tools.js
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
66.211.163.66 , United States, ASN11643 (EBAY, US),
Reverse DNS
explorer43-public-rnoaz05-1-1.ebay.com
Software
ebay-proxy-server /
Resource Hash
857075124920461f613c54d237c90a9a28a9c561b73fdc089691e01295da69d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:29:05 GMT
last-modified
Wed, 06 Dec 2023 18:03:06 GMT
server
ebay-proxy-server
x-ebay-pop-id
SLBRNOAZ05
etag
W/"4debf-18c404c3790"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-envoy-upstream-service-time
21
accept-ranges
bytes
content-length
319167
selectTier-v1.1.0.js
s.yimg.com/ds/scripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ds/scripts/selectTier-v1.1.0.js
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
d6493de2836dfed6346058e83ed668ca1304e6413147a4b93eb96865770d2be1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Thu, 04 Jan 2024 14:28:58 GMT
x-amz-version-id
Xz7tbkZQJ1_BUq38B1zdO70C2IR.aqrd
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
CQP8VH7SDBR6FJXH
age
8
x-amz-server-side-encryption
AES256
content-length
3121
x-amz-id-2
D09ZI1VJrUTc6KUbP2C6906UAye5U/Lb/w43ffy0ArZmU/FR6TfLwSvG/DyCgJaqWmOxlxs6pAk=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Dec 2023 23:28:42 GMT
server
ATS
etag
"f8e670e2092bd07a4201872b35c7a583-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=60
accept-ranges
bytes
monetize.php
www.startfenster.de/ta/ 		2 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.startfenster.de/ta/monetize.php
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/ta/js/monetize.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Server
Apache
Connection
keep-alive
Content-Length
2
Content-Type
text/html
ico-search2.png
www.startfenster.de/images/ 		532 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.startfenster.de/images/ico-search2.png
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/styles/merged.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
87.230.43.108 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE),
Reverse DNS
vwp2854.webpack.hosteurope.de
Software
Apache /
Resource Hash
f1df699aa92db4cca3c0b300310058cf720ce8392881a473829b00b5a54288ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/styles/merged.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:05 GMT
Last-Modified
Thu, 01 Dec 2022 20:21:13 GMT
Server
Apache
ETag
"214-5eec9f661e040"
Vary
Accept
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
532
suggest-min.js
www.thinksuggest.org/simple/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thinksuggest.org/simple/suggest-min.js
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/scripts/std.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:13b:192e:2:2:ffff:2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
5b039213f76015524e3bbac6c40a259f840e57223bbbe1f5a952739077fb02eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 14:29:06 GMT
Last-Modified
Fri, 05 Jun 2020 12:39:06 GMT
Server
nginx
ETag
"5eda3cea-971e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38686
telemetryJS.js
msadsscale.azureedge.net/bingads/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msadsscale.azureedge.net/bingads/telemetryJS.js
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ds/scripts/selectTier-v1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB6) /
Resource Hash
9b96785caddd3fcf6dd30f45f9c2c8214f6c8af4a5990b7568479768673a5764

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 04 Jan 2024 14:29:06 GMT
content-encoding
gzip
content-md5
uB61HRLl3gTTrtY3FXXo1w==
age
41033
x-cache
HIT
content-length
23890
x-ms-lease-status
unlocked
last-modified
Thu, 07 Sep 2023 03:03:04 GMT
server
ECAcc (frc/4CB6)
etag
0x8DBAF4EF443499B
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
7a3e1be3-501e-0052-2bba-3ef2d0000000
access-control-expose-headers
content-length
x-ms-version
2009-09-19
h9h3no6nrn
www.clarity.ms/tag/ 		514 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/h9h3no6nrn
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/ds/scripts/selectTier-v1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
91a3b070b8daad496afa0631c36a31438eebb8c86f5228881023da83c458a003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
-1
date
Thu, 04 Jan 2024 14:29:06 GMT
x-azure-ref
20240104T142906Z-yqx31qygh54vz726un1g5r7un40000000090000000001zkv
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
514
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
p
search.yahoo.com/beacon/geop/ 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.yahoo.com/beacon/geop/p?s=1197774733&c_int1=0&c_str1=&c_str2=https%3A%2F%2Fwww.startfenster.de%2F%3Fq%3D%255BDienstag%2B11%253A02%255D%2BStefan%2BViktoria%2BB.A.%250A%255C%255Cbbaustria.at%255CCS%255Ccs_daten%255CUser%255Cv.stefan%255CVertr%25C3%25A4ge%255CNeue_MA_CS%255CSommer&ysid=5F8EDAEF59FC471C&traffic_source=foxload_xml_de_syndication_sm&ms_clarityid=h9h3no6nrn&c_int2=2
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 14:29:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, enforce
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
x-xss-protection
1; mode=block; report=https://csp.search.yahoo.com/xssreport
p
xmlp.search.yahoo.com/beacon/geop/ 		43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xmlp.search.yahoo.com/beacon/geop/p?s=1197774733&c_int1=0&c_str1=&c_str2=https%3A%2F%2Fwww.startfenster.de%2F%3Fq%3D%255BDienstag%2B11%253A02%255D%2BStefan%2BViktoria%2BB.A.%250A%255C%255Cbbaustria.at%255CCS%255Ccs_daten%255CUser%255Cv.stefan%255CVertr%25C3%25A4ge%255CNeue_MA_CS%255CSommer&ysid=5F8EDAEF59FC471C&traffic_source=foxload_xml_de_syndication_sm&ms_clarityid=h9h3no6nrn&c_int2=1
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.82.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
ats1.l7.search.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 14:29:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, enforce
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
x-xss-protection
1; mode=block; report=https://csp.search.yahoo.com/xssreport
p
search.yahoo.com/beacon/geop/ 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://search.yahoo.com/beacon/geop/p?c_str1=sbai&s=1197774733&ms_cid=415D6591AD8E4183A6A7B5C7C95A3454&ms_iguid=0AC84B46AB2FD86E65E1482F9EE499FB
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 14:29:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, enforce
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
x-xss-protection
1; mode=block; report=https://csp.search.yahoo.com/xssreport
/
api.thinksuggest.org/ 		1 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.thinksuggest.org/?b=aG93IGFyZSB5b3UgdG9kYXkg6D3d7026266d6F3d2D31266361703D3326756C3d656e2675633d7573267069643D616D64652673756269643d737461727466656e737465722E64652666633D=
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:13b:192e:2:2:ffff:2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 04 Jan 2024 14:29:06 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/h9h3no6nrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:29:06 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 15:51:12 GMT
etag
W/"0x8DC0C73CFCC02AC"
vary
Accept-Encoding
x-azure-ref
20240104T142906Z-yqx31qygh54vz726un1g5r7un40000000090000000001zmr
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
927452cc-301e-003f-37f1-3ee678000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
osjson.aspx
api.bing.com/ 		208 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bing.com/osjson.aspx?JsonType=callback&JsonCallback=TLbxResponseHandler&query=%5BDienstag%2011%3A02%5D%20Stefan%20Viktoria%20B.A.%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer&mkt=en-US&_=1704378546665
Requested by
Host: www.startfenster.de
URL: https://www.startfenster.de/?q=%5BDienstag+11%3A02%5D+Stefan+Viktoria+B.A.%0A%5C%5Cbbaustria.at%5CCS%5Ccs_daten%5CUser%5Cv.stefan%5CVertr%C3%A4ge%5CNeue_MA_CS%5CSommer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.5.80 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d7d324e12da086354dc6412699d83b3d5ebd582d20a5fa1045fb3ce6f8e2bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:29:06 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EDFBAD5EDE7D4FBD92D4FC63905F7319 Ref B: AMS04EDGE3215 Ref C: 2024-01-04T14:29:06Z
vary
Accept-Encoding
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-PwcDxldpf5IrlKgap7kkRiSyC0eq6k/iE2KZFMCAy1A='; base-uri 'self';report-to csp-endpoint
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
content-type
application/x-javascript; charset=utf-8
x-eventid
6596c0b2e63748a082756901b27831f8
cache-control
public, max-age=300
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache
CONFIG_NOCACHE
content-length
166
1
search.yahoo.com/beacon/syndi/sbai/gq/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.yahoo.com/beacon/syndi/sbai/gq/1?Type=Event.CPT&Data=%7B%22pp%22:%7B%22S%22:%22L%22%7D%7D&CID=415D6591AD8E4183A6A7B5C7C95A3454&IG=0AC84B46AB2FD86E65E1482F9EE499FB
Requested by
Host: msadsscale.azureedge.net
URL: https://msadsscale.azureedge.net/bingads/telemetryJS.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:29:06 GMT
x-msedge-features
allexpusers,holdrankermuidq,prektpcachewc,cdwp3p2cf,prerrqpaatrigpq_t,previdfbcnrevt_c,elechowtotrt2,elechowtoww,elecvote,orcapreelectionv4,cbsnrblue,dupdemotet6,hidedefaulttf,hidedefaultadicon,logdefaulticon,larml1eslthocf,extadexp13cf,jpadexp13cf,kradexp13cf,largeesltitml1taho,ruadexp13cf,disboptaconvis,rx96342,rslgwtr2,rslgwitem3,rslgwnotitle,rslgwsibutitle,tfcpdv4t1,urgew6rc2z,monetizedrav2,atopfldp,rwmqs,rwmqsrav2,cdxfixcoretopads-prod,algovericonbeurlmlmoplicf,preqbrstrt,alsotrybluehoverbigtf,qbqsblue106ebe,qbqshover,prerrmrspar-cf,titlehovcolt1,hovercolortf,hvcol8e24aa,2coldeeplink10tf,dlcolnosup,dldesktoponecol0,dltrigdomprod,prealgolearnft7,imgclgoverlaycf,rcptfsscas1cf,pa-textcolortrt1,priceclrgreen,algogenrnprocf,arbprgrnmlsscl,arbruleenablecf,arbrulegenrncf,cdx0212bops0,cdx1119backoss0,be_exp_103cf,dcth02,factscontentdis0,factsdrop3,factssahara6,scadssup,sccf,scrrcf,scrrexp,scrrtrigger,scrrtriggerb,sctaskpanev2cf,sctpv4,ddp_w_alg4,pagerecodedup,pagerecom13,pgrcck20,pgrcddpw4,cdx1212mem,sydchatset,sydopcmemdefadcst2,sydoppmemdefadcst2,sydoptmemmidlat,sydpsncst,sydpsnset,sydtrdset,sydupdage,threadscon,toneopts,usefastapiscf,arbhhrstop3cmp,arbhhboprs,arbhhrsfeat,arbhhrstop3,arbrsmntzblhh,nobrsnottl,marb1cldltrunc3,arb1cldltrunc3,arbdl3mlad,arbdl3mladmob,dl1coltrunc,mobdl1coltrunc,wpcstappp,head-btmnone1px-t,headnobtmbgcl,pdsuseekglob,prorichnavahtf,pagerecopro,proalgocollapse,promrichnav,iconsrec,presuprcgbbydpcnt3
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 301B6A38610A487A9FB9D54B4CB9A07B Ref B: DB3EDGE3208 Ref C: 2024-01-04T14:29:06Z
age
0
server
ATS
expect-ct
max-age=31536000, enforce
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-msedge-flight
preallocation=allexpusers,muidflt98=holdrankermuidq,flt19=prektpcachewc,flt2=cdwp3p2cf,flt24=prerrqpaatrigpq_t,flt28=previdfbcnrevt_c,flt30=elechowtotrt2,flt31=cbsnrblue,flt35=dupdemotet6,flt40=hidedefaulttf,flt44=larml1eslthocf,flt49=disboptaconvis,flt53=rx96342,flt59=rslgwtr2,rel6=tfcpdv4t1,muidflt297=urgew6rc2z,rewards2=monetizedrav2,monetization10=cdxfixcoretopads-prod,monetization11=algovericonbeurlmlmoplicf,monetization12=preqbrstrt,monetization15=alsotrybluehoverbigtf,wpo2=prerrmrspar-cf,wpo3=titlehovcolt1,algoblock2=2coldeeplink10tf,algoblock4=prealgolearnft7,algoblock7=imgclgoverlaycf,algoblock10=rcptfsscas1cf,monetization18=pa-textcolortrt1,monetization19=algogenrnprocf,syd_ux2=cdx0212bops0,syd_infra2=cdx1119backoss0,supercaption-backend=be_exp_103cf,webreco-fresh=ddp_w_alg4,sydney_flux2=cdx1212mem,panesquad23=usefastapiscf,wpo7=arbhhrstop3cmp,wpo8=marb1cldltrunc3,monetization31=head-btmnone1px-t,monetization32=pdsuseekglob,monetization33=prorichnavahtf,algoblockux1=iconsrec,regular1=presuprcgbbydpcnt3
content-length
0
x-xss-protection
1; mode=block; report=https://csp.search.yahoo.com/xssreport
collect
z.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.startfenster.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.startfenster.de
Date
Thu, 04 Jan 2024 14:29:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=b4af23a6865f491b88747559ad276216-9e6672f8-7ad8-4438-b111-db77c35cd118-7129
Requested by
Host: msadsscale.azureedge.net
URL: https://msadsscale.azureedge.net/bingads/telemetryJS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.startfenster.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 14:29:07 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
521
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
kill-tokens, kill-duration-seconds, time-delta-millis
access-control-allow-headers
Accept, Content-Type, Content-Encoding, Client-Id
content-length
0

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| DP_jQuery_1704378545181 function| doInitAutosuggest string| XMLPlusSTObject function| selectTier object| jQuery19109612619940716665 object| linkElements object| links object| xhr string| params function| doMonetize object| _epn boolean| plaDeferPageLoad object| pla object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| TLbx function| clarity function| initTelemetryJS string| $language string| ExistingTLDs object| TLdemocases number| TLbxRefreshCalls function| TSparseJson function| TLgetBestProtocol function| TSisIE function| TLbx_refresh function| TLbxCustom function| TLbxDecodeHtml function| TLbxGetInpValue function| TLbxResponseHandler function| TLvarchk function| TLck function| TLbxD function| TLbxLeftTrim function| TLbxF1 function| TLcomposePS function| TLbxBoldTerm function| BoldTermStringToSPANobject function| TLremoveProto function| TLbxAddDomain function| TLbxAddText object| UserInputIsDomain function| TLbx_update number| TSspinningID function| TLbxClk function| buildSerpUrl function| TLbx_updateUnderlay function| TLbx_submit function| TLbxGetInp function| TLbxF function| TLbxFcursor function| TLallowedToBeExecuted function| TLbxinit function| TLd function| TLeasydemo function| TLinsertDom function| TLfinishInit function| TLinitializeEventListeners function| TLacsResize function| TLbx_focusManager_HideIfNoBoxContentFocussed function| TLbxDisp function| TLbx_focusManager function| TLgetPosition function| TLlogging function| TLbx_arrowkeyProcessor function| TLcurrentTimeMS function| TLbx_directDomainJump function| TLbx_acsScroll function| TLdnsprefetch function| TLbx_reset function| TLmouseMoveTimekeeper function| TLprewarmCaches function| TLprewarmCacheWorker function| TShash function| TSisJson function| TLescapeRegExp function| TLlog function| TLbtoa function| TLstr2hex function| TLgetUrlParam function| TLgetXHR string| merkmal

7 Cookies

Domain/Path Name / Value
www.startfenster.de/ Name: user_check_flag
Value: 1
.bing.com/ Name: MUID
Value: 312D8A1C248661931FED99E0256B601D
.bing.com/ Name: SRCHD
Value: AF=NOFORM
.bing.com/ Name: SRCHUID
Value: V=2&GUID=6464439E691F4391BF6D69ED473336D1&dmnchg=1
.bing.com/ Name: SRCHUSR
Value: DOB=20240104
.bing.com/ Name: SRCHHPGUSR
Value: SRCHLANG=de
.bing.com/ Name: _SS
Value: SID=3DB80483F1F9600D1B67177FF01461DB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bing.com
api.thinksuggest.org
browser.pipe.aria.microsoft.com
epnt.ebay.com
msadsscale.azureedge.net
s.yimg.com
search.yahoo.com
www.clarity.ms
www.sm.de
www.startfenster.de
www.thinksuggest.org
xmlp.search.yahoo.com
z.clarity.ms
13.107.5.80
20.10.16.51
20.42.65.90
212.82.100.137
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:46::63
2a00:1288:110:c104::2000
2a00:1288:80:807::2
2a01:4f8:13b:192e:2:2:ffff:2
66.211.163.66
87.230.43.108
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03bd0e8f47ed758b171af8478f4c3579450e7cdc45cada6cdeaf6fda9d0ca587
0571ccbe8ce14be4e7aac4adb149da9108cd07b3a17082a7035a47bce89b70c2
1e6093cd54878923babe3dfd8de972653bbfc4a5b610cb4efbc691b29c0ef9cf
3d7d324e12da086354dc6412699d83b3d5ebd582d20a5fa1045fb3ce6f8e2bb1
4b1c13692fe1d29db86f8e41cffa9c05b24d71056d2cfe1f73a2eccd4626e3c5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5b039213f76015524e3bbac6c40a259f840e57223bbbe1f5a952739077fb02eb
7690fd93a3094a5adfa0375488ec8adf3f005c85ceab378884048f6f86f76cb9
857075124920461f613c54d237c90a9a28a9c561b73fdc089691e01295da69d3
89af39c8593788cc8c941cc8f5bf57e5b0bbb557532e746d1e4ec7b75ef417ce
91a3b070b8daad496afa0631c36a31438eebb8c86f5228881023da83c458a003
9b96785caddd3fcf6dd30f45f9c2c8214f6c8af4a5990b7568479768673a5764
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d6493de2836dfed6346058e83ed668ca1304e6413147a4b93eb96865770d2be1
d6b6f1cad5a191369fc75c60f7145db62ecb6c5bde251828533b39801f5f9188
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1df699aa92db4cca3c0b300310058cf720ce8392881a473829b00b5a54288ee