urlscan.io logo urlscan.io
SecurityTrails logo

www.xn--heizundsanitrportal-rwb.com Open in urlscan Pro Puny
www.heizundsanitärportal.com IDN
2606:4700:7::a29f:8046  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--heizundsanitrportal-rwb.com/
Effective URL: https://www.xn--heizundsanitrportal-rwb.com/
Submission Tags: suspect
Submission: On June 19 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2606:4700:7::a29f:8046, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xn--heizundsanitrportal-rwb.com.
TLS certificate: Issued by E5 on June 15th 2024. Valid for: 3 months.
This is the only time www.xn--heizundsanitrportal-rwb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.159.128.70 13335 (CLOUDFLAR...)
1 3 2606:4700:7::... 13335 (CLOUDFLAR...)
6 2a04:4e42:400... 54113 (FASTLY)
5 104.18.27.217 13335 (CLOUDFLAR...)
10 54.171.97.194 16509 (AMAZON-02)
1 3.255.10.234 16509 (AMAZON-02)
2 162.159.129.70 13335 (CLOUDFLAR...)
26 6
1    162.159.128.70 (None, )

ASN13335 (CLOUDFLARENET, US)
xn--heizundsanitrportal-rwb.com
3    2606:4700:7::a29f:8046 (United States)

ASN13335 (CLOUDFLARENET, US)
www.xn--heizundsanitrportal-rwb.com
6    2a04:4e42:400::591 (United States)

ASN54113 (FASTLY, US)
jimdo-dolphin-static-assets-prod.freetls.fastly.net
jimdo-storage.freetls.fastly.net
5    104.18.27.217 (None, )

ASN13335 (CLOUDFLARENET, US)
fonts.jimstatic.com
10    54.171.97.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
at.prod.jimdo.systems
1    3.255.10.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-10-234.eu-west-1.compute.amazonaws.com
dolphin-unsplash-tracking.prod.jimdo.systems
2    162.159.129.70 (None, )

ASN13335 (CLOUDFLARENET, US)
www.xn--heizundsanitrportal-rwb.com
Apex Domain
Subdomains		 Transfer
11 jimdo.systems
at.prod.jimdo.systems — Cisco Umbrella Rank: 261698
dolphin-unsplash-tracking.prod.jimdo.systems
2 KB
6 fastly.net
jimdo-dolphin-static-assets-prod.freetls.fastly.net — Cisco Umbrella Rank: 332330
jimdo-storage.freetls.fastly.net — Cisco Umbrella Rank: 305939
2 MB
6 xn--heizundsanitrportal-rwb.com
xn--heizundsanitrportal-rwb.com
www.xn--heizundsanitrportal-rwb.com
27 KB
5 jimstatic.com
fonts.jimstatic.com — Cisco Umbrella Rank: 105988
68 KB
26 4
Domain Requested by
10 at.prod.jimdo.systems jimdo-dolphin-static-assets-prod.freetls.fastly.net
5 fonts.jimstatic.com www.xn--heizundsanitrportal-rwb.com
fonts.jimstatic.com
5 www.xn--heizundsanitrportal-rwb.com 1 redirects www.xn--heizundsanitrportal-rwb.com
3 jimdo-storage.freetls.fastly.net www.xn--heizundsanitrportal-rwb.com
3 jimdo-dolphin-static-assets-prod.freetls.fastly.net www.xn--heizundsanitrportal-rwb.com
1 dolphin-unsplash-tracking.prod.jimdo.systems jimdo-dolphin-static-assets-prod.freetls.fastly.net
1 xn--heizundsanitrportal-rwb.com 1 redirects
26 7

This site contains no links.

Subject Issuer Validity Valid
www.xn--heizundsanitrportal-rwb.com
E5		 2024-06-15 -
2024-09-13		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-09 -
2024-12-10		 a year crt.sh
fonts.jimstatic.com
E1		 2024-05-20 -
2024-08-18		 3 months crt.sh
prod.jimdo.systems
Amazon RSA 2048 M02		 2023-12-05 -
2025-01-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.xn--heizundsanitrportal-rwb.com/
Frame ID: E9BC372E1ADD1FE909C6449FE2A7C879
Requests: 24 HTTP requests in this frame

Frame: https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 1892C43F69BAA48F15015A3C3569915E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Heiz & Sanitär Portal

Page URL History Show full URLs

  1. http://xn--heizundsanitrportal-rwb.com/ HTTP 307
    https://xn--heizundsanitrportal-rwb.com/ HTTP 301
    https://www.xn--heizundsanitrportal-rwb.com/ Page URL

Page Statistics

26
Requests

96 %
HTTPS

29 %
IPv6

4
Domains

7
Subdomains

6
IPs

3
Countries

1980 kB
Transfer

4449 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--heizundsanitrportal-rwb.com/ HTTP 307
    https://xn--heizundsanitrportal-rwb.com/ HTTP 301
    https://www.xn--heizundsanitrportal-rwb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xn--heizundsanitrportal-rwb.com/
Redirect Chain
  • http://xn--heizundsanitrportal-rwb.com/
  • https://xn--heizundsanitrportal-rwb.com/
  • https://www.xn--heizundsanitrportal-rwb.com/
49 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8046 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a63d10ff5fc190028dd32ebee676df0c3bc4339bbf817f08e14b77084920abe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://challenges.cloudflare.com https://iframe.jimcdn.com https://googleads.g.doubleclick.net https://www.paypal.com https://js.stripe.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline' https://www.youtube.com https://www.youtube-nocookie.com *.googletagmanager.com *.google-analytics.com https://www.googleadservices.com https://www.google.com https://connect.facebook.net https://www.facebook.com/signals/iwl.js; connect-src 'self' *.jimdo.systems https://fonts.jimstatic.com https://storage.jimdosite.com https://cms-backend.jimdosite.com https://www.paypal.com https://eu-api.friendlycaptcha.eu *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google.com https://adservice.google.com https://www.facebook.com https://graph.facebook.com; frame-src https://challenges.cloudflare.com https://accounts.google.com https://calendar.google.com https://docs.google.com https://www.google.com https://iframe.jimcdn.com https://js.stripe.com https://www.paypal.com https://open.spotify.com https://embed.music.apple.com https://embed-standalone.spotify.com https://embed.podcasts.apple.com https://www.youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://vimeo.com https://bandcamp.com https://w.soundcloud.com https://www.dailymotion.com https://assets.pinterest.com *.typeform.com https://drive.google.com https://www.facebook.com https://www.canva.com; img-src https://i.ytimg.com https://www.google.com https://www.google.de https://www.google.fr https://www.google.it https://www.google.es https://www.google.nl https://www.google.be https://www.google.ch https://www.google.at https://www.google.ca https://www.google.co.uk https://www.google.com.au https://www.google.ie https://www.google.co.jp https://www.google.co.nz 'self' data: https://jimdo-storage.freetls.fastly.net https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://t.paypal.com https://www.paypalobjects.com https://i.vimeocdn.com *.mzstatic.com *.googletagmanager.com *.google-analytics.com https://googleads.g.doubleclick.net https://www.google.com https://www.facebook.com; style-src 'self' https://fonts.jimstatic.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline'; frame-ancestors 'self' *.jimdo.com jimdo.com; font-src https://fonts.jimstatic.com; object-src 'none'; worker-src 'self' blob:

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
89658addc950912e-FRA
content-encoding
br
content-language
de
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://challenges.cloudflare.com https://iframe.jimcdn.com https://googleads.g.doubleclick.net https://www.paypal.com https://js.stripe.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline' https://www.youtube.com https://www.youtube-nocookie.com *.googletagmanager.com *.google-analytics.com https://www.googleadservices.com https://www.google.com https://connect.facebook.net https://www.facebook.com/signals/iwl.js; connect-src 'self' *.jimdo.systems https://fonts.jimstatic.com https://storage.jimdosite.com https://cms-backend.jimdosite.com https://www.paypal.com https://eu-api.friendlycaptcha.eu *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google.com https://adservice.google.com https://www.facebook.com https://graph.facebook.com; frame-src https://challenges.cloudflare.com https://accounts.google.com https://calendar.google.com https://docs.google.com https://www.google.com https://iframe.jimcdn.com https://js.stripe.com https://www.paypal.com https://open.spotify.com https://embed.music.apple.com https://embed-standalone.spotify.com https://embed.podcasts.apple.com https://www.youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://vimeo.com https://bandcamp.com https://w.soundcloud.com https://www.dailymotion.com https://assets.pinterest.com *.typeform.com https://drive.google.com https://www.facebook.com https://www.canva.com; img-src https://i.ytimg.com https://www.google.com https://www.google.de https://www.google.fr https://www.google.it https://www.google.es https://www.google.nl https://www.google.be https://www.google.ch https://www.google.at https://www.google.ca https://www.google.co.uk https://www.google.com.au https://www.google.ie https://www.google.co.jp https://www.google.co.nz 'self' data: https://jimdo-storage.freetls.fastly.net https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://t.paypal.com https://www.paypalobjects.com https://i.vimeocdn.com *.mzstatic.com *.googletagmanager.com *.google-analytics.com https://googleads.g.doubleclick.net https://www.google.com https://www.facebook.com; style-src 'self' https://fonts.jimstatic.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline'; frame-ancestors 'self' *.jimdo.com jimdo.com; font-src https://fonts.jimstatic.com; object-src 'none'; worker-src 'self' blob:
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 18:22:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
89658adc3b26bbd8-WAW
content-length
167
content-type
text/html
date
Wed, 19 Jun 2024 18:22:04 GMT
expires
Wed, 19 Jun 2024 19:22:04 GMT
location
https://www.xn--heizundsanitrportal-rwb.com/
server
cloudflare
vary
Accept-Encoding
a5814dc53c612c628f1a.css
jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/ 		127 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/a5814dc53c612c628f1a.css
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7db23af7bbe267ff247d91a005675a98f66d5210f372f734b6b0131f01a491c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id
37V9653B3Y2SEmKAvKqAPyUnzTPuEyrL
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 19 Jun 2024 18:22:04 GMT
x-amz-request-id
P9RW48MCJ616DMEZ
age
1695945
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
27706
x-amz-id-2
FZEldCvWnonZmNucC9XIDNIepf/+mMddm8u3waXBzw7aCYk1runRy/z7fsiXSZ4ExTM2UB6/ZLw=
x-served-by
cache-fra-eddf8230086-FRA, cache-cph2320029-CPH
last-modified
Tue, 14 May 2024 12:35:17 GMT
x-timer
S1718821325.685158,VS0,VE0
etag
"c450845361c738088d29b5f431bcfa0e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1958498, 98
css
fonts.jimstatic.com/ 		3 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?display=swap&family=Playfair+Display:700,900
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6507e3a5bce8cd54834334e648950650c275b1d10b506a226de721cf2fa511
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Wed, 19 Jun 2024 18:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cf-ray
89658adf5d813530-WAW
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
timing-allow-origin
*
expires
Wed, 19 Jun 2024 18:22:04 GMT
css
fonts.jimstatic.com/ 		2 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/css?display=swap&family=Ek+Mukta:400,700
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7432a4d1ef3fb1079d766a1ff799056102178d2637100eaf7bf4da51916d4ac0
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Wed, 19 Jun 2024 18:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cf-ray
89658adf5d833530-WAW
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
timing-allow-origin
*
expires
Wed, 19 Jun 2024 18:22:04 GMT
DE.svg
jimdo-dolphin-static-assets-prod.freetls.fastly.net/cms/assets/country_flags/ 		186 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/cms/assets/country_flags/DE.svg
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
595d7718f6a22e5ea9de0cbbcabd857ac1892f4a6c81beb1ef936050193d9323

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id
WAceq0qvHhZrHiB8laiBzLUNoIZfgtjw
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 19 Jun 2024 18:22:04 GMT
x-amz-request-id
NXJ83Z8RQGZH9FAQ
age
5686
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
151
x-amz-id-2
rPpzm/bjjXeRvWMZlNIK9khRU1TN9fqTS12sd+v4zHFamRjtO7aYqK3pNNq9NIdHo34kwOy86R8=
x-served-by
cache-fra-eddf8230043-FRA, cache-cph2320029-CPH
last-modified
Wed, 22 May 2024 10:14:42 GMT
x-timer
S1718821325.685302,VS0,VE1
etag
"cfed9f984610e26dac5ff281c0329bcc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
86512, 0
58404e4d01bb787e4644.js
jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/ 		3 MB
813 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9236a64f6682c4a17132555fb4333bb050d790c746533bb8393fc30eb2df572

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id
a6W1peM4PCd4VfbmEEUvc_txepw.mXRJ
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 19 Jun 2024 18:22:04 GMT
x-amz-request-id
RFG4T47W0MF78SAQ
age
644233
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
832073
x-amz-id-2
jkKWLck2LEWpUvmmnkL/euuLtFTjO57oMBJwouGsQsL9aD7zyjSSrmOF62XQtgcjaKcK5f+nsqE=
x-served-by
cache-fra-eddf8230083-FRA, cache-cph2320029-CPH
last-modified
Wed, 12 Jun 2024 07:15:02 GMT
x-timer
S1718821325.685305,VS0,VE1
etag
"56e65abea242534705bf10871d2ad705"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
135, 1
mem9YaCmzCuv3KJUDIYScrg0V8Bs.woff2
fonts.jimstatic.com/s/ekmukta/v23/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/ekmukta/v23/mem9YaCmzCuv3KJUDIYScrg0V8Bs.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?display=swap&family=Ek+Mukta:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e089f5b87cb3612745d65a99412fe6f63da6d653edd67b508230a888deaf26e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
Origin
https://www.xn--heizundsanitrportal-rwb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13604
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:20:28 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89658ae15abe4184-AMS
expires
Sat, 14 Jun 2025 14:14:16 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.jimstatic.com/s/playfairdisplay/v37/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?display=swap&family=Playfair+Display:700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d700c3704d0bc47784014976d40d39c099481996f94881b94974724e3e02d1c3
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
Origin
https://www.xn--heizundsanitrportal-rwb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
38340
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:13:13 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89658ae15ac14184-AMS
expires
Sat, 14 Jun 2025 19:39:27 GMT
770ce8fb-b469-4eb3-b9c1-b42e077ab2ab.png
jimdo-storage.freetls.fastly.net/image/465174002/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jimdo-storage.freetls.fastly.net/image/465174002/770ce8fb-b469-4eb3-b9c1-b42e077ab2ab.png?quality=80,90&auto=webp&disable=upscale&width=1024&height=1024&trim=0,0,0,0
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae6eaab2135b3bfc811c56caf5e0ca05f98482352ff20e87262c115a2084d109
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 19 Jun 2024 18:22:04 GMT
fastly-io-served-by
vpop-etou8240192
age
335810
x-cache
HIT, MISS
fastly-io-info
ifsz=193739 idim=1024x1024 ifmt=png ofsz=134306 odim=1024x1024 ofmt=webp
fastly-stats
io=1
content-length
134306
x-served-by
cache-fra-etou8220138-FRA, cache-cph2320029-CPH
referrer-policy
same-origin
x-timer
S1718821325.882191,VS0,VE16
etag
"bKVu1uq/mcqojxvAJk5IPPmRQzXXf6kC1GUE7Q8NTRM"
x-frame-options
DENY
vary
Accept
content-language
de
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=31536000,public
accept-ranges
bytes
x-cache-hits
14, 0
bfbb898d-74a7-4f94-840b-607798561b20.jpg
jimdo-storage.freetls.fastly.net/image/ 		590 KB
590 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jimdo-storage.freetls.fastly.net/image/bfbb898d-74a7-4f94-840b-607798561b20.jpg?format=pjpg&quality=80,90&auto=webp&disable=upscale&width=1702&height=2560
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
245f8c4bca88e4c8c818cb2b278991388d3362c7a5d85a9c4da66fcecb5b7685
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 19 Jun 2024 18:22:04 GMT
fastly-io-served-by
vpop-etou8240192
age
116423
x-cache
HIT, MISS
fastly-io-info
ifsz=934848 idim=2000x3008 ifmt=jpeg ofsz=603986 odim=1702x2560 ofmt=webp
fastly-stats
io=1
content-length
603986
x-served-by
cache-fra-eddf8230147-FRA, cache-cph2320029-CPH
referrer-policy
same-origin
x-timer
S1718821325.882100,VS0,VE20
etag
"+q6k7IR0PM1HbqKiQMbBfkhjWAmueS6B25GRDbo5BQg"
x-frame-options
DENY
vary
Accept
content-language
de
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=31536000,public
accept-ranges
bytes
x-cache-hits
4, 0
98974866-495e-41eb-bd60-dbf23b63ecab.jpg
jimdo-storage.freetls.fastly.net/image/ 		320 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jimdo-storage.freetls.fastly.net/image/98974866-495e-41eb-bd60-dbf23b63ecab.jpg?format=pjpg&quality=80,90&auto=webp&disable=upscale&width=1600&height=1280
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44a8214859204bcee21a249dfb5d91136b8eb19a753f3b72dc228974cdb30257
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 19 Jun 2024 18:22:04 GMT
fastly-io-served-by
vpop-etou8240196
age
210877
x-cache
HIT, MISS
fastly-io-info
ifsz=9126549 idim=3872x3098 ifmt=jpeg ofsz=328096 odim=1600x1280 ofmt=webp
fastly-stats
io=1
content-length
328096
x-served-by
cache-fra-etou8220150-FRA, cache-cph2320029-CPH
referrer-policy
same-origin
x-timer
S1718821325.882087,VS0,VE17
etag
"mrZnmecT+8CFMOvaMCTyzjBO0DB6wzB+s3dBkuxHgm0"
x-frame-options
DENY
vary
Accept
content-language
en
access-control-allow-origin
*
content-type
image/webp
cache-control
max-age=31536000,public
accept-ranges
bytes
x-cache-hits
1, 0
anon
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/anon
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/cf
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
anon
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/anon
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf
at.prod.jimdo.systems/ 		0
135 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/cf
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
PBdh9KA2EEA,-Ifr1HGFeW8
dolphin-unsplash-tracking.prod.jimdo.systems/view/ 		16 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dolphin-unsplash-tracking.prod.jimdo.systems/view/PBdh9KA2EEA,-Ifr1HGFeW8
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.255.10.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-255-10-234.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-origin
*
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
content-length
16
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
content-type
application/json; charset=utf-8
anon
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/anon
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/cf
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
mem6YaCmzCuv3KJUDI6pV60Zdc1GAK6b.woff2
fonts.jimstatic.com/s/ekmukta/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.jimstatic.com/s/ekmukta/v23/mem6YaCmzCuv3KJUDI6pV60Zdc1GAK6b.woff2
Requested by
Host: fonts.jimstatic.com
URL: https://fonts.jimstatic.com/css?display=swap&family=Ek+Mukta:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dac0b0ecd7dc455104f3bb1cb35f23687dc61a041a27b6e1396f26caee6e8e4
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
Origin
https://www.xn--heizundsanitrportal-rwb.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14132
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:20:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89658ae1aafe4184-AMS
expires
Sun, 15 Jun 2025 01:39:22 GMT
anon
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/anon
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/cf
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
main.js
www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 1892
Redirect Chain
  • https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Protocol
H2
Server
2606:4700:7::a29f:8046 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c13fb1752a546fc45856372e9c56798d2b334a215139525fd615164cd0682e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Wed, 19 Jun 2024 18:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89658ae26a61912e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 19 Jun 2024 18:22:05 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
89658ae21994912e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
anon
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/anon
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf
at.prod.jimdo.systems/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://at.prod.jimdo.systems/cf
Requested by
Host: jimdo-dolphin-static-assets-prod.freetls.fastly.net
URL: https://jimdo-dolphin-static-assets-prod.freetls.fastly.net/renderer/static/58404e4d01bb787e4644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.97.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-97-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xn--heizundsanitrportal-rwb.com
date
Wed, 19 Jun 2024 18:22:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
favicon.ico
www.xn--heizundsanitrportal-rwb.com/ 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.xn--heizundsanitrportal-rwb.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.129.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74d1cee4f98f5977e3f333a36cd918db43ef0673461a2e722bb08a7e671cc09
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://challenges.cloudflare.com https://iframe.jimcdn.com https://googleads.g.doubleclick.net https://www.paypal.com https://js.stripe.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline' https://www.youtube.com https://www.youtube-nocookie.com *.googletagmanager.com *.google-analytics.com https://www.googleadservices.com https://www.google.com https://connect.facebook.net https://www.facebook.com/signals/iwl.js; connect-src 'self' *.jimdo.systems https://fonts.jimstatic.com https://storage.jimdosite.com https://cms-backend.jimdosite.com https://www.paypal.com https://eu-api.friendlycaptcha.eu *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google.com https://adservice.google.com https://www.facebook.com https://graph.facebook.com; frame-src https://challenges.cloudflare.com https://accounts.google.com https://calendar.google.com https://docs.google.com https://www.google.com https://iframe.jimcdn.com https://js.stripe.com https://www.paypal.com https://open.spotify.com https://embed.music.apple.com https://embed-standalone.spotify.com https://embed.podcasts.apple.com https://www.youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://vimeo.com https://bandcamp.com https://w.soundcloud.com https://www.dailymotion.com https://assets.pinterest.com *.typeform.com https://drive.google.com https://www.facebook.com https://www.canva.com; img-src https://i.ytimg.com https://www.google.com https://www.google.de https://www.google.fr https://www.google.it https://www.google.es https://www.google.nl https://www.google.be https://www.google.ch https://www.google.at https://www.google.ca https://www.google.co.uk https://www.google.com.au https://www.google.ie https://www.google.co.jp https://www.google.co.nz 'self' data: https://jimdo-storage.freetls.fastly.net https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://t.paypal.com https://www.paypalobjects.com https://i.vimeocdn.com *.mzstatic.com *.googletagmanager.com *.google-analytics.com https://googleads.g.doubleclick.net https://www.google.com https://www.facebook.com; style-src 'self' https://fonts.jimstatic.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline'; frame-ancestors 'self' *.jimdo.com jimdo.com; font-src https://fonts.jimstatic.com; object-src 'none'; worker-src 'self' blob:

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Wed, 19 Jun 2024 18:22:05 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://challenges.cloudflare.com https://iframe.jimcdn.com https://googleads.g.doubleclick.net https://www.paypal.com https://js.stripe.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline' https://www.youtube.com https://www.youtube-nocookie.com *.googletagmanager.com *.google-analytics.com https://www.googleadservices.com https://www.google.com https://connect.facebook.net https://www.facebook.com/signals/iwl.js; connect-src 'self' *.jimdo.systems https://fonts.jimstatic.com https://storage.jimdosite.com https://cms-backend.jimdosite.com https://www.paypal.com https://eu-api.friendlycaptcha.eu *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google.com https://adservice.google.com https://www.facebook.com https://graph.facebook.com; frame-src https://challenges.cloudflare.com https://accounts.google.com https://calendar.google.com https://docs.google.com https://www.google.com https://iframe.jimcdn.com https://js.stripe.com https://www.paypal.com https://open.spotify.com https://embed.music.apple.com https://embed-standalone.spotify.com https://embed.podcasts.apple.com https://www.youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://vimeo.com https://bandcamp.com https://w.soundcloud.com https://www.dailymotion.com https://assets.pinterest.com *.typeform.com https://drive.google.com https://www.facebook.com https://www.canva.com; img-src https://i.ytimg.com https://www.google.com https://www.google.de https://www.google.fr https://www.google.it https://www.google.es https://www.google.nl https://www.google.be https://www.google.ch https://www.google.at https://www.google.ca https://www.google.co.uk https://www.google.com.au https://www.google.ie https://www.google.co.jp https://www.google.co.nz 'self' data: https://jimdo-storage.freetls.fastly.net https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://t.paypal.com https://www.paypalobjects.com https://i.vimeocdn.com *.mzstatic.com *.googletagmanager.com *.google-analytics.com https://googleads.g.doubleclick.net https://www.google.com https://www.facebook.com; style-src 'self' https://fonts.jimstatic.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline'; frame-ancestors 'self' *.jimdo.com jimdo.com; font-src https://fonts.jimstatic.com; object-src 'none'; worker-src 'self' blob:
content-encoding
br
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=utf-8
content-language
de
cf-ray
89658ae27de3bbd6-WAW
alt-svc
h3=":443"; ma=86400
89658addc950912e
www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1892 		0
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/h/g/jsd/r/89658addc950912e
Requested by
Host: www.xn--heizundsanitrportal-rwb.com
URL: https://www.xn--heizundsanitrportal-rwb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.129.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
application/json

Response headers

date
Wed, 19 Jun 2024 18:22:05 GMT
server
cloudflare
cf-ray
89658ae34f3abbd6-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| __dolphin_environment__ object| webpackChunkwebsite_renderer function| _fs_ready function| _ boolean| VimeoPlayerResizeEmbeds_ object| Modernizr object| DD_LOGS object| DD_RUM boolean| CKIES_OPTIN function| gaOptout object| jimdoDolphinData

3 Cookies

Domain/Path Name / Value
.www.xn--heizundsanitrportal-rwb.com/ Name: __cfruid
Value: 8d2e5a5240b22e7857ec0b04497972ea672ee65c-1718821325
.www.xn--heizundsanitrportal-rwb.com/ Name: cf_clearance
Value: OD642brcl4KPCtt0zbTvhhpXGLdjIzkGOhOpZkZJyIw-1718821325-1.0.1.1-PLG3O1_KI6go3q_czV3yQQFz2I7MdHhpXgDcr8vZA435LRN3mcgZD8GPJ1PtV6crxQ6Gdx8EL3cOzu8NDNs1kg
.www.xn--heizundsanitrportal-rwb.com/ Name: __cf_bm
Value: lfEM71Bn3NXpdGKFcPPq8AhQfOcoQMlOMAmFsp2keGU-1718821325-1.0.1.1-1XsFv1KJwH0dwomJary.R7iiVaJ7JIhzybLS535XMmcPuhCDNPCoiLNHLeLzBJD.lxfdE_iMXh4iRNbVug9VZA

1 Console Messages

Source Level URL
Text
network error URL: https://www.xn--heizundsanitrportal-rwb.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://challenges.cloudflare.com https://iframe.jimcdn.com https://googleads.g.doubleclick.net https://www.paypal.com https://js.stripe.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline' https://www.youtube.com https://www.youtube-nocookie.com *.googletagmanager.com *.google-analytics.com https://www.googleadservices.com https://www.google.com https://connect.facebook.net https://www.facebook.com/signals/iwl.js; connect-src 'self' *.jimdo.systems https://fonts.jimstatic.com https://storage.jimdosite.com https://cms-backend.jimdosite.com https://www.paypal.com https://eu-api.friendlycaptcha.eu *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google.com https://adservice.google.com https://www.facebook.com https://graph.facebook.com; frame-src https://challenges.cloudflare.com https://accounts.google.com https://calendar.google.com https://docs.google.com https://www.google.com https://iframe.jimcdn.com https://js.stripe.com https://www.paypal.com https://open.spotify.com https://embed.music.apple.com https://embed-standalone.spotify.com https://embed.podcasts.apple.com https://www.youtube.com https://www.youtube-nocookie.com https://player.vimeo.com https://vimeo.com https://bandcamp.com https://w.soundcloud.com https://www.dailymotion.com https://assets.pinterest.com *.typeform.com https://drive.google.com https://www.facebook.com https://www.canva.com; img-src https://i.ytimg.com https://www.google.com https://www.google.de https://www.google.fr https://www.google.it https://www.google.es https://www.google.nl https://www.google.be https://www.google.ch https://www.google.at https://www.google.ca https://www.google.co.uk https://www.google.com.au https://www.google.ie https://www.google.co.jp https://www.google.co.nz 'self' data: https://jimdo-storage.freetls.fastly.net https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://t.paypal.com https://www.paypalobjects.com https://i.vimeocdn.com *.mzstatic.com *.googletagmanager.com *.google-analytics.com https://googleads.g.doubleclick.net https://www.google.com https://www.facebook.com; style-src 'self' https://fonts.jimstatic.com https://jimdo-dolphin-static-assets-prod.freetls.fastly.net https://crm-nextjs-frontend.prod.jimdo.systems 'unsafe-inline'; frame-ancestors 'self' *.jimdo.com jimdo.com; font-src https://fonts.jimstatic.com; object-src 'none'; worker-src 'self' blob:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.prod.jimdo.systems
dolphin-unsplash-tracking.prod.jimdo.systems
fonts.jimstatic.com
jimdo-dolphin-static-assets-prod.freetls.fastly.net
jimdo-storage.freetls.fastly.net
www.xn--heizundsanitrportal-rwb.com
xn--heizundsanitrportal-rwb.com
104.18.27.217
162.159.128.70
162.159.129.70
2606:4700:7::a29f:8046
2a04:4e42:400::591
3.255.10.234
54.171.97.194
0a63d10ff5fc190028dd32ebee676df0c3bc4339bbf817f08e14b77084920abe
245f8c4bca88e4c8c818cb2b278991388d3362c7a5d85a9c4da66fcecb5b7685
25c13fb1752a546fc45856372e9c56798d2b334a215139525fd615164cd0682e
2e089f5b87cb3612745d65a99412fe6f63da6d653edd67b508230a888deaf26e
44a8214859204bcee21a249dfb5d91136b8eb19a753f3b72dc228974cdb30257
595d7718f6a22e5ea9de0cbbcabd857ac1892f4a6c81beb1ef936050193d9323
7432a4d1ef3fb1079d766a1ff799056102178d2637100eaf7bf4da51916d4ac0
8c6507e3a5bce8cd54834334e648950650c275b1d10b506a226de721cf2fa511
8dac0b0ecd7dc455104f3bb1cb35f23687dc61a041a27b6e1396f26caee6e8e4
ae6eaab2135b3bfc811c56caf5e0ca05f98482352ff20e87262c115a2084d109
c9236a64f6682c4a17132555fb4333bb050d790c746533bb8393fc30eb2df572
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d700c3704d0bc47784014976d40d39c099481996f94881b94974724e3e02d1c3
d74d1cee4f98f5977e3f333a36cd918db43ef0673461a2e722bb08a7e671cc09
d7db23af7bbe267ff247d91a005675a98f66d5210f372f734b6b0131f01a491c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855