urlscan.io logo urlscan.io
SecurityTrails logo

demo.blog.xn--wirzahlendeinbugeld-ztb.de Open in urlscan Pro Puny
demo.blog.wirzahlendeinbußgeld.de IDN
95.179.157.29  Public Scan

Go To Rescan Add Verdict Report
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Submission: On March 08 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 39 HTTP transactions. The main IP is 95.179.157.29, located in United States and belongs to AS-CHOOPA, US. The main domain is demo.blog.xn--wirzahlendeinbugeld-ztb.de.
TLS certificate: Issued by R3 on March 7th 2021. Valid for: 3 months.
This is the only time demo.blog.xn--wirzahlendeinbugeld-ztb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    95.179.157.29 (United States)

ASN20473 (AS-CHOOPA, US)
PTR: 95.179.157.29.vultr.com
demo.blog.xn--wirzahlendeinbugeld-ztb.de
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    65.9.187.6 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.226.159.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-112.dus51.r.cloudfront.net
script.hotjar.com
5    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.226.159.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-3.dus51.r.cloudfront.net
vars.hotjar.com
1    151.101.128.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
1    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
17 demo.blog.xn--wirzahlendeinbugeld-ztb.de demo.blog.xn--wirzahlendeinbugeld-ztb.de
3 f.vimeocdn.com player.vimeo.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 i.vimeocdn.com player.vimeo.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.de demo.blog.xn--wirzahlendeinbugeld-ztb.de
1 www.google.com demo.blog.xn--wirzahlendeinbugeld-ztb.de
1 fresnel.vimeocdn.com f.vimeocdn.com
1 vimeo.com f.vimeocdn.com
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 player.vimeo.com demo.blog.xn--wirzahlendeinbugeld-ztb.de
1 static.hotjar.com demo.blog.xn--wirzahlendeinbugeld-ztb.de
1 stackpath.bootstrapcdn.com demo.blog.xn--wirzahlendeinbugeld-ztb.de
1 code.jquery.com demo.blog.xn--wirzahlendeinbugeld-ztb.de
1 www.googletagmanager.com demo.blog.xn--wirzahlendeinbugeld-ztb.de
1 fonts.googleapis.com demo.blog.xn--wirzahlendeinbugeld-ztb.de
39 18

This site contains no links.

Subject Issuer Validity Valid
demo.blog.xn--wirzahlendeinbugeld-ztb.de
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-08-07 -
2021-04-24		 9 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
fresnel.vimeocdn.com
GTS CA 1D2		 2021-01-16 -
2021-04-16		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Frame ID: 914E3B5C06A71D62AFA635761ACA8155
Requests: 30 HTTP requests in this frame

Frame: https://player.vimeo.com/video/421502615
Frame ID: 66CE59282A57069D1314DB65CBDE4332
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2C3BA86AA8275ABE54106A0FB0E66787
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

39
Requests

100 %
HTTPS

53 %
IPv6

13
Domains

18
Subdomains

17
IPs

4
Countries

1508 kB
Transfer

2467 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
demo.blog.xn--wirzahlendeinbugeld-ztb.de/ 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
b694c895c282d9cb8c5817f1d6ac7817b8980d65e565a66c0e6c400ac53d1d89

Request headers

Host
demo.blog.xn--wirzahlendeinbugeld-ztb.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
openresty
Date
Mon, 08 Mar 2021 00:59:20 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 03 Dec 2020 13:38:28 GMT
ETag
W/"5fc8ea54-6b92"
Content-Encoding
gzip
css2
fonts.googleapis.com/ 		3 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9b07f182a7010f77ebe9f05d09268aa07ffb435f4f6b15e37c442c49e01a60b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 00:46:45 GMT
server
ESF
date
Mon, 08 Mar 2021 00:59:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Mar 2021 00:59:20 GMT
bootstrap.min.css
demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/ 		152 KB
152 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/bootstrap.min.css
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-2606e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155758
style.css
demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/style.css
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
58f84d385aa92eb22cfdad7f658fe1af3f1e99e5bf5a61ebfd241a08e6f0b182

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Mon, 02 Nov 2020 08:30:53 GMT
Server
openresty
ETag
"5f9fc3bd-1f73"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8051
adaptive.css
demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/adaptive.css
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
ad691ebf3853345c6b89a0172c5656fcd714bcc5c182c1a2c6ff505b9703e7be

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-5da"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
icons.css
demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/icons.css
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
b68d47ddc3fe449d8a813793b0a3f01204a94eb9e6fbaec2ccba17c38de71f81

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-655"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1621
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-178644369-1
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f55abd44837f31cc19ad4bc80be39d302d297c24a2cf253d79602d7f1cb8501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39417
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Mar 2021 00:59:20 GMT
logo.svg
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/logo.svg
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
c907f389f829557ce6f4915327025a8f046c697ef22bea8e8c04d71cf55f190b

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Thu, 08 Oct 2020 18:38:42 GMT
Server
openresty
ETag
"5f7f5cb2-35fd"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13821
man.png
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		299 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/man.png
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
7153af9f743fd38c10c173ecb6bf1da588b19ebc31223c0b4f71b90dae64dc3f

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-4ac35"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
306229
schritt-1.jpg
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/schritt-1.jpg
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
7e0ce19331148ed4b72031a68e69cf08c430cf5a3cfba6a670369e5a9847ef95

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-f820"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63520
schritt-2.jpg
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/schritt-2.jpg
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
908ede59e0d7f031aa96f8dde570077adb66a8fcc0539982a9320c9be638c3f9

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-115cd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71117
schritt-3.jpg
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/schritt-3.jpg
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
d0dbb90a2e65e9c8f70041854a614c92c75906475e05c88cb87ac9bcf0df7a1c

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-1cf09"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118537
kunden-1.png
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/kunden-1.png
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
d3dd3415bb805fcd473e5fd7b96e3850dc4a374f018e038bde237bacd5bd0706

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-a1b4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41396
kunden-3.png
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/kunden-3.png
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
1d4dd8be5dae67ec5a99b2a3e3aa339ce13589e3f7ebaa5766a7845f431572c1

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-9c01"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39937
kunden-2.png
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/kunden-2.png
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
0e7291a2e0160ff345d77c1f273d591f866b2ebfdf45bc59fc18e73d9fee0bc6

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-ab4b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43851
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:20 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
etag
W/"5a637bd4-1111d"
vary
Accept-Encoding
x-hw
1615165160.dop212.fr8.t,1615165160.cds285.fr8.hn,1615165160.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
cdn-edgestorageid
723, 617
access-control-allow-origin
*
cdn-cachedat
2021-03-04 14:45:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08b0f194d6000053644eb72000000001
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
598e4704e45e2574f5ed17ec942f9f5c
cf-ray
62c81ece2cea5364-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
hotjar-2003861.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2003861.js?sv=6
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eedce931158b083052a2d5358e39c70bdf2e1338236da2b5c5f8c5c17654e00e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
12
etag
W/53007fe5063a2dbfc878e8b19eeabb9c
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZAG50-C1
content-length
1820
via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
x-amz-cf-id
fczPW1BSv1bzpE3fxI7Q-trOYjnBJ4I4BrYGiMojeoZG1CS5KMW30g==
421502615
player.vimeo.com/video/ Frame 66CE 		15 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/421502615
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de26e9a30d908faf4cde92866c806cf183f30a32d97b074412d2f22634a0a224
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/

Response headers

Connection
keep-alive
Content-Length
10291
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Mon, 08 Mar 2021 01:09:09 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-2
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Mon, 08 Mar 2021 00:59:20 GMT
Age
0
X-Served-By
cache-fra19161-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1615165161.686474,VS0,VE107
Vary
Accept-Encoding
X-Player-Backend
p
youtube.svg
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/youtube.svg
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
57b562286136fbbb7abeebfc9835e3cedcf2179d3482bea86a140c17cde6c444

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-581"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1409
quote-img.png
demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/ 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/img/quote-img.png
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
22eb9544a3af9df8edb0ba1da04e99276d71224350dfce70cab208c078dd7225

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-32a1e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207390
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:28:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
138643
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Sun, 06 Mar 2022 10:28:37 GMT
icomoon.ttf
demo.blog.xn--wirzahlendeinbugeld-ztb.de/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/fonts/icomoon.ttf?v86i31
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/icons.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
1665add616d09960c1380c4c4e82fcdb154124d147da157c7b6e80cd2b9809b4

Request headers

Origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/icons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Tue, 29 Sep 2020 11:52:43 GMT
Server
openresty
ETag
"5f73200b-1f88"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8072
BebasNeue.ttf
demo.blog.xn--wirzahlendeinbugeld-ztb.de/fonts/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/fonts/BebasNeue.ttf
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.179.157.29 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.157.29.vultr.com
Software
openresty /
Resource Hash
8c6b9d4587002e47891b0d7dd66e37b5ecb6c61d0d571144d9e7dce03b6661f2

Request headers

Origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 00:59:20 GMT
Last-Modified
Mon, 02 Nov 2020 08:30:53 GMT
Server
openresty
ETag
"5f9fc3bd-e118"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57624
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
278275
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
modules.33a772c48beaa5222edf.js
script.hotjar.com/ 		217 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.33a772c48beaa5222edf.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2003861.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-112.dus51.r.cloudfront.net
Software
/
Resource Hash
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 16:20:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
203952
x-cache
Hit from cloudfront
content-length
58652
access-control-allow-origin
*
last-modified
Fri, 05 Mar 2021 16:19:37 GMT
etag
"a93d27db17b2296071120e76a2ccbea0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
czqzf752jULlTRz5xRO0s1ukausUJB7WfWLoCpuWrLjyjEfKPAAN2g==
975071218.jpg
i.vimeocdn.com/video/ Frame 66CE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/975071218.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/421502615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a06c163b8f1674acd564c3b4344440ad903920ab30f9711244fd0cacf9a1575c

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:20 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
2132147
etag
ba35a26418f93d553a5039cbd356dab4
x-served-by
cache-dfw18667-DFW, cache-fra19141-FRA
x-cache
miss, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-timer
S1615165161.909390,VS0,VE0
x-backend-server
varnish
content-length
1029
viewmaster-server
viewmaster-us-central1-4mjh
x-cache-hits
1, 2
player.js
f.vimeocdn.com/p/3.24.17/js/ Frame 66CE 		612 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.24.17/js/player.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/421502615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
199dd00b539a14db6dabe80e285db52e3dcaaf129ff7cc282f39eba7e5f777f4

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:20 GMT
via
1.1 varnish, 1.1 varnish
age
193552
x-guploader-uploadid
ABg5-UwdmwlakD3gUYbdwcmuS_JJM0SEKfxL47C9aQitwL0TQUpwNqmkaZU0WvboTI1hIQ1-uX4BGcuvy_JVHcuT5Mc2DQWvFw
x-cache
HIT, HIT
content-encoding
br
content-length
147458
x-served-by
cache-bwi5120-BWI, cache-fra19144-FRA
last-modified
Fri, 05 Mar 2021 17:54:32 GMT
server
UploadServer
x-timer
S1615165161.911625,VS0,VE0
etag
"cf8eea28b20d00c89836662b7978e650"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
2, 43956
player.css
f.vimeocdn.com/p/3.24.17/css/ Frame 66CE 		159 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.24.17/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/421502615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6b6b4128d463875ca45df804c0c952487c94745bce3430cd0d05d92c588df58e

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:20 GMT
via
1.1 varnish, 1.1 varnish
age
193552
x-guploader-uploadid
ABg5-UzKxZ3IjJ4j2UCBNXs8dSHPhpA8oEJCQaVTRUUcY8ukhXKxAjYZrT7loHtNFHEAMLa3W02TUepti22HLTzQ6lcgXS9uHA
x-cache
MISS, HIT
content-encoding
br
content-length
17422
x-served-by
cache-bwi5165-BWI, cache-fra19144-FRA
last-modified
Fri, 05 Mar 2021 17:54:33 GMT
server
UploadServer
x-timer
S1615165161.911516,VS0,VE0
etag
"1b221a32a53bd052faa1978e63d43ae6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 89037
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 66CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/421502615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
5eb2a7e57775f9c1d99a0ac3a75ff94fd893c56703b6b15e40e14c31ccf9b3ad

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:20 GMT
content-encoding
gzip
age
21616300
x-cache
HIT, HIT
x-cache-hits
1, 131951
content-length
1215
x-served-by
cache-bwi5132-BWI, cache-fra19144-FRA
last-modified
Tue, 30 Jun 2020 18:34:52 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1615165161.911630,VS0,VE0
etag
"a51-5a9516e540b00"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
x-vimeo-dc
ge
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jun 2030 20:27:40 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178644369-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3404
date
Mon, 08 Mar 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 08 Mar 2021 02:02:36 GMT
collect
www.google-analytics.com/j/ 		2 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=24840644&t=pageview&_s=1&dl=https%3A%2F%2Fdemo.blog.xn--wirzahlendeinbugeld-ztb.de%2F&ul=en-us&de=UTF-8&dt=Ihre%20Kunden%20zahlen%20nicht%20%7C%20offene%20Rechnungen%20%7C%20teure%20Anw%C3%A4lte&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1672506212&gjid=1664829187&cid=1008140381.1615165161&tid=UA-178644369-1&_gid=1551992342.1615165161&_r=1&gtm=2ou2o0&z=819336232
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:59:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-178644369-1&cid=1008140381.1615165161&jid=1672506212&gjid=1664829187&_gid=1551992342.1615165161&_u=IEBAAUAAAAAAAC~&z=885968488
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 00:59:20 GMT
content-type
text/plain
access-control-allow-origin
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2C3B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2003861.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-3.dus51.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
wr0NU6MUVwAAjE7Y2HhxHe0KSZbXDvI9z9SvCnYfofQJUlgHYm4hzw==
age
9014297
vuid
vimeo.com/ablincoln/ Frame 66CE 		0
790 B 		Other
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=19250e7cfab89211e02f10c9f04ae84e352fa58e1615165160
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5135-BWI, cache-fra19132-FRA
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1615165161.973653,VS0,VE111
X-Frame-Options
sameorigin
Date
Mon, 08 Mar 2021 00:59:21 GMT
Vary
User-Agent
Expires
Sun, 07 Mar 2021 12:59:21 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v8866-hmb9x
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
975071218.webp
i.vimeocdn.com/video/ Frame 66CE 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/975071218.webp
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/421502615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f6ea540f6578a221f5b3498c73864c12f30a26f9c230dae117303ac37551b15

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 00:59:21 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
884349
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
9756
viewmaster-server
viewmaster-us-central1-2njt
x-served-by
cache-dfw18669-DFW, cache-fra19141-FRA
x-timer
S1615165161.004216,VS0,VE0
etag
c60cd0d8ebfd7c6edbb1f68b79a69d16
x-viewmaster-webp-format
lossy
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 2
player-stats
fresnel.vimeocdn.com/add/ Frame 66CE 		0
110 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=19250e7cfab89211e02f10c9f04ae84e352fa58e1615165160
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.24.17/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 08 Mar 2021 00:59:21 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-178644369-1&cid=1008140381.1615165161&jid=1672506212&_u=IEBAAUAAAAAAAC~&z=733825784
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:59:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-178644369-1&cid=1008140381.1615165161&jid=1672506212&_u=IEBAAUAAAAAAAC~&z=733825784
Requested by
Host: demo.blog.xn--wirzahlendeinbugeld-ztb.de
URL: https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://demo.blog.xn--wirzahlendeinbugeld-ztb.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 00:59:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| hj object| _hjSettings function| queryForm function| gtag object| dataLayer function| $ function| jQuery object| bootstrap object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| registration

7 Cookies

Domain/Path Name / Value
.xn--wirzahlendeinbugeld-ztb.de/ Name: _hjFirstSeen
Value: 1
.xn--wirzahlendeinbugeld-ztb.de/ Name: _hjTLDTest
Value: 1
.xn--wirzahlendeinbugeld-ztb.de/ Name: _gat_gtag_UA_178644369_1
Value: 1
.xn--wirzahlendeinbugeld-ztb.de/ Name: _gid
Value: GA1.2.1551992342.1615165161
.vimeo.com/ Name: vuid
Value: pl706277771.598484957
.xn--wirzahlendeinbugeld-ztb.de/ Name: _hjid
Value: 1045bb8b-e3a4-44e6-8f4d-f6737086c7b2
.xn--wirzahlendeinbugeld-ztb.de/ Name: _ga
Value: GA1.2.1008140381.1615165161

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
demo.blog.xn--wirzahlendeinbugeld-ztb.de
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
player.vimeo.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vimeo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.226.159.112
13.226.159.3
151.101.12.217
151.101.128.217
151.101.14.109
2001:4de0:ac19::1:b:1b
2606:4700::6812:bcf
2a00:1450:4001:800::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9c
34.120.202.204
65.9.187.6
95.179.157.29
0e7291a2e0160ff345d77c1f273d591f866b2ebfdf45bc59fc18e73d9fee0bc6
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1665add616d09960c1380c4c4e82fcdb154124d147da157c7b6e80cd2b9809b4
199dd00b539a14db6dabe80e285db52e3dcaaf129ff7cc282f39eba7e5f777f4
1d4dd8be5dae67ec5a99b2a3e3aa339ce13589e3f7ebaa5766a7845f431572c1
22eb9544a3af9df8edb0ba1da04e99276d71224350dfce70cab208c078dd7225
2f6ea540f6578a221f5b3498c73864c12f30a26f9c230dae117303ac37551b15
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57b562286136fbbb7abeebfc9835e3cedcf2179d3482bea86a140c17cde6c444
58f84d385aa92eb22cfdad7f658fe1af3f1e99e5bf5a61ebfd241a08e6f0b182
5eb2a7e57775f9c1d99a0ac3a75ff94fd893c56703b6b15e40e14c31ccf9b3ad
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6b6b4128d463875ca45df804c0c952487c94745bce3430cd0d05d92c588df58e
7153af9f743fd38c10c173ecb6bf1da588b19ebc31223c0b4f71b90dae64dc3f
7e0ce19331148ed4b72031a68e69cf08c430cf5a3cfba6a670369e5a9847ef95
7f55abd44837f31cc19ad4bc80be39d302d297c24a2cf253d79602d7f1cb8501
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8c6b9d4587002e47891b0d7dd66e37b5ecb6c61d0d571144d9e7dce03b6661f2
908ede59e0d7f031aa96f8dde570077adb66a8fcc0539982a9320c9be638c3f9
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
a06c163b8f1674acd564c3b4344440ad903920ab30f9711244fd0cacf9a1575c
ad691ebf3853345c6b89a0172c5656fcd714bcc5c182c1a2c6ff505b9703e7be
b68d47ddc3fe449d8a813793b0a3f01204a94eb9e6fbaec2ccba17c38de71f81
b694c895c282d9cb8c5817f1d6ac7817b8980d65e565a66c0e6c400ac53d1d89
c907f389f829557ce6f4915327025a8f046c697ef22bea8e8c04d71cf55f190b
d0dbb90a2e65e9c8f70041854a614c92c75906475e05c88cb87ac9bcf0df7a1c
d3dd3415bb805fcd473e5fd7b96e3850dc4a374f018e038bde237bacd5bd0706
d9b07f182a7010f77ebe9f05d09268aa07ffb435f4f6b15e37c442c49e01a60b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de26e9a30d908faf4cde92866c806cf183f30a32d97b074412d2f22634a0a224
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eedce931158b083052a2d5358e39c70bdf2e1338236da2b5c5f8c5c17654e00e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629