plu.de Open in urlscan Pro
167.71.36.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.plu.de/Personalvermittlung
Effective URL:
https://plu.de/top-assistant/hire
Submission: On November 17 via api (November 17th 2023, 7:06:21 am UTC) from ES — Scanned from DE

Summary HTTP 28 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 167.71.36.172, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is plu.de.
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.

This is the only time plu.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	167.71.36.172 167.71.36.172	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	34.102.149.160 34.102.149.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.224.29 34.102.224.29	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
28	4

16 167.71.36.172 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.plu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.102.149.160 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.149.102.34.bc.googleusercontent.com

www.provenexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.224.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.224.102.34.bc.googleusercontent.com

images.provenexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	plu.de 2 redirects www.plu.de plu.de	340 KB
14	provenexpert.com www.provenexpert.com — Cisco Umbrella Rank: 165751 images.provenexpert.com — Cisco Umbrella Rank: 235879	180 KB
28	2

	Domain	Requested by
15	plu.de	1 redirects plu.de
13	www.provenexpert.com	plu.de www.provenexpert.com
1	images.provenexpert.com
1	www.plu.de	1 redirects
28	4

This site contains links to these domains. Also see Links.

Domain
www.provenexpert.com
www.facebook.com
twitter.com
www.linkedin.com
outlook.office365.com
www.plu.de

Subject Issuer	Validity	Valid
plu.de R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
www.provenexpert.com GTS CA 1D4	`2023-10-31` - `2024-01-29`	3 months	crt.sh
developer.provenexpert.com GTS CA 1D4	`2023-09-21` - `2023-12-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://plu.de/top-assistant/hire
Frame ID: 3389CA2400D56A89649DCD1A96EEC7E2
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wir finden Ihre ideale Assistenz. | PLU - Tuning für den Chef

Page URL History Show full URLs

https://www.plu.de/Personalvermittlung HTTP 301
https://plu.de/Personalvermittlung HTTP 301
https://plu.de/top-assistant/hire Page URL

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

ProvenExpert (Widgets) Expand

Overall confidence: 100%
Detected patterns

provenexpert\.\w+/widget

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

520 kB
Transfer

817 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.provenexpert.com/plu-top-assistant/?utm_source=Widget&utm_medium=Widget&utm_campaign=Widget
Title: Client feedback

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tunningchefundassistenz

Search URL Search Domain Scan URL

URL: https://twitter.com/PLUGruppe

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/plu-campus/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/susanna-castillo/
Title: .cls-1{fill:#878787;}

Search URL Search Domain Scan URL

URL: https://outlook.office365.com/owa/calendar/PLUTuningfrdenChef@plu.de/bookings/s/i9SfUQ7vqUOz07H0AUaI3Q2
Title: Termin buchen

Search URL Search Domain Scan URL

URL: https://www.plu.de/PLU-Top-Assistant-RENT
Title: Rent a Top Assistant

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.plu.de/Personalvermittlung HTTP 301
https://plu.de/Personalvermittlung HTTP 301
https://plu.de/top-assistant/hire Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hire Show response
plu.de/top-assistant/
Redirect Chain

https://www.plu.de/Personalvermittlung
https://plu.de/Personalvermittlung
https://plu.de/top-assistant/hire

49 KB
9 KB

94ms
94ms

Document
text/html

167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Craft CMS

Resource Hash

a54a23ed1ec08a54d2a8e63ee023908f5757a3962342e7b7e2161c0e36363561

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 07:06:11 GMT
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 07:06:11 GMT
location: https://plu.de/top-assistant/hire
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS
x-xss-protection: 1; mode=block

GET
H2 200 463b98ce-9a2c-4649-8b59-98cf634ab02e.woff2
plu.de/assets/fonts/5510679/ 28 KB
28 KB 25ms
22ms Font
application/octet-stream 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plu.de/assets/fonts/5510679/463b98ce-9a2c-4649-8b59-98cf634ab02e.woff2
Requested by: Host: plu.de
URL: https://plu.de/top-assistant/hire
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c655bbca9de51285accc43d1c1de0485001350f23cc1e63e1774497d9032113

Request headers

Referer: https://plu.de/top-assistant/hire
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
last-modified: Thu, 30 Mar 2023 12:27:36 GMT
server: nginx
etag: "64258038-7068"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28776
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f965c3a6-5cb9-447e-9c1a-b165e66c7293.woff2
plu.de/assets/fonts/5510695/ 28 KB
28 KB 25ms
23ms Font
application/octet-stream 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plu.de/assets/fonts/5510695/f965c3a6-5cb9-447e-9c1a-b165e66c7293.woff2
Requested by: Host: plu.de
URL: https://plu.de/top-assistant/hire
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 42380421940601e4e6ab83651e96c62e8b788361ce1d54e5313f28014238653f

Request headers

Referer: https://plu.de/top-assistant/hire
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
last-modified: Thu, 30 Mar 2023 12:27:36 GMT
server: nginx
etag: "64258038-708c"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28812
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1a8569cf-6d68-4920-bca1-d05f5b33824c.woff2
plu.de/assets/fonts/5510711/ 28 KB
29 KB 30ms
28ms Font
application/octet-stream 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plu.de/assets/fonts/5510711/1a8569cf-6d68-4920-bca1-d05f5b33824c.woff2
Requested by: Host: plu.de
URL: https://plu.de/top-assistant/hire
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7667459df7dfde595208a0c52553558f5d512390c251cbd76fb040d140e4b422

Request headers

Referer: https://plu.de/top-assistant/hire
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
last-modified: Thu, 30 Mar 2023 12:27:36 GMT
server: nginx
etag: "64258038-71ec"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29164
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 et-line.woff
plu.de/assets/fonts/ 54 KB
54 KB 30ms
29ms Font
application/font-woff 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plu.de/assets/fonts/et-line.woff
Requested by: Host: plu.de
URL: https://plu.de/top-assistant/hire
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c

Request headers

Referer: https://plu.de/top-assistant/hire
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
last-modified: Thu, 19 Jan 2023 13:27:52 GMT
server: nginx
etag: "63c94558-d7b4"
content-type: application/font-woff
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 55220
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
plu.de/assets/css/ 118 KB
20 KB 16ms
14ms Stylesheet
text/css 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://plu.de/assets/css/main.css

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

aff4cd609af266ddae0b394daee2bcdca9f35832ad9b3bd9dfb18145d77bce47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Sep 2023 09:40:46 GMT
server: nginx
content-encoding: gzip
etag: W/"65154a1e-1d8f6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.gif
plu.de/assets/img/ 9 KB
9 KB 30ms
29ms Image
image/gif 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plu.de/assets/img/logo.gif

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3148f10950e6fd3479be8879a7b99f6c0c9646b121ecfb5e0e472b2a11332019

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Jan 2023 13:27:52 GMT
server: nginx
etag: "63c94558-235f"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
accept-ranges: bytes
content-length: 9055
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook.svg
plu.de/assets/img/social/ 1 KB
2 KB 15ms
15ms Image
image/svg+xml 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plu.de/assets/img/social/facebook.svg

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dbbeb9ccefd45ced505111274eadc18f2ac1d1689e9c26b84da8f1ac2d2ceea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 07:31:47 GMT
server: nginx
etag: "645c99e3-5c4"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
accept-ranges: bytes
content-length: 1476
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter.svg
plu.de/assets/img/social/ 2 KB
2 KB 14ms
13ms Image
image/svg+xml 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plu.de/assets/img/social/twitter.svg

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c7d45bfee7e60798b2efc5bff188efb3380262d85e94bc6ad43bb6baabb4da93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 07:31:47 GMT
server: nginx
etag: "645c99e3-817"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
accept-ranges: bytes
content-length: 2071
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 linkedIn.svg
plu.de/assets/img/social/ 2 KB
2 KB 13ms
12ms Image
image/svg+xml 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plu.de/assets/img/social/linkedIn.svg

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

db963635897aafaf57636473b43aa38c31b54617f262966e88a25521e28ddbf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 May 2023 07:31:47 GMT
server: nginx
etag: "645c99e3-7d3"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
accept-ranges: bytes
content-length: 2003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 landing_plu-top-assistant.js Show response
www.provenexpert.com/widget/ 11 KB
3 KB 132ms
80ms Script
application/javascript 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/widget/landing_plu-top-assistant.js?feedback=1&avatar=1&competence=1&style=white

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

beaf644e6f7204363ddd104eb635bfd7aa976c40d666ef73a078ae0354fd5cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding, Accept-Encoding,Accept-Encoding
access-control-max-age: 60
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Sat, 18 Nov 2023 08:06:11 GMT

GET
H2 200 widget_landing.css
www.provenexpert.com/css/ 26 KB
4 KB 65ms
12ms Stylesheet
text/css 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/css/widget_landing.css

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

60ff43ac4d3e06440aa7f3ebb5b2f8def3eacbdfbde4599202ce54383ee44b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:20:50 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 9921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4029
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
server: nginx
etag: W/"12a47600-699f"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Sat, 16 Nov 2024 04:20:50 GMT

GET
H2 200 main.js Show response
plu.de/assets/js/ 119 KB
45 KB 19ms
19ms Script
application/javascript 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://plu.de/assets/js/main.js

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

737740c7863bfc9ba05a693e57af41ff46d3f104d78ac6974054b271a7cd1052

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Sep 2023 08:29:20 GMT
server: nginx
content-encoding: gzip
etag: W/"64f989e0-1dbc0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iStock-177508959.webp
plu.de/uploads/images/_1980x849_crop_center-center_none/5646/ 47 KB
48 KB 33ms
31ms Image
image/webp 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plu.de/uploads/images/_1980x849_crop_center-center_none/5646/iStock-177508959.webp

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0d2bb536fcf03382953331558a4d72d2a555155de99b3fa7b9d1bbad1442646c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Mar 2023 06:55:42 GMT
server: nginx
etag: "64228f6e-bcfe"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
accept-ranges: bytes
content-length: 48382
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 susanna.webp
plu.de/uploads/images/Team/_200x200_crop_center-center_none/3336/ 3 KB
4 KB 34ms
32ms Image
image/webp 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plu.de/uploads/images/Team/_200x200_crop_center-center_none/3336/susanna.webp

Requested by

Host: plu.de
URL: https://plu.de/top-assistant/hire

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d4984eeb0542b51a5a41590b99f70158eae4bd93c9ad890fff3ddd7793c0da9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Jan 2023 13:42:53 GMT
server: nginx
etag: "63c948dd-cb6"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
accept-ranges: bytes
content-length: 3254
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pejquery.js Show response
www.provenexpert.com/js/lib/ 94 KB
33 KB 62ms
61ms Script
application/javascript 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/js/lib/pejquery.js

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/widget/landing_plu-top-assistant.js?feedback=1&avatar=1&competence=1&style=white

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e718157ad0b22447f8405b9669fb6ecba0e53a8c6c43226507dbe9c38c1831e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:55:45 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 40226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33651
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
server: nginx
etag: W/"12a47600-17718"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 19:55:45 GMT

GET
H2 200 provenexpert_logo_black.png
www.provenexpert.com/images/widget/ 936 B
1 KB 83ms
82ms Image
image/png 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenexpert.com/images/widget/provenexpert_logo_black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1185ee9a9999273dda0acb35fbe92801c51b87286faac92183a2dd74c08ecc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:48:13 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 37078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 936
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:42:36 GMT
server: nginx
etag: "6556386c-3a8"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 20:48:13 GMT

GET
H2 200 plu-top-assistant_medium_1669202965.jpg
images.provenexpert.com/41/23/dc5b5cd0208ec185a52c85b0f410/ 4 KB
4 KB 107ms
53ms Image
image/jpeg 34.102.224.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.provenexpert.com/41/23/dc5b5cd0208ec185a52c85b0f410/plu-top-assistant_medium_1669202965.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.224.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.224.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aab929c1809f90e62690f42856dfc3bd36e806843789e799b22cc11cabab3bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:11 GMT
via: 1.1 google
last-modified: Wed, 23 Nov 2022 11:29:25 GMT
server: nginx
age: 0
etag: "637e0415-f8a"
content-type: image/jpeg
cache-control: max-age=86400,no-cache
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3978
expires: Sat, 18 Nov 2023 07:06:11 GMT

GET
H2 200 recommendations_g.png
www.provenexpert.com/images/icons/ 1 KB
1 KB 81ms
80ms Image
image/png 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenexpert.com/images/icons/recommendations_g.png

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8f641ea157f26bca60613ea6d8f1638976a55c137ed1f54d877cdc32d1641b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenexpert.com/css/widget_landing.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:58:59 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 54432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1058
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:42:15 GMT
server: nginx
etag: "65563857-422"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 15:58:59 GMT

GET
H2 200 big.png
www.provenexpert.com/images/icons/stars/ 686 B
830 B 79ms
78ms Image
image/png 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenexpert.com/images/icons/stars/big.png

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d3b91734723dad33d32fc065da6a4e3f025748a6b407e3ae12e5ac96fc66c8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenexpert.com/css/widget_landing.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:04:11 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 36120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 686
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:42:15 GMT
server: nginx
etag: "65563857-2ae"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 21:04:11 GMT

GET
H2 200 recommendation_g.png
www.provenexpert.com/images/icons/ 671 B
779 B 81ms
80ms Image
image/png 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenexpert.com/images/icons/recommendation_g.png

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f08fd397df7b76d2e2ab78f492e9ad1ceb6242e7dd573683a2df9084f339ef3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenexpert.com/css/widget_landing.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:37:21 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 26930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 671
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:42:15 GMT
server: nginx
etag: "65563857-29f"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 23:37:21 GMT

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b714b6d43cb0b1fb396d31b2bcbabcff89519d943d3d24e4f6e9e175ebe70f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 check_blue.png
www.provenexpert.com/images/start/icons/ 266 B
374 B 80ms
77ms Image
image/png 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.provenexpert.com/images/start/icons/check_blue.png

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5b699f0daac114f6dfa3983354acdf5d56434e9a3dc188a1bd279d63ebcda5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.provenexpert.com/css/widget_landing.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:17:45 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 42506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 266
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
server: nginx
etag: "12a47600-10a"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 19:17:45 GMT

GET
H3 200 titilliumweb-regular-webfont.woff
www.provenexpert.com/webfonts/titillium_ext_latin/ 27 KB
27 KB 84ms
23ms Font
font/woff 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/webfonts/titillium_ext_latin/titilliumweb-regular-webfont.woff

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8011e9c91bbb891e6d2cb202e6ed9ace5ebf3dd69498c383784ffd9a9a8d7f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenexpert.com/css/widget_landing.css
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:21:48 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 71063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27292
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Jun 2023 11:34:59 GMT
server: nginx
etag: "648702e3-6a9c"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 11:21:48 GMT

GET
H3 200 titilliumweb-bold-webfont.woff
www.provenexpert.com/webfonts/titillium_ext_latin/ 25 KB
25 KB 113ms
53ms Font
font/woff 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/webfonts/titillium_ext_latin/titilliumweb-bold-webfont.woff

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ada1b93e506478873f674595740b1f459807737d714faab30b7954c6dec25784

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenexpert.com/css/widget_landing.css
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:15:54 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 10217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26000
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jul 2023 09:19:42 GMT
server: nginx
etag: "64a7d8ae-6590"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Sat, 16 Nov 2024 04:15:54 GMT

GET
H3 200 titilliumweb-extralight-webfont.woff
www.provenexpert.com/webfonts/titillium_ext_latin/ 26 KB
26 KB 83ms
25ms Font
font/woff 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/webfonts/titillium_ext_latin/titilliumweb-extralight-webfont.woff

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6a02230f5a43a4db1b3f79a926461491ed71c056e7a2784c5ed82de8a2c24879

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenexpert.com/css/widget_landing.css
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:24:26 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 27705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26444
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jul 2023 09:19:42 GMT
server: nginx
etag: "64a7d8ae-674c"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 23:24:26 GMT

GET
H3 200 titilliumweb-semibold-webfont.woff
www.provenexpert.com/webfonts/titillium_ext_latin/ 26 KB
26 KB 108ms
49ms Font
font/woff 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/webfonts/titillium_ext_latin/titilliumweb-semibold-webfont.woff

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5ba59c8429c38a3ad1c2b4cab037be1d032444eb8d83ef852cd73f2eba3b382b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenexpert.com/css/widget_landing.css
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:39:25 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 66406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27084
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Jun 2023 11:34:59 GMT
server: nginx
etag: "648702e3-69cc"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 12:39:25 GMT

GET
H3 200 titilliumweb-light-webfont.woff
www.provenexpert.com/webfonts/titillium_ext_latin/ 27 KB
27 KB 85ms
35ms Font
font/woff 34.102.149.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.provenexpert.com/webfonts/titillium_ext_latin/titilliumweb-light-webfont.woff

Requested by

Host: www.provenexpert.com
URL: https://www.provenexpert.com/css/widget_landing.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.149.160 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.149.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

582eb90f18583d99c82e228c4a7349d239c8e26eb842bcd0c8fdaf204bd88c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.provenexpert.com/css/widget_landing.css
Origin: https://plu.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:17:02 GMT
via: 1.1 google, 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
age: 28149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27496
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jul 2023 09:19:42 GMT
server: nginx
etag: "64a7d8ae-6b68"
access-control-max-age: 60
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000,public, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Authorization
expires: Fri, 15 Nov 2024 23:17:02 GMT

GET
H2 200 PLU-Top-Assistant-08.webp
plu.de/uploads/images/_1980x849_crop_center-center_none/10434/ 58 KB
59 KB 10ms
10ms Image
image/webp 167.71.36.172
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plu.de/uploads/images/_1980x849_crop_center-center_none/10434/PLU-Top-Assistant-08.webp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

167.71.36.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

28f756a9b731c4cc9395aa21cf421f7f4e61e9c70beb1f3f2a948c7933174eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plu.de/top-assistant/hire
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:06:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 May 2023 09:49:14 GMT
server: nginx
etag: "645e0b9a-e91c"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=315360000
permissions-policy: geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(self), vibrate=(), fullscreen=(self)
accept-ranges: bytes
content-length: 59676
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			plu.de/	1969-12-31 23:59:59	Name: CRAFT_CSRF_TOKEN Value: 06aa706d7d019017ba7c1d52a5481bd54710354eca1ef5da6d183a873ad92ec2a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22-wb6S9E3eHapR_RkjjbbvIDhFrG4FehI6d0f1JwY%22%3B%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.provenexpert.com
plu.de
www.plu.de
www.provenexpert.com
167.71.36.172
34.102.149.160
34.102.224.29
0d2bb536fcf03382953331558a4d72d2a555155de99b3fa7b9d1bbad1442646c
1185ee9a9999273dda0acb35fbe92801c51b87286faac92183a2dd74c08ecc3e
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
28f756a9b731c4cc9395aa21cf421f7f4e61e9c70beb1f3f2a948c7933174eba
3148f10950e6fd3479be8879a7b99f6c0c9646b121ecfb5e0e472b2a11332019
42380421940601e4e6ab83651e96c62e8b788361ce1d54e5313f28014238653f
582eb90f18583d99c82e228c4a7349d239c8e26eb842bcd0c8fdaf204bd88c1f
5b699f0daac114f6dfa3983354acdf5d56434e9a3dc188a1bd279d63ebcda5e5
5ba59c8429c38a3ad1c2b4cab037be1d032444eb8d83ef852cd73f2eba3b382b
5c655bbca9de51285accc43d1c1de0485001350f23cc1e63e1774497d9032113
60ff43ac4d3e06440aa7f3ebb5b2f8def3eacbdfbde4599202ce54383ee44b1d
6a02230f5a43a4db1b3f79a926461491ed71c056e7a2784c5ed82de8a2c24879
737740c7863bfc9ba05a693e57af41ff46d3f104d78ac6974054b271a7cd1052
7667459df7dfde595208a0c52553558f5d512390c251cbd76fb040d140e4b422
8011e9c91bbb891e6d2cb202e6ed9ace5ebf3dd69498c383784ffd9a9a8d7f0d
8f641ea157f26bca60613ea6d8f1638976a55c137ed1f54d877cdc32d1641b0f
a54a23ed1ec08a54d2a8e63ee023908f5757a3962342e7b7e2161c0e36363561
aab929c1809f90e62690f42856dfc3bd36e806843789e799b22cc11cabab3bbf
ada1b93e506478873f674595740b1f459807737d714faab30b7954c6dec25784
aff4cd609af266ddae0b394daee2bcdca9f35832ad9b3bd9dfb18145d77bce47
b714b6d43cb0b1fb396d31b2bcbabcff89519d943d3d24e4f6e9e175ebe70f9b
beaf644e6f7204363ddd104eb635bfd7aa976c40d666ef73a078ae0354fd5cdc
c7d45bfee7e60798b2efc5bff188efb3380262d85e94bc6ad43bb6baabb4da93
d3b91734723dad33d32fc065da6a4e3f025748a6b407e3ae12e5ac96fc66c8cc
d4984eeb0542b51a5a41590b99f70158eae4bd93c9ad890fff3ddd7793c0da9d
db963635897aafaf57636473b43aa38c31b54617f262966e88a25521e28ddbf3
dbbeb9ccefd45ced505111274eadc18f2ac1d1689e9c26b84da8f1ac2d2ceea6
e718157ad0b22447f8405b9669fb6ecba0e53a8c6c43226507dbe9c38c1831e8
f08fd397df7b76d2e2ab78f492e9ad1ceb6242e7dd573683a2df9084f339ef3f

plu.de Open in urlscan Pro 167.71.36.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

520 kBTransfer

817 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

plu.de Open in urlscan Pro
167.71.36.172 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

520 kB
Transfer

817 kB
Size

1
Cookies

28 HTTP transactions
1 data transactions