URL: https://www.sparkassen-luftschiff-quiz.de/
Submission: On February 14 via automatic, source certstream-suspicious

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 83.138.82.83, located in Germany and belongs to HOSTNET-DE-AS, DE. The main domain is www.sparkassen-luftschiff-quiz.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 14th 2020. Valid for: 3 months.
This is the only time www.sparkassen-luftschiff-quiz.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 83.138.82.83 34895 (HOSTNET-D...)
2 78.46.220.242 24940 (HETZNER-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 5
Domain Requested by
8 www.sparkassen-luftschiff-quiz.de www.sparkassen-luftschiff-quiz.de
2 www.google-analytics.com 1 redirects www.sparkassen-luftschiff-quiz.de
2 webfonts.sparkasse.de www.sparkassen-luftschiff-quiz.de
1 stats.g.doubleclick.net www.sparkassen-luftschiff-quiz.de
12 4

This site contains no links.

Subject Issuer Validity Valid
www.sparkassen-luftschiff-quiz.de
Let's Encrypt Authority X3
2020-02-14 -
2020-05-14
3 months crt.sh
webfonts.sparkasse.de
D-TRUST SSL Class 3 CA 1 2009
2019-11-25 -
2020-11-28
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.sparkassen-luftschiff-quiz.de/
Frame ID: 1B070CDE384DF35D93F256F356C249F8
Requests: 15 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

813 kB
Transfer

1369 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1474433672&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sparkassen-luftschiff-quiz.de%2F&ul=en-us&de=UTF-8&dt=%23GEWINNSPIEL%20-%20Im%20Luftschiff%20%C3%BCber%20das%20Rheinland&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=237535083&gjid=544133107&cid=1975595692.1581714346&tid=UA-67617171-2&_gid=1713255345.1581714346&_r=1&z=387087726 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-67617171-2&cid=1975595692.1581714346&jid=237535083&_gid=1713255345.1581714346&gjid=544133107&_v=j81&z=387087726

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.sparkassen-luftschiff-quiz.de/
51 KB
12 KB
Document
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
3d9958245b42b3ac0db5349b34b30eacf1a7d6921c3b81acbaae275f66acde71
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.sparkassen-luftschiff-quiz.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Fri, 14 Feb 2020 21:05:45 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=4uekmecl2pei7nof59rmud7030; path=/
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-type
text/html; charset=UTF-8
logo_general.webp
www.sparkassen-luftschiff-quiz.de/images/
3 KB
3 KB
Image
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/images/logo_general.webp
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
3c223168971b3d79499d4919ce0b1af397cf3128887e56290810a4fb786ac06f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
max-age=31536000, public
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
2651
x-xss-protection
1; mode=block
expires
Sat, 13 Feb 2021 21:05:45 GMT
header_desktop-2000.webp
www.sparkassen-luftschiff-quiz.de/images/header/
127 KB
128 KB
Image
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/images/header/header_desktop-2000.webp
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
0cec6ebcf864dd87abc42b1fce573c2c7330be73ae0d90015c95250e262c3eef
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
max-age=31536000, public
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
expires
Sat, 13 Feb 2021 21:05:45 GMT
zeppelin_desktop.webp
www.sparkassen-luftschiff-quiz.de/images/
11 KB
11 KB
Image
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/images/zeppelin_desktop.webp
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
0425096024b2abd0d866cc626bd90f252b6658c1814daccfce49882708090f2c
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
max-age=31536000, public
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
11341
x-xss-protection
1; mode=block
expires
Sat, 13 Feb 2021 21:05:45 GMT
bundle.js
www.sparkassen-luftschiff-quiz.de/js/
548 KB
164 KB
Script
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/js/bundle.js
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
13982eb5c96541880f7733460269bd03592189f2295d92d28567bd45b85df48b
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=31536000, private
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
expires
Sat, 13 Feb 2021 21:05:45 GMT
sparkasse_web.css
webfonts.sparkasse.de/
397 KB
300 KB
Stylesheet
General
Full URL
https://webfonts.sparkasse.de/sparkasse_web.css
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.46.220.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webfonts.sparkasse.de
Software
Apache /
Resource Hash
b14a45d0ed55a3b9108a59012c0df308fa2bc267705b311c32aa5b45d2c43ab2

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
last-modified
Thu, 15 Aug 2019 11:08:47 GMT
server
Apache
access-control-allow-origin
*
etag
"634b1-59025e5d750c7-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
expires
Sun, 15 Mar 2020 21:05:45 GMT
sparkasse_web_head.css
webfonts.sparkasse.de/
40 KB
30 KB
Stylesheet
General
Full URL
https://webfonts.sparkasse.de/sparkasse_web_head.css
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.46.220.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
webfonts.sparkasse.de
Software
Apache /
Resource Hash
294037fcdee2ddcbf242968cdb7f25e6212922dfde41696cfc223b8d4c611134

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
last-modified
Thu, 15 Aug 2019 11:08:47 GMT
server
Apache
access-control-allow-origin
*
etag
"9efb-59025e5d750c7-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30676
expires
Sun, 15 Mar 2020 21:05:45 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1933
date
Fri, 14 Feb 2020 20:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Fri, 14 Feb 2020 22:33:32 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1474433672&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sparkassen-luftschiff-quiz.de%2F&ul=en-us&de=UTF-8&dt=%23GEWINNSPIEL%20-%20Im%20Luftsch...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-67617171-2&cid=1975595692.1581714346&jid=237535083&_gid=1713255345.1581714346&gjid=544133107&_v=j81&z=387087726
35 B
407 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-67617171-2&cid=1975595692.1581714346&jid=237535083&_gid=1713255345.1581714346&gjid=544133107&_v=j81&z=387087726
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Fri, 14 Feb 2020 21:05:45 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Feb 2020 21:05:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-67617171-2&cid=1975595692.1581714346&jid=237535083&_gid=1713255345.1581714346&gjid=544133107&_v=j81&z=387087726
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
marker-icon-2x.webp
www.sparkassen-luftschiff-quiz.de/images/
1 KB
1 KB
Image
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/images/marker-icon-2x.webp
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
1c24f61fd01a731846f0bf226789f0619cdd4e7174cb8afed705197f381aa960
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
max-age=31536000, public
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
1163
x-xss-protection
1; mode=block
expires
Sat, 13 Feb 2021 21:05:45 GMT
karte_grey.webp
www.sparkassen-luftschiff-quiz.de/images/
15 KB
15 KB
Image
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/images/karte_grey.webp
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
6d8819b686626432e1104009e4e1146d1238f5f340e02a2f49fb5ff2245bd503
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
max-age=31536000, public
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
14854
x-xss-protection
1; mode=block
expires
Sat, 13 Feb 2021 21:05:45 GMT
karte.webp
www.sparkassen-luftschiff-quiz.de/images/
27 KB
26 KB
Image
General
Full URL
https://www.sparkassen-luftschiff-quiz.de/images/karte.webp
Requested by
Host: www.sparkassen-luftschiff-quiz.de
URL: https://www.sparkassen-luftschiff-quiz.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.82.83 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
lavete.han-solo.net
Software
Apache /
Resource Hash
7c4a3d8c59f0b8c496f03b5ee0625af64735d9bcdadc39abebbf747f40f4ea2c
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sparkassen-luftschiff-quiz.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 14 Feb 2020 21:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
max-age=31536000, public
content-security-policy
base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
26711
x-xss-protection
1; mode=block
expires
Sat, 13 Feb 2021 21:05:45 GMT
truncated
/
29 KB
29 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86

Request headers

Origin
https://www.sparkassen-luftschiff-quiz.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

Origin
https://www.sparkassen-luftschiff-quiz.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/
36 KB
36 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

Origin
https://www.sparkassen-luftschiff-quiz.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| stylesheets object| style object| godefer string| gaProperty string| disableStr function| gaOptout string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate object| regeneratorRuntime function| animateScrollTo object| cookieconsent object| L object| _leaflet_events

4 Cookies

Domain/Path Name / Value
.sparkassen-luftschiff-quiz.de/ Name: _gat
Value: 1
.sparkassen-luftschiff-quiz.de/ Name: _gid
Value: GA1.2.1713255345.1581714346
.sparkassen-luftschiff-quiz.de/ Name: _ga
Value: GA1.2.1975595692.1581714346
www.sparkassen-luftschiff-quiz.de/ Name: PHPSESSID
Value: 4uekmecl2pei7nof59rmud7030

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'none'; connect-src 'self' www.google-analytics.com; default-src 'none'; font-src 'self' data: webfonts.sparkasse.de; form-action 'self'; frame-ancestors 'none'; img-src 'self' *.doubleclick.net www.google-analytics.com; manifest-src 'self'; script-src 'self' 'unsafe-inline' www.google-analytics.com; style-src 'self' 'unsafe-inline' webfonts.sparkasse.de
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block