magazin.hessen-tourismus.de Open in urlscan Pro
78.46.10.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://magazin.hessen-tourismus.de/
Submission: On March 02 via api (March 2nd 2024, 2:50:33 pm UTC) from US — Scanned from US

Summary HTTP 20 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 78.46.10.9, located in Germany and belongs to HETZNER-AS, DE. The main domain is magazin.hessen-tourismus.de.
TLS certificate: Issued by R3 on March 1st 2024. Valid for: 3 months.

This is the only time magazin.hessen-tourismus.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	78.46.10.9 78.46.10.9	24940 (HETZNER-AS) (HETZNER-AS)
5	104.16.141.119 104.16.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.38.216 104.18.38.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.253.3.7 34.253.3.7	16509 (AMAZON-02) (AMAZON-02)
20	4

12 78.46.10.9 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1809.your-server.de

magazin.hessen-tourismus.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

fd913c6d.sibforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sibforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.216 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.3.7 (United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-3-7.eu-west-1.compute.amazonaws.com

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	hessen-tourismus.de magazin.hessen-tourismus.de	1012 KB
5	sibforms.com fd913c6d.sibforms.com sibforms.com — Cisco Umbrella Rank: 43486	157 KB
2	es.io 596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io — Cisco Umbrella Rank: 78981	55 B
1	brevo.com assets.brevo.com — Cisco Umbrella Rank: 86081	15 KB
20	4

	Domain	Requested by
12	magazin.hessen-tourismus.de	magazin.hessen-tourismus.de
3	sibforms.com	fd913c6d.sibforms.com
2	596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io	sibforms.com
2	fd913c6d.sibforms.com	magazin.hessen-tourismus.de fd913c6d.sibforms.com
1	assets.brevo.com	fd913c6d.sibforms.com
20	5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.de
www.youtube.com
www.hessen-tourismus.de

Subject Issuer	Validity	Valid
magazin.hessen-tourismus.de R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
brevo.com GTS CA 1P5	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.eu-west-1.aws.elastic-cloud.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://magazin.hessen-tourismus.de/
Frame ID: E3CA00F308F637DF0DFD7A70FF015D27
Requests: 12 HTTP requests in this frame

Frame: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H
Frame ID: A2C20A0A640C3EAAB611C83E01B2C4F7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hessen Magazin 2024 - Hessen Tourismus Magazin

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

1184 kB
Transfer

1951 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HessenTourismus/

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/hessentourismus/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HessenTourismus

Search URL Search Domain Scan URL

URL: https://www.hessen-tourismus.de/
Title: Hessen Tourismus

Search URL Search Domain Scan URL

URL: https://www.hessen-tourismus.de/de/datenschutz/
Title: Datenschutz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
magazin.hessen-tourismus.de/ 331 KB
56 KB 1052ms
180ms Document
text/html 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 162e51e21032672bbd346170380662b713f489fba9f7e25bb4b23cb1c0dcc8f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
content-encoding: gzip
content-length: 56810
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 14:50:25 GMT
expires: Sat, 02 Mar 2024 14:50:25 GMT
last-modified: Sat, 02 Mar 2024 08:29:28 GMT
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 icomoon.woff2
magazin.hessen-tourismus.de/wp-content/themes/digitales-magazin-DwXdf6/assets/fonts/ 3 KB
3 KB 93ms
91ms Font
font/woff2 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magazin.hessen-tourismus.de/wp-content/themes/digitales-magazin-DwXdf6/assets/fonts/icomoon.woff2?apha5x
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 60567d98945cef2fcf1ebe01ab7afa516fe7d81d94c4539a5184bf503fa44afc

Request headers

Referer: https://magazin.hessen-tourismus.de/
Origin: https://magazin.hessen-tourismus.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 16:19:09 GMT
server: Apache
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2967
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 AvenirNextLTPro-Regular.otf
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 64 KB
40 KB 95ms
93ms Font
font/otf 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/AvenirNextLTPro-Regular.otf
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 3000beecfedf40a58110475fc84da04676c448979d08b5039f573eee998b33c4

Request headers

Referer: https://magazin.hessen-tourismus.de/
Origin: https://magazin.hessen-tourismus.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 16:19:13 GMT
server: Apache
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 AvenirNextLTPro-It.otf
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 66 KB
42 KB 96ms
95ms Font
font/otf 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/AvenirNextLTPro-It.otf
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: be2ab8926f465d6c33a46dd05e79d786d8a9c9c4c2943f3ff3ddebc9ea9d9dcb

Request headers

Referer: https://magazin.hessen-tourismus.de/
Origin: https://magazin.hessen-tourismus.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 16:19:14 GMT
server: Apache
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 AvenirNextLTPro-Bold.otf
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 67 KB
42 KB 187ms
185ms Font
font/otf 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/AvenirNextLTPro-Bold.otf
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 79bdbea8ee9208301d2ccae54af35c6d6afa53e5c3f8740bfc7afc16605ca5cb

Request headers

Referer: https://magazin.hessen-tourismus.de/
Origin: https://magazin.hessen-tourismus.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
content-encoding: gzip
last-modified: Mon, 26 Feb 2024 16:19:16 GMT
server: Apache
vary: Accept-Encoding
content-type: font/otf
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQm... Show response
fd913c6d.sibforms.com/serve/ Frame A2C2 14 KB
4 KB 749ms
397ms Document
text/html 104.16.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: face21737d64caa3f9cc7e0eeededd219c7af35ab48f647d021d78783a078675

Request headers

Referer: https://magazin.hessen-tourismus.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, s-maxage=300
cf-cache-status: MISS
cf-ray: 85e232f7fe830fa1-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 14:50:26 GMT
last-modified: Sat, 02 Mar 2024 14:50:26 GMT
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 MediaHub_David_Vasicek_Neroberg_angesetzt-1900x1069.jpeg.webp
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 412 KB
413 KB 99ms
94ms Image
image/webp 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/MediaHub_David_Vasicek_Neroberg_angesetzt-1900x1069.jpeg.webp
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: f3fd3b93a0847bb3fb599fec39711d00cf98b2b69dda5f8415a789c78c786a35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://magazin.hessen-tourismus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
last-modified: Fri, 01 Mar 2024 07:44:51 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 422234
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 404 .webp
magazin.hessen-tourismus.de/ 64 KB
64 KB 2497ms
2494ms Image
text/html 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazin.hessen-tourismus.de/.webp
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: dece91916136ef12bf3342803e6da53aacf3de57ea1f722467d2046afe5e9ea9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://magazin.hessen-tourismus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://magazin.hessen-tourismus.de/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 2021_08_25_160154-800x450.jpeg.webp
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 116 KB
116 KB 279ms
276ms Image
image/webp 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/2021_08_25_160154-800x450.jpeg.webp
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 2a1f0227ddc1fccf1fd914d3b37fe3fed47eb827d6da9850a3bf9c041397d005

Request headers

accept-language: en-US,en;q=0.9
Referer: https://magazin.hessen-tourismus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
last-modified: Fri, 01 Mar 2024 07:44:47 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 118808
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 DSC05465-800x450.jpeg.webp
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 140 KB
140 KB 280ms
277ms Image
image/webp 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/DSC05465-800x450.jpeg.webp
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 1b0a5e33887e8c52ba4501886437299ea6ff005ff7d63f914357c161ad848436

Request headers

accept-language: en-US,en;q=0.9
Referer: https://magazin.hessen-tourismus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
last-modified: Fri, 01 Mar 2024 07:44:47 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 143434
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 1_5787_WICM_GmbH_Sandra-Schmitz-800x450.jpeg.webp
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 62 KB
62 KB 280ms
277ms Image
image/webp 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/1_5787_WICM_GmbH_Sandra-Schmitz-800x450.jpeg.webp
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 2706cae32be275dcb20f43ee88fa81cd4a0daebb83060e1d706d0794e2812db5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://magazin.hessen-tourismus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
last-modified: Fri, 01 Mar 2024 07:44:47 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 63742
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 csm_Mock_up_58da0640c4.webp
magazin.hessen-tourismus.de/wp-content/uploads/2024/02/ 30 KB
30 KB 280ms
277ms Image
image/webp 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/02/csm_Mock_up_58da0640c4.webp
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 59139e72b53aed9bc399370152bb6b70abbcde326c62c92fd010ecea0497c646

Request headers

accept-language: en-US,en;q=0.9
Referer: https://magazin.hessen-tourismus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
last-modified: Mon, 26 Feb 2024 16:19:11 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 30560
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 Hessen-Logo-negativ_neu.svg
magazin.hessen-tourismus.de/wp-content/uploads/2024/03/ 9 KB
4 KB 378ms
376ms Image
image/svg+xml 78.46.10.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magazin.hessen-tourismus.de/wp-content/uploads/2024/03/Hessen-Logo-negativ_neu.svg
Requested by: Host: magazin.hessen-tourismus.de
URL: https://magazin.hessen-tourismus.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.10.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi1809.your-server.de
Software: Apache /
Resource Hash: 5f7fec59e30f3e509a13d4340e11015eefe69defaee5ce74a2aafe10ec31def8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://magazin.hessen-tourismus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:25 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2024 07:44:47 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 3903
expires: Sun, 30 Jun 2024 14:50:25 GMT

GET
H2 200 sib-styles.css
sibforms.com/forms/end-form/build/ Frame A2C2 51 KB
9 KB 60ms
50ms Stylesheet
text/css 104.16.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibforms.com/forms/end-form/build/sib-styles.css
Requested by: Host: fd913c6d.sibforms.com
URL: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f571295d32a2af5536d09fbe140ff5ccc82d523ab3932ed49f393f0b406259f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd913c6d.sibforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 12:43:30 GMT
server: cloudflare
age: 2046
etag: W/"65ce06f2-cc63"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 85e232faba5b0fa1-EWR
expires: Sat, 02 Mar 2024 18:50:26 GMT

GET
H2 200 email-decode.min.js Show response
fd913c6d.sibforms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame A2C2 1 KB
859 B 11ms
10ms Script
application/javascript 104.16.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fd913c6d.sibforms.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fd913c6d.sibforms.com
URL: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Feb 2024 15:42:08 GMT
server: cloudflare
etag: W/"65de02d0-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 85e232faaa390fa1-EWR
expires: Mon, 04 Mar 2024 14:50:26 GMT

GET
H2 200 main.js Show response
sibforms.com/forms/end-form/build/ Frame A2C2 449 KB
124 KB 60ms
51ms Script
application/javascript 104.16.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibforms.com/forms/end-form/build/main.js
Requested by: Host: fd913c6d.sibforms.com
URL: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b7679eb0cbd1465bf75e4e973d8e81af2b8806329d4bce63d5dc71445a1b12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd913c6d.sibforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 12:43:30 GMT
server: cloudflare
age: 2799
etag: W/"65ce06f2-705d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 85e232faba5d0fa1-EWR
expires: Sat, 02 Mar 2024 18:50:26 GMT

GET
H2 200 elastic-apm-rum.umd.min.js Show response
sibforms.com/forms/end-form/ Frame A2C2 58 KB
19 KB 37ms
32ms Script
application/javascript 104.16.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js
Requested by: Host: fd913c6d.sibforms.com
URL: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a572de592a0e3abc43227fee637abc8367628fb98eed4a35982a2be6a5ea8c7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fd913c6d.sibforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 10:19:44 GMT
server: cloudflare
age: 4795
etag: W/"62c41040-e6c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 85e232fb1ada0fa1-EWR
expires: Sat, 02 Mar 2024 18:50:26 GMT

GET
H2 200 7529907e9eaf8ebb5220c5f9850e3811.woff2
assets.brevo.com/font/Roboto/Latin/normal/normal/ Frame A2C2 14 KB
15 KB 988ms
572ms Font
font/woff2 104.18.38.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.brevo.com/font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2
Requested by: Host: fd913c6d.sibforms.com
URL: https://fd913c6d.sibforms.com/serve/MUIFAEEIJFgJyAacU9Kdu9c5gDcS9Ab3SuXWM4RuRjsOt54_e_yNxBGB5PhaK7OXSr309-5AXPjeR73S6cCKGCm64cqneRGmEqgzwSCOPXDuAn2yw0HOCOBFOd0wPZ6pxbgzcQQvT9sRtno7coeJwgB6SHb576aTntNnpFKtE0Yk5V6k7MFLs8bQbHO3e629fgoQmmAmmAzo7T_H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92b5e0133f0825ff255fc25b29669eb647b5ed127154841f37a10a85beccf55

Request headers

Referer: https://fd913c6d.sibforms.com/
Origin: https://fd913c6d.sibforms.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 14:50:27 GMT
via: 1.1 google
cf-cache-status: MISS
x-amz-request-id: EZMS53HF6H5FX7T1
x-amz-server-side-encryption: AES256
content-length: 14752
x-amz-id-2: 0rVNo7Emi9stiGU2Wv22aao2i6jnDN9jDdn59p2Z9fxlAkxoU5EuSBXnIEMMGcObVn9ZoaNzpsI=
last-modified: Wed, 01 Feb 2023 09:28:53 GMT
server: cloudflare
etag: "7529907e9eaf8ebb5220c5f9850e3811"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 85e232fdb835437b-EWR
expires: Tue, 28 Feb 2034 14:50:27 GMT

POST
H2 202 events Show response
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame A2C2 0
55 B 89ms
88ms XHR
text/plain 34.253.3.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

Requested by

Host: sibforms.com
URL: https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.253.3.7 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-3-7.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://fd913c6d.sibforms.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://fd913c6d.sibforms.com
date: Sat, 02 Mar 2024 14:50:28 GMT
x-cloud-request-id: _-D4aO0JR6u3POF8evv9ag
x-content-type-options: nosniff
x-found-handling-instance: instance-0000000018
x-found-handling-cluster: 596808a16dec4fc39413bf34b0a70240
content-length: 0

OPTIONS
H2 200 events
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame 0
0 567ms
104ms Preflight 34.253.3.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.253.3.7 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-3-7.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://fd913c6d.sibforms.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://fd913c6d.sibforms.com
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
date: Sat, 02 Mar 2024 14:50:28 GMT
vary: Origin
x-cloud-request-id: 1hr4FwQ0Rru9O0IA9y9IxQ
x-content-type-options: nosniff
x-found-handling-cluster: 596808a16dec4fc39413bf34b0a70240
x-found-handling-instance: instance-0000000019

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sibforms.com/	1969-12-31 23:59:59	Name: __cfruid Value: 9ffebbda17c63aeaed6e44f1c614472fd7799049-1709391026

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://magazin.hessen-tourismus.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://magazin.hessen-tourismus.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://magazin.hessen-tourismus.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://magazin.hessen-tourismus.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://magazin.hessen-tourismus.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://magazin.hessen-tourismus.de/.webp Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io
assets.brevo.com
fd913c6d.sibforms.com
magazin.hessen-tourismus.de
sibforms.com
104.16.141.119
104.18.38.216
34.253.3.7
78.46.10.9
162e51e21032672bbd346170380662b713f489fba9f7e25bb4b23cb1c0dcc8f8
1b0a5e33887e8c52ba4501886437299ea6ff005ff7d63f914357c161ad848436
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2706cae32be275dcb20f43ee88fa81cd4a0daebb83060e1d706d0794e2812db5
2a1f0227ddc1fccf1fd914d3b37fe3fed47eb827d6da9850a3bf9c041397d005
3000beecfedf40a58110475fc84da04676c448979d08b5039f573eee998b33c4
59139e72b53aed9bc399370152bb6b70abbcde326c62c92fd010ecea0497c646
5f7fec59e30f3e509a13d4340e11015eefe69defaee5ce74a2aafe10ec31def8
60567d98945cef2fcf1ebe01ab7afa516fe7d81d94c4539a5184bf503fa44afc
79bdbea8ee9208301d2ccae54af35c6d6afa53e5c3f8740bfc7afc16605ca5cb
8f571295d32a2af5536d09fbe140ff5ccc82d523ab3932ed49f393f0b406259f
a572de592a0e3abc43227fee637abc8367628fb98eed4a35982a2be6a5ea8c7f
be2ab8926f465d6c33a46dd05e79d786d8a9c9c4c2943f3ff3ddebc9ea9d9dcb
c1b7679eb0cbd1465bf75e4e973d8e81af2b8806329d4bce63d5dc71445a1b12
dece91916136ef12bf3342803e6da53aacf3de57ea1f722467d2046afe5e9ea9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92b5e0133f0825ff255fc25b29669eb647b5ed127154841f37a10a85beccf55
f3fd3b93a0847bb3fb599fec39711d00cf98b2b69dda5f8415a789c78c786a35
face21737d64caa3f9cc7e0eeededd219c7af35ab48f647d021d78783a078675

magazin.hessen-tourismus.de Open in urlscan Pro 78.46.10.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

1184 kBTransfer

1951 kBSize

1 Cookies

5 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

magazin.hessen-tourismus.de Open in urlscan Pro
78.46.10.9 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

1184 kB
Transfer

1951 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions