viaticalbend.com Open in urlscan Pro
2606:4700:3037::6815:247e  Malicious Activity! Public Scan

Submitted URL: https://u1677694.ct.sendgrid.net/ls/click?upn=Oq95IzvMePhEHeR24ed-2FnGMD81uN8eYCZ6CTZZbL62F6uP1-2BMXXQJ9DH5t7WhTHPxkvSWvFWtPfBkfz...
Effective URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Submission: On January 23 via manual from US — Scanned from DE

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3037::6815:247e, located in United States and belongs to CLOUDFLARENET, US. The main domain is viaticalbend.com.
TLS certificate: Issued by GTS CA 1P5 on December 15th 2022. Valid for: 3 months.
This is the only time viaticalbend.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.28 11377 (SENDGRID)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 212.83.166.62 12876 (Online SAS)
1 45.145.5.99 398343 (BAXET-GROUP)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
28 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
40 9
Apex Domain
Subdomains
Transfer
28 viaticalbend.com
viaticalbend.com
363 KB
5 trk-epicurei.com
trk-epicurei.com — Cisco Umbrella Rank: 224092
event.trk-epicurei.com — Cisco Umbrella Rank: 297232
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
117 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 383
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2439
338 B
1 gstatic.com
fonts.gstatic.com
18 KB
1 minimumcrust.info
minimumcrust.info
694 B
1 loungelander.com
loungelander.com
391 B
1 sendgrid.net
u1677694.ct.sendgrid.net
388 B
40 9
Domain Requested by
28 viaticalbend.com loungelander.com
viaticalbend.com
4 event.trk-epicurei.com trk-epicurei.com
2 www.googletagmanager.com viaticalbend.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 trk-epicurei.com viaticalbend.com
1 fonts.googleapis.com viaticalbend.com
1 minimumcrust.info 1 redirects
1 loungelander.com storage.googleapis.com
1 storage.googleapis.com
1 u1677694.ct.sendgrid.net 1 redirects
40 11

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
loungelander.com
R3
2022-12-28 -
2023-03-28
3 months crt.sh
*.viaticalbend.com
GTS CA 1P5
2022-12-15 -
2023-03-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.trk-epicurei.com
E1
2022-12-10 -
2023-03-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Frame ID: 916895A74C1E653F2BB4FC53383BC7AB
Requests: 38 HTTP requests in this frame

Screenshot

Page Title

[1] Prämie ausstehend - Online Survey - Wir wollen Ihre Meinung!

Page URL History Show full URLs

  1. https://u1677694.ct.sendgrid.net/ls/click?upn=Oq95IzvMePhEHeR24ed-2FnGMD81uN8eYCZ6CTZZbL62F6uP1-2BMXXQJ9DH5t7... HTTP 302
    https://storage.googleapis.com/pemotion/trackingunsub0101.html Page URL
  2. http://212.83.166.62//eFgvREd5MFU3M1lMMEtpeWJhS093Z0UrazZCV08vRzhBTHJaR3BHSUJZekl6N1cyYTBDR0pEcFl... HTTP 302
    https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt Page URL
  3. https://minimumcrust.info/?s1=351432&s2=905332600&s3=2275&s4=0&ow=&s10=739 HTTP 302
    https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

505 kB
Transfer

1196 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u1677694.ct.sendgrid.net/ls/click?upn=Oq95IzvMePhEHeR24ed-2FnGMD81uN8eYCZ6CTZZbL62F6uP1-2BMXXQJ9DH5t7WhTHPxkvSWvFWtPfBkfzVAeI-2FchRcd4z-2FafVfSWcU0HCsupLXygwYLNUK9cr5c5xHBvtftmAgKT9Zxm7V6nES5J6iWc8G0ecFrNBdargkKsfBUr-2FMbo2zJvxZ3G8K-2FbEe19qy7ZTh00JwhOn6wvHivnzsxSHHS2sKoTgdpQEQ943KhEmJZmsvUOTj6yfdCD-2FACPXhYmKiIEP-2Ftju63arsKQutPA-3D-3DaYlX_OSkwpqOc7XbkNwdwkxg5AP2kZ2H7Q3DUnD7QGKzRRnQ3HkFEykSWVZzL2tKheVL32feiGrYPmnCTZUuCQn-2BLWlMU94du0msFRgl4FmOqqO6pcfcpr2J1RS7lts2bQKtm-2FYkJaNnCbOnbYjUAjEkz0tDiwMKSzm-2B3S9bpyw4iW8frYCpS9hrinBTtQBeiFy2nSE6TdnSblFRoLQl-2Bgj-2F10g-3D-3D HTTP 302
    https://storage.googleapis.com/pemotion/trackingunsub0101.html Page URL
  2. http://212.83.166.62//eFgvREd5MFU3M1lMMEtpeWJhS093Z0UrazZCV08vRzhBTHJaR3BHSUJZekl6N1cyYTBDR0pEcFljRzJ4KzRlUkZxaDZuS2VkaWczUTZGVXF5WXVKRHc9PQ__ HTTP 302
    https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt Page URL
  3. https://minimumcrust.info/?s1=351432&s2=905332600&s3=2275&s4=0&ow=&s10=739 HTTP 302
    https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u1677694.ct.sendgrid.net/ls/click?upn=Oq95IzvMePhEHeR24ed-2FnGMD81uN8eYCZ6CTZZbL62F6uP1-2BMXXQJ9DH5t7WhTHPxkvSWvFWtPfBkfzVAeI-2FchRcd4z-2FafVfSWcU0HCsupLXygwYLNUK9cr5c5xHBvtftmAgKT9Zxm7V6nES5J6iWc8G0ecFrNBdargkKsfBUr-2FMbo2zJvxZ3G8K-2FbEe19qy7ZTh00JwhOn6wvHivnzsxSHHS2sKoTgdpQEQ943KhEmJZmsvUOTj6yfdCD-2FACPXhYmKiIEP-2Ftju63arsKQutPA-3D-3DaYlX_OSkwpqOc7XbkNwdwkxg5AP2kZ2H7Q3DUnD7QGKzRRnQ3HkFEykSWVZzL2tKheVL32feiGrYPmnCTZUuCQn-2BLWlMU94du0msFRgl4FmOqqO6pcfcpr2J1RS7lts2bQKtm-2FYkJaNnCbOnbYjUAjEkz0tDiwMKSzm-2B3S9bpyw4iW8frYCpS9hrinBTtQBeiFy2nSE6TdnSblFRoLQl-2Bgj-2F10g-3D-3D HTTP 302
  • https://storage.googleapis.com/pemotion/trackingunsub0101.html
Request Chain 1
  • http://212.83.166.62//eFgvREd5MFU3M1lMMEtpeWJhS093Z0UrazZCV08vRzhBTHJaR3BHSUJZekl6N1cyYTBDR0pEcFljRzJ4KzRlUkZxaDZuS2VkaWczUTZGVXF5WXVKRHc9PQ__ HTTP 302
  • https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
trackingunsub0101.html
storage.googleapis.com/pemotion/
Redirect Chain
  • https://u1677694.ct.sendgrid.net/ls/click?upn=Oq95IzvMePhEHeR24ed-2FnGMD81uN8eYCZ6CTZZbL62F6uP1-2BMXXQJ9DH5t7WhTHPxkvSWvFWtPfBkfzVAeI-2FchRcd4z-2FafVfSWcU0HCsupLXygwYLNUK9cr5c5xHBvtftmAgKT9Zxm7V6nE...
  • https://storage.googleapis.com/pemotion/trackingunsub0101.html
243 B
822 B
Document
General
Full URL
https://storage.googleapis.com/pemotion/trackingunsub0101.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2010 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
243
content-type
text/html
date
Mon, 23 Jan 2023 08:02:49 GMT
etag
"5d51268ae715abe172b144434352528d"
expires
Mon, 23 Jan 2023 09:02:49 GMT
last-modified
Thu, 29 Dec 2022 13:28:02 GMT
server
UploadServer
x-goog-generation
1672320482475506
x-goog-hash
crc32c=tbUrYw== md5=XVEmiucVq+FysURDQ1JSjQ==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
243
x-guploader-uploadid
ADPycdtU85P9EVZxBmfIDE3ykroAGbV-ATenZEgewTHUfy5ySyFHLKBUbLLmzdTemsTFmYQIoHJJlR09dMe-MwEP4G7w9A

Redirect headers

Connection
keep-alive
Content-Length
207
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Jan 2023 08:02:49 GMT
Location
https://storage.googleapis.com/pemotion/trackingunsub0101.html#/eFgvREd5MFU3M1lMMEtpeWJhS093Z0UrazZCV08vRzhBTHJaR3BHSUJZekl6N1cyYTBDR0pEcFljRzJ4KzRlUkZxaDZuS2VkaWczUTZGVXF5WXVKRHc9PQ__
Server
nginx
X-Robots-Tag
noindex, nofollow
0_0_2379000_mt
loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/
Redirect Chain
  • http://212.83.166.62//eFgvREd5MFU3M1lMMEtpeWJhS093Z0UrazZCV08vRzhBTHJaR3BHSUJZekl6N1cyYTBDR0pEcFljRzJ4KzRlUkZxaDZuS2VkaWczUTZGVXF5WXVKRHc9PQ__
  • https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt
137 B
391 B
Document
General
Full URL
https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/pemotion/trackingunsub0101.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.145.5.99 , Russian Federation, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://storage.googleapis.com/pemotion/trackingunsub0101.html#/eFgvREd5MFU3M1lMMEtpeWJhS093Z0UrazZCV08vRzhBTHJaR3BHSUJZekl6N1cyYTBDR0pEcFljRzJ4KzRlUkZxaDZuS2VkaWczUTZGVXF5WXVKRHc9PQ__
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
137
content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 08:02:51 GMT
server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
163
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 08:02:50 GMT
Keep-Alive
timeout=5, max=100
Location
https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Primary Request 01f20916da9c7b8d74515df0b9ee3cda
viaticalbend.com/
Redirect Chain
  • https://minimumcrust.info/?s1=351432&s2=905332600&s3=2275&s4=0&ow=&s10=739
  • https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
169 KB
26 KB
Document
General
Full URL
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Requested by
Host: loungelander.com
URL: https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2920e0c1c4f6766a0db1fae5c0285af7a88801a9311d6c3f70386f36671b2526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://loungelander.com/0/0/0/bb008c6bde645c5a4182049b9bf2b73f/3/0_0/0_0_2379000_mt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
78df0275a8789b1b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 08:02:53 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPayc%2FbiBi4iz6wIimOvBeOaO7DRDFPS2TqlpD7D0GIuiGcxPtWuhN0k2jt2%2Br2tIh5Rc9d3SnTYkGLVHz2Nwc%2B3W8Ky7cgciO2QU0zwLxHKYh%2Bl%2F1EaLxhDYEM8%2FNpLinsqHIXLR9LeZPr5sV7o"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
78df0271ec692baa-FRA
content-type
text/html; charset=UTF-8
date
Mon, 23 Jan 2023 08:02:52 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCZjsQDntUo8UvU%2FrQByF5ILmRc2DehBQzLa4WT36UAB7tVd4h6A1vL1Vw9BbWzjiT1BcPoBakpXZIquTFiQadQPn9HMVZNYAo8mYRd4GLxWIamwZ8ItLTSTmS98PhzghRcpTZOJGGEpqOH0SAYCEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
viaticalbend.com/assets/js/vendor/bootstrap/css/
141 KB
22 KB
Stylesheet
General
Full URL
https://viaticalbend.com/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx2aovfC%2FsdplbIjVec3doA9Rw2DM%2BacxAqkF5JX9Z0FQ1eMz1P37PHEnCjRp63gwKv66S%2FqYv5CMd3Uv08D%2FdTtvgejH3tCh0FPw2QYMdQnozmRe0SKVMeT8JxyozRElCP1FEyp2p1RDkaUnFIR"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b78639b1b-FRA
expires
Fri, 27 Jan 2023 01:09:14 GMT
all.css
viaticalbend.com/assets/vendors/fontawesome/css/
72 KB
13 KB
Stylesheet
General
Full URL
https://viaticalbend.com/assets/vendors/fontawesome/css/all.css
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PdUvKVCmE%2BipTw0FinE3zKtIwH%2BK9b6UBbZNod7527QY7%2FoUCo7Bq3IIzpVfyBNT%2FRMX691iL8eQHXuU9AgGD5%2Bb%2Bjfrv33TiMNgeRdUyHDtX27wwYuspELQkJ%2BKYU6EU7HpP1VgMOSJr47xfMQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b78669b1b-FRA
expires
Fri, 27 Jan 2023 01:09:14 GMT
common.css
viaticalbend.com/assets/css/legacy/
31 KB
8 KB
Stylesheet
General
Full URL
https://viaticalbend.com/assets/css/legacy/common.css?v=1b15cfc50f130d25665bf1ccfc038de0
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e559f3574f7c56a1c93db278310956b07c751be1b1cf17e063e7d88f0beafa20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Jan 2023 19:24:45 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLj656YnDA4CRDB4Z8%2Bh3yI2z7GcLfM7QUGocOXIgd5B9LJq9s9KsaveNv2270YKMeKi0W9DtzPXTMMovk65f37QORvsZPAaeyEVVgDmSMdxtT%2BhDPrHMoLN%2FpC4YTexK%2Bid%2F7Sla9VqrxlOuCAD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b78689b1b-FRA
expires
Mon, 30 Jan 2023 08:02:53 GMT
1.4.css
viaticalbend.com/assets/css/legacy/
6 KB
2 KB
Stylesheet
General
Full URL
https://viaticalbend.com/assets/css/legacy/1.4.css?v=1b15cfc50f130d25665bf1ccfc038de0
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c15473cac0e10bc1cad7708e743bdf24b916765f4bfa3875e7a9161d87542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 29 Nov 2022 22:22:32 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OohatjEzuqfzTINeWuh9c8rateZdkB40Ys4bt99kATlKQgRXXz19ivgCfZM2%2FI%2BiyehZTruZ%2B3fyb3v4TPrSGp7KtxA5k3mCmtTfvpKPSDSyQwuUxYm%2B%2B4s1mqjLV6GCQUYgH22NiIB7psi1rj15"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b78699b1b-FRA
expires
Mon, 30 Jan 2023 08:02:53 GMT
msg.js
viaticalbend.com/inc/
942 B
814 B
Script
General
Full URL
https://viaticalbend.com/inc/msg.js
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 12:25:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4S1KDUVTIwGd2W4XrapX0CgxI8ljjztLDWIKBYHAsCom9rbS8%2BTa0YxWxcZvPBtfDogEsMxWeJ6Q7nj7RInxwsVRXRqYtFaiSb1PUIS6vQRE2e%2Fg%2FV9CLekvoEWbuIVYOC8%2Bh%2B719JVzaMKj3Uv"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b786b9b1b-FRA
expires
Fri, 27 Jan 2023 01:09:14 GMT
jquery-3.4.1.min.js
viaticalbend.com/assets/js/vendor/
86 KB
31 KB
Script
General
Full URL
https://viaticalbend.com/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTOc0ct71lIuN%2BpGpZi4q1PK9pHVePFX7%2BlQOnVaboTpkN0cKOmieuFvMdTjpB1ffHRCc3IRmxWtb4%2Bha5iRYoo55F79KinBW%2FwX%2FEZEAXwJ6V%2B6ptKhT3uZRMeNFUXGGtkar9nGVUOh8W5kNDwF"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b887a9b1b-FRA
expires
Fri, 27 Jan 2023 01:09:14 GMT
bootstrap.min.js
viaticalbend.com/assets/js/vendor/bootstrap/js/
48 KB
13 KB
Script
General
Full URL
https://viaticalbend.com/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
284019
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz4HeCoswM98ASCyg2CWcQlBAl2tuNSUPuLymfZToO1gRT%2BC1HFXkIYlSAFubY5lnCjnx%2F5Cg6Q0YNidx9y5EwVpbnNAEzbkweags16qQi9maFCosXDmslf2Ty2TPd6kG5DTdLCgbuISSxFSITke"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b887b9b1b-FRA
expires
Fri, 27 Jan 2023 01:09:14 GMT
functions.js
viaticalbend.com/assets/js/
495 B
551 B
Script
General
Full URL
https://viaticalbend.com/assets/js/functions.js?v=1b15cfc50f130d25665bf1ccfc038de0
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 20:48:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0w1%2B%2B6cJ0ULsjxiEmgu8Pikh8JNgG92SAyaU2Fj%2B2qG9OV187xqAILqhGI5oNBELEvE7NG4iHCG20%2BZCA%2BdhL0FbKkOIRBFYTHC5ThJzZWYOrJ1OpmF1G4n7WRhIqqKcYmwqLCHYilcfbZag03YL"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b887e9b1b-FRA
expires
Mon, 30 Jan 2023 08:02:53 GMT
intl_functions.js
viaticalbend.com/assets/js/
3 KB
2 KB
Script
General
Full URL
https://viaticalbend.com/assets/js/intl_functions.js?v=1b15cfc50f130d25665bf1ccfc038de0
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45697b6ce0983415e685fe5d6d97d4c29add3149d16fcb61a0bad9a82e177d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 20:48:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvgI%2FV2AR9YDPe9FkBb2xCZjzeazw5%2FOuuiRYWd1U9u3hcz8gZbKiL0brYqn2PLC7joyUPiYJFQk2X6ZPY1ChGtHcFMG061xKlXGwiuFHsseaKuFGBQDDizPipt40T6VClcMnjzuZ%2BgLponKj0Xh"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b887f9b1b-FRA
expires
Mon, 30 Jan 2023 08:02:53 GMT
common.js
viaticalbend.com/assets/js/legacy/
63 KB
13 KB
Script
General
Full URL
https://viaticalbend.com/assets/js/legacy/common.js?v=1b15cfc50f130d25665bf1ccfc038de0
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cedabb0a1157dd23f35e9f540b0dbfa0c95c2783403a62951f4cda95ebc6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 13 Jan 2023 19:24:45 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XiV8Btw%2FKLtALyVl3%2BXun9bB1NDSzluYKpDLZ6mNhO8lFi8domH5VSJNhDcOkb8tcrZcATEF6Q6AEZRvkNHsxRDUIRmIFIp1XJieytrXARpjYTcmL1tBanLw6PFqXcrFcAQsMxwK3N75jcA7wEz"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
78df027b88839b1b-FRA
expires
Mon, 30 Jan 2023 08:02:53 GMT
gtm.js
www.googletagmanager.com/
107 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef78907abd052b0f98e5af02d3f3d2f672ab0bcd6b709e5d65bb2b2d4177dfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42268
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Jan 2023 08:02:53 GMT
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/assets/css/legacy/common.css?v=1b15cfc50f130d25665bf1ccfc038de0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 08:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 08:02:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 08:02:53 GMT
v9e118mez8
trk-epicurei.com/scripts/push/
7 KB
3 KB
Script
General
Full URL
https://trk-epicurei.com/scripts/push/v9e118mez8
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4195
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 23 Jan 2023 06:52:58 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bOOApHUe2g%2FFdM5nA1SEpizmYXs2EkL9Y7C1iChp2sNl61cJANLF6w%2BdTIKCD%2F9PrrYe0wYPv5ijPrFBAzJ2BDYMOCLkbua3hyI3E%2BpybkeZ5EzgQAyk%2F8OMZNJ5EzsHyTf%2BBqotQHKWfAnPAn4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
78df027ebfe96987-FRA
expires
0
4569cf14d9d0c5cb505b2b611c02f29b.png
viaticalbend.com/fim/739-DE/
41 KB
41 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/4569cf14d9d0c5cb505b2b611c02f29b.png
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xi%2F6%2B6KbfSEBjQ2oZq5VMrYtRJ5CEJF6ZGcbs7KbfgivkKVH5VxCpUGlklOa48XFG5tPRSZGKGKzTz9O%2FIa7EPJV78OZ11gWwCrQWIYkcOXtGYdZNcT4rM7QHKkpbA4MGlv76lLBTdiEfKwBycbb"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efdfe9c0d-FRA
expires
Mon, 30 Jan 2023 08:02:54 GMT
d710be08c5034368e202ff5a3ce17fe9.png
viaticalbend.com/fim/739-DE/
8 KB
8 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/d710be08c5034368e202ff5a3ce17fe9.png
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7881
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr6vZDt15KzyMZAYthWyOVkhMob4sOuYWZVJZROb2H7Fg6n%2F6hu3isnCJG0fR%2FmqPm%2BNc57Yxt5miK%2F5iUjuhrvQOfrsuo8k7wiuQImWeVr%2BAbuHJSjm7D1FDULF3tzwXy9k3aNj%2FzWPUx9gg%2Bl9"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe0b9c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
134dcd2b90f0383f07433aaa8f83faf0.gif
viaticalbend.com/fim/739-DE/
15 KB
16 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/134dcd2b90f0383f07433aaa8f83faf0.gif
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15537
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQPsm%2FkH%2BU%2BjTilABDwgP7p3lwidQCwIG0iGrsorMcpPjPuwDgmAqi5Nik8IX5c4DAAAWEo5x7cxQf6WM4mURA%2BbbqCL4wFF1EmB9jVuZWv4koTJoYTfOLvktfjD2IuvBPJFExAcFybdDMjln5yd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe0e9c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
8dc324b5aae9493b07c6fde1d6946f36.png
viaticalbend.com/fim/739-DE/
2 KB
2 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/8dc324b5aae9493b07c6fde1d6946f36.png
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1714
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tS%2Bd9tc0WdtOuv7momDbwE4dxGpLMrqqnu0LHMQ4tt2sYE3Jf%2Fv2Wy5za51xllZ3T6u79bpGkOFJ6Rew4k9U7qKlW1J3303Ttl7jyppek2XjhuMzAR8DCZVO0vd3D5rZOYB6n29dVprsfO0NbXU"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe109c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
5a98686a06e7813bb08eb58150bd2293.jpg
viaticalbend.com/fim/739-DE/
2 KB
3 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/5a98686a06e7813bb08eb58150bd2293.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2061
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3f3wMj6hJRU7gsKkYWC9o08DJghgAWyrD6lLgBu3CKN8FlBDMtvZ2b1HJXea1ey1kgDJ8N2%2FcWTXrrlLk1%2Bq1%2F7CSlEKkmng3MGS8GgpMnyYPaCBFM2GIjW16ZgIOj38nrxONcpBFMbY46oGJzNd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe119c0d-FRA
expires
Mon, 30 Jan 2023 08:02:54 GMT
6ba3e5047e20091f87b94d3ad4e0e8db.png
viaticalbend.com/fim/739-DE/
8 KB
8 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/6ba3e5047e20091f87b94d3ad4e0e8db.png
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8047
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWGwG9o1zuiBYLR98ujx9IzPNxeREI%2BuQCx8B2%2BqfZs%2FJ7hdHEeEYS1L1ers6yNoeWFxGAvC9Ff%2FhnXQ2l9QI7l%2B%2FAcQu5c48MYxxPCXqATAkLytYV60%2BaTsNO4VbSxR596OFpdBXFSdTXCVd825"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe129c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
a20733cdd3dc7375c6dd88ed664ef11c.jpg
viaticalbend.com/fim/739-DE/
2 KB
2 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/a20733cdd3dc7375c6dd88ed664ef11c.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e061934e3e59bb4572a66216f0474b7cf744596985c83893ab7146cb4b76292f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1998
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HwCtVzDlVWCJcpbC5NnKUW68S2C8khDjpP7ICKVCSNeMjNNOm5aD%2F8ZBT50YTRZ9vv0a6suOv6NmXwDpcOiEgf78BQHja%2FhgQ5HV896hO0gquZviVmAzIXck4tEvW3%2FX6V%2BMYAt4iGi19yXKpHN"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe159c0d-FRA
expires
Mon, 30 Jan 2023 08:02:54 GMT
f449b7b20d0dac93c13d3a6097532293.jpg
viaticalbend.com/fim/739-DE/
2 KB
3 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/f449b7b20d0dac93c13d3a6097532293.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2066
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBy%2B09iOuZbDQq33p27IJ3C8kkaVP1MC%2FqiMyjF7fE8cW8Il5HAIx01%2Bl33SrvyBEtoqd32YO0c4QVIAYtAlR0tGgVHjvgaJJPo5%2BWYT6jNDC5in50PRCTcBXVQV%2FgOUoWxHzz632lQI0TX%2FfLiq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe169c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
7df92a03d2c62158b411e8bd1bbb4bc0.jpg
viaticalbend.com/fim/739-DE/
2 KB
2 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/7df92a03d2c62158b411e8bd1bbb4bc0.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1855
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmD9%2FGs2RfKYdXV3CXurkSTTWXpcTHh0pb1YsgB9KDt3%2FVRLkfv2ah%2BLZnrkFtZbZ9Z%2ByEBHonXxn87C2EPMw5j%2FBvto2FYyXHiGOPqIUsH5BZPRt3pE7f6Vv%2BmW7c3V5lyc0cf2%2BDpy6LTQgrCr"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe179c0d-FRA
expires
Mon, 30 Jan 2023 08:02:54 GMT
b3f801131a7f2c81d2408433b3a09de1.jpg
viaticalbend.com/fim/739-DE/
2 KB
2 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/b3f801131a7f2c81d2408433b3a09de1.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1941
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sN5r4SfD7RCNVgL57g8swdqjc67VFPoy8EIpK1c0lRpbYadfKyYfLsNFFjDOPFaoOBar6dCOtqbolebGpJd0GpndCuBxoiREJ%2BWY9hMFNiCLavAhC4fcW3ZwSDwKBzkYUf0U%2F5xUgKLWLzXeDYc"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe189c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
0956252a8704461bc086091a30041838.jpg
viaticalbend.com/fim/739-DE/
2 KB
3 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/0956252a8704461bc086091a30041838.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2071
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4ikzKcfOECxUrBkkn%2F4WGW8UHHEDR%2B2Ne1jK5X4lubZ6jrnbvVjA54YtPZeoTk3kaGTsBZlK7SSrCO%2FELy3RgD2wmklTN0shqfUeeH1Z%2FXSY3FGnUk2uSXKw4AyNCUoZhwomHXC1P2cIvsDs7kZ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe1b9c0d-FRA
expires
Mon, 30 Jan 2023 08:02:54 GMT
cf8b3681b30c0460a757389a30f831d6.jpg
viaticalbend.com/fim/739-DE/
2 KB
2 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/cf8b3681b30c0460a757389a30f831d6.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db4a30686167f451311bbf0791f3b0224c03ee161e82354c760fa5bb0cb4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1971
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMnEcmJ2bPJ5%2FVjwas5xuMK4FGV1T55DWsIrZXmDkpKO3RVCJJcyeJoqwS5UCaKQXtrsMb5R1PXs9ZvjkzULkt739tQiA3Xw4KphBxRppwyAE1vihPw9hJOKrX%2Bqt5OyNip3H3YrxVTEVvCtBa8R"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe1f9c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
9fa297f8a0c499fb6e8106f61c13082a.jpg
viaticalbend.com/fim/739-DE/
2 KB
3 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/9fa297f8a0c499fb6e8106f61c13082a.jpg
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2028
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD%2F4x3QRVlAgO5cU%2FbjFoZHIZbKp61KjT8tA0sjC4uw01I9KXgRrdE4L6J8CWzjvLEv3jmXKeH8iT0QrUAiLcN9rnCUkTjP%2FY3a8jpvoVEVzOovMAHIL7Mm6GjLmGft%2BpKacE2CUPNGi0qk%2Bjk4B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe209c0d-FRA
expires
Mon, 30 Jan 2023 08:02:54 GMT
0962445ee9d270f3951182ebb6fbe056.png
viaticalbend.com/fim/739-DE/
5 KB
6 KB
Image
General
Full URL
https://viaticalbend.com/fim/739-DE/0962445ee9d270f3951182ebb6fbe056.png
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:01:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zQFrL2%2FJU2iafOoy7fKrejRewMAXvsTTtP96BrTP%2FbGK2r89KVAdmMQaFklSxxqRmuzKteCY4FshI0SUCpWXss3C6PCqc266Mc13CKA4ZSOLnO0hXoftep%2BRfjz%2F5nRpHZLfhxSGlECAGTVK4v2"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027efe229c0d-FRA
expires
Mon, 30 Jan 2023 08:01:56 GMT
01f20916da9c7b8d74515df0b9ee3cda
viaticalbend.com/
38 KB
38 KB
Image
General
Full URL
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B13ndUl4ty%2BF%2BpXvTp6id%2BahghR5tZb7I0p%2BH4CBVd5WAJq5PyL6eZFWkMpd0UUfEEC2Ksfy0JNBkwUbkVozFkoTMazdHP3w2V6HCeQj%2FNbRu37FdDT7veikEFsxNPpw8hpptfAawAVaOSThFJeZ"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
78df027f0e3c9c0d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viaticalbend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:03:44 GMT
x-content-type-options
nosniff
age
385149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18260
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:03:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 21:03:44 GMT
fa-solid-900.woff2
viaticalbend.com/assets/vendors/fontawesome/webfonts/
78 KB
79 KB
Font
General
Full URL
https://viaticalbend.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://viaticalbend.com/assets/vendors/fontawesome/css/all.css
Origin
https://viaticalbend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283728
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfm3Kfs0sbnqvvF8nLjmBosHlPDSmkT1p8%2FcB4W1ouyZHTh%2BXxpF3HqTZH7GOVf594yoHIwtOpFrRmYdGe3G4RDcllfbaJPIhc1GyHiC%2Fy7Rlkw6F4ah7qx72r7B1xnGDlrx23zcBOHksw3NR4%2F2"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027f0e409c0d-FRA
expires
Fri, 27 Jan 2023 01:14:05 GMT
fa-regular-400.woff2
viaticalbend.com/assets/vendors/fontawesome/webfonts/
13 KB
14 KB
Font
General
Full URL
https://viaticalbend.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: viaticalbend.com
URL: https://viaticalbend.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:247e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://viaticalbend.com/assets/vendors/fontawesome/css/all.css
Origin
https://viaticalbend.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283728
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW3hNuLm31991CQzlKbLyXDkUedpKRZm5XRQzgM1tYZGH%2F3hv0SIqbfwBQQHuMHLe5c8LNpg%2B4fWuxPt9qaDOfhn7j4Hyq2ChFgwMEuNG%2BDua7UU9bsh0XDucZvpwKK44jvwB4htJiIdwNHIZuFV"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78df027f0e419c0d-FRA
expires
Fri, 27 Jan 2023 01:14:05 GMT
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac82be27a4d61620b68ca95527789ec83a719943e1b26ebeaa7a25ec8accdd48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:02:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Jan 2023 08:02:54 GMT
collect
region1.google-analytics.com/g/
0
338 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oe1i0&_p=779482825&cid=1788925718.1674460974&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674460974&sct=1&seg=0&dl=https%3A%2F%2Fviaticalbend.com%2F01f20916da9c7b8d74515df0b9ee3cda&dr=https%3A%2F%2Floungelander.com%2F&dt=%5B1%5D%20Pr%C3%A4mie%20ausstehend%20-%20Online%20Survey%20-%20Wir%20wollen%20Ihre%20Meinung!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viaticalbend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 08:02:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://viaticalbend.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://viaticalbend.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 23 Jan 2023 08:02:54 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5MqJ0oiC3PKoepqIhsk0VL9B1PCpwCwt1qgwrCtVziYUeTWPZdjLuKauawvOR34AcT3%2F19ycX5QEwY05ZP7yinmTBA7nJrIIYgCjyoN0aLQ%2BZC0VPeodmMZrqW4fw402VcSvJ5WHcpNeTkL3KpDfBIdHOyA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://viaticalbend.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
78df02821af9906d-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://viaticalbend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://viaticalbend.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78df0280b8f4906d-FRA
content-length
0
date
Mon, 23 Jan 2023 08:02:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY0dvkrMaezRKzSAxO7YkFMzXPteezC5zttTtXjHIZSz%2BSM9jpchF9IAg2cyzUCRX85IEOdXUz06zvYyE7Ry296g6yuJwaQiONU8S9Gq%2FRq5QSZCIT%2F%2Bh7mRsjGBKH5vovEZnc5ZsJ23JvCRmp9JHMZ0YXID"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://viaticalbend.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 23 Jan 2023 08:02:54 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfJymL29xUhAZdmqI0lRZ2dBsyZcuiFzP7mqWkGTd18lH%2FKU9vStlNftHB%2BYtA%2FsuJPdBwgsfvds3sPrfJmf3lZ%2F6WXTOUEYeNV5xZKxOlgTDd%2BLFP7qcWCrJJALAyAuPjOEgh0PV2sLXd%2BqLFvTI9y7Elj8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://viaticalbend.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
78df02822b1a906d-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://viaticalbend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://viaticalbend.com
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78df0280b8f5906d-FRA
content-length
0
date
Mon, 23 Jan 2023 08:02:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vYSKAl42lupPqewpHMBMoKxWJKaJ2nqvb5hBzmWE0MZeKqCZti2w3HYpAvoo0ZKoO%2Brn94mk5LccW4Ij6H7lX2d98zt1pMij%2FcjW11f6%2FDvxUIeN0GYedQFP4RqK2vXiDzndl57Ii5plqpvvUKT5Qor7OTw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dataLayer object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain object| _0xc81e function| _0xe28c function| $ function| jQuery object| bootstrap function| startTimer number| duration function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub object| _0xc98e function| _0xe73c string| LNG string| CMP string| CNT string| BID string| API_URL object| _0xc72e function| _0xe5c object| currentdate object| months string| attrChoices string| domain string| pipeline string| zipcode string| state_selected object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| sendOf function| popunder function| replaceUrlParam function| startsurvey function| nextQuestion function| formatPhoneNumber function| overflowP function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| startSurveyU function| switchTypeQuestionsU function| nextQuestionU function| showOfferWallU function| validateData function| showStreetStateU function| showDisclaimer function| preventS function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| _0xc50e function| _0xe6c string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl object| _0xc36e function| _0xe65c number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
loungelander.com/ Name: uid2275
Value: 905332600-20230123030251-f746fb40609983a1036c2c49f8a42474-0
minimumcrust.info/ Name: PHPSESSID
Value: e76d07da44619aa6a8fa2fb3cfa76ea6
viaticalbend.com/ Name: PHPSESSID
Value: 5bdc127db94f48fa36ee2cc3bfa000fc
.viaticalbend.com/ Name: _ga_DKB9VH2QW4
Value: GS1.1.1674460974.1.0.1674460974.0.0.0
.viaticalbend.com/ Name: _ga
Value: GA1.1.1788925718.1674460974

1 Console Messages

Source Level URL
Text
other error URL: https://viaticalbend.com/01f20916da9c7b8d74515df0b9ee3cda
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-epicurei.com
fonts.googleapis.com
fonts.gstatic.com
loungelander.com
minimumcrust.info
region1.google-analytics.com
storage.googleapis.com
trk-epicurei.com
u1677694.ct.sendgrid.net
viaticalbend.com
www.googletagmanager.com
167.89.118.28
2001:4860:4802:34::36
212.83.166.62
2606:4700:3037::6815:247e
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a00:1450:400d:802::2010
2a06:98c1:3120::3
2a06:98c1:3121::3
2a06:98c1:3121::c
45.145.5.99
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2920e0c1c4f6766a0db1fae5c0285af7a88801a9311d6c3f70386f36671b2526
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2db4a30686167f451311bbf0791f3b0224c03ee161e82354c760fa5bb0cb4dfc
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
48cedabb0a1157dd23f35e9f540b0dbfa0c95c2783403a62951f4cda95ebc6ed
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
ac82be27a4d61620b68ca95527789ec83a719943e1b26ebeaa7a25ec8accdd48
b18c15473cac0e10bc1cad7708e743bdf24b916765f4bfa3875e7a9161d87542
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b45697b6ce0983415e685fe5d6d97d4c29add3149d16fcb61a0bad9a82e177d5
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
e061934e3e59bb4572a66216f0474b7cf744596985c83893ab7146cb4b76292f
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e559f3574f7c56a1c93db278310956b07c751be1b1cf17e063e7d88f0beafa20
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef78907abd052b0f98e5af02d3f3d2f672ab0bcd6b709e5d65bb2b2d4177dfcf