stiftung-kindertraum.sicher-helfen.org Open in urlscan Pro
138.201.89.129  Public Scan

Submitted URL: https://stiftung-kindertraum.sicher-helfen.org/
Effective URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Submission: On July 06 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 138.201.89.129, located in Mannheim, Germany and belongs to HETZNER-AS, DE. The main domain is stiftung-kindertraum.sicher-helfen.org.
TLS certificate: Issued by R11 on July 6th 2024. Valid for: 3 months.
This is the only time stiftung-kindertraum.sicher-helfen.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 sicher-helfen.org
stiftung-kindertraum.sicher-helfen.org
215 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 87
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 216
73 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 sicherhelfen.org
secure.sicherhelfen.org
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
18 7
Domain Requested by
9 stiftung-kindertraum.sicher-helfen.org 1 redirects stiftung-kindertraum.sicher-helfen.org
code.jquery.com
3 fonts.googleapis.com stiftung-kindertraum.sicher-helfen.org
2 www.facebook.com stiftung-kindertraum.sicher-helfen.org
2 connect.facebook.net stiftung-kindertraum.sicher-helfen.org
connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 secure.sicherhelfen.org stiftung-kindertraum.sicher-helfen.org
1 code.jquery.com stiftung-kindertraum.sicher-helfen.org
18 7

This site contains no links.

Subject Issuer Validity Valid
stiftung-kindertraum.sicher-helfen.org
R11
2024-07-06 -
2024-10-04
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
upload.video.google.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-04-14 -
2024-07-13
3 months crt.sh
secure.sicherhelfen.org
E5
2024-06-11 -
2024-09-09
3 months crt.sh
*.gstatic.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh

This page contains 2 frames:

Primary Page: https://stiftung-kindertraum.sicher-helfen.org/laura
Frame ID: 467E5F3BEDB3023DA7B4A4A2C43D0689
Requests: 17 HTTP requests in this frame

Frame: https://secure.sicherhelfen.org/app/3b716500-dbe0-494e-a4e8-a9d2505649f8
Frame ID: 76BA638D774629C829FD5967C68D6C20
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Stiftung Kindertraum

Page URL History Show full URLs

  1. https://stiftung-kindertraum.sicher-helfen.org/ HTTP 302
    https://stiftung-kindertraum.sicher-helfen.org/laura Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

341 kB
Transfer

662 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stiftung-kindertraum.sicher-helfen.org/ HTTP 302
    https://stiftung-kindertraum.sicher-helfen.org/laura Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request laura
stiftung-kindertraum.sicher-helfen.org/
Redirect Chain
  • https://stiftung-kindertraum.sicher-helfen.org/
  • https://stiftung-kindertraum.sicher-helfen.org/laura
2 KB
2 KB
Document
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f2acaf9dc49f14209cc372e303d89a1508a2f5842ce3af08a6dc7cc11b2c5205
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.kronehit.at
X-Frame-Options ALLOW-FROM https://www.kronehit.at

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://www.kronehit.at
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 12:10:23 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
x-frame-options
ALLOW-FROM https://www.kronehit.at

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 12:10:23 GMT
location
https://stiftung-kindertraum.sicher-helfen.org/laura
server
nginx/1.14.0 (Ubuntu)
styles.css
stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/
18 KB
3 KB
Stylesheet
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ba3470cef64b1908623ed8d52be5291c89f15c00efb9f6c49561cd6590daeec9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/laura
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:23 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 10:29:21 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fc8be01-4859"
vary
Accept-Encoding
content-type
text/css
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6123995
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga21981-LGA, cache-mxp6982-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1720267824.557564,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
12, 268212
jquery.twbsPagination.js
stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/js/
12 KB
3 KB
Script
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/js/jquery.twbsPagination.js
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8408b6733c63ed10769900d804165c2d33e952f4673e3872a8ee529ae1b63905

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/laura
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:23 GMT
content-encoding
gzip
last-modified
Sat, 04 Aug 2018 12:19:41 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5b6599dd-303f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
script.js
stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/js/
3 KB
1 KB
Script
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/js/script.js
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
38a2ec8cff340994fdf4f8e72078011983acae3184b3e0b3f7a997f370a369f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/laura
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:23 GMT
content-encoding
gzip
last-modified
Mon, 07 Dec 2020 12:09:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fce1b87-b96"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
css2
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600&display=swap
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9c0e8d06caab082c2350d1b480238a0666327b14390421332f052839c30743d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 12:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 11:54:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 12:10:23 GMT
css2
fonts.googleapis.com/
1 KB
511 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Marck+Script&display=swap
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f36443ef021a34dd23858b199983fff9b5985c034cba017c46db6cc67da8981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 12:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 12:10:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 12:10:23 GMT
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 12:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 11:08:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 12:10:23 GMT
fbevents.js
connect.facebook.net/en_US/
222 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
date
Sat, 06 Jul 2024 12:10:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
VNDXrarRvzrXLMdENDVgwTIfG8FOiZyJynnYjP4dIbo2cL/8y0FX9KXu5hMGqg16Gi6WUVKk7ovYz6uR4ASiwQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
3b716500-dbe0-494e-a4e8-a9d2505649f8
secure.sicherhelfen.org/app/ Frame 76BA
0
0
Document
General
Full URL
https://secure.sicherhelfen.org/app/3b716500-dbe0-494e-a4e8-a9d2505649f8
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.116.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.116.12.49.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 12:10:24 GMT
server
nginx
vary
Accept-Encoding
Margem-Light.woff
stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/fonts/Margem/
107 KB
108 KB
Font
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/fonts/Margem/Margem-Light.woff
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d6b34148a2246059e94195951005853922531a93d910e87b5c59e764a343aa27

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Origin
https://stiftung-kindertraum.sicher-helfen.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:24 GMT
last-modified
Fri, 20 Nov 2020 00:08:38 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5fb70906-1ad0c"
content-length
109836
content-type
application/font-woff
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://stiftung-kindertraum.sicher-helfen.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:17:32 GMT
x-content-type-options
nosniff
age
172372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 12:17:32 GMT
donations.php
stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/ajax/
0
132 B
XHR
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/ajax/donations.php?page=1
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://stiftung-kindertraum.sicher-helfen.org/laura
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:24 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
Margem-Medium.woff
stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/fonts/Margem/
96 KB
96 KB
Font
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/fonts/Margem/Margem-Medium.woff
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2b209ac5a353831fb8544e19eddb453821671e6b018405e119b5b9ec3dc4abd4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/css/styles.css?version=2
Origin
https://stiftung-kindertraum.sicher-helfen.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:24 GMT
last-modified
Fri, 20 Nov 2020 00:08:39 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5fb70907-180e0"
content-length
98528
content-type
application/font-woff
729196624509644
connect.facebook.net/signals/config/
67 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/729196624509644?v=2.9.160&r=stable&domain=stiftung-kindertraum.sicher-helfen.org&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86e590015b81aade62f47551a0e7720f4ea28a17715923856e984b92ac92b8f6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jul 2024 12:10:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=65, mss=1297, tbw=63818, tp=-1, tpl=-1, uplat=313, ullat=0
pragma
public
x-fb-debug
r4JMtBnyNF+TfR9hNknFEJzXEgatgvlGA+ZkfNyjTnzI6sQwcW1RqjEMhP9uV1MPiY/Yh5IY0zY5mvB+7L8Yrg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=729196624509644&ev=PageView&dl=https%3A%2F%2Fstiftung-kindertraum.sicher-helfen.org%2Flaura&rl=&if=false&ts=1720267824962&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720267824953.427222244870234745&cs_est=true&ler=empty&cdl=API_unavailable&it=1720267824363&coo=false&exp=f0&rqm=GET
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jul 2024 12:10:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=729196624509644&ev=PageView&dl=https%3A%2F%2Fstiftung-kindertraum.sicher-helfen.org%2Flaura&rl=&if=false&ts=1720267824962&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720267824953.427222244870234745&cs_est=true&ler=empty&cdl=API_unavailable&it=1720267824363&coo=false&exp=f0&rqm=FGET
Requested by
Host: stiftung-kindertraum.sicher-helfen.org
URL: https://stiftung-kindertraum.sicher-helfen.org/laura
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9d7273f848931d2a","source_keys":["1","2"]},{"key_piece":"0x050d5f3d26cf6123","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 06 Jul 2024 12:10:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388494050459303994", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3111, tp=-1, tpl=-1, uplat=232, ullat=0
pragma
no-cache
x-fb-debug
xgaUEqjWt8uzTxGMLoEbBenb6gA7ITwTEAlvIEsgIZWtnT+Q/bmiwSY7xUuZmUTnewXlFqgXyS0ghBpjYLVPLA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388494050459303994"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/images/
1 KB
861 B
Other
General
Full URL
https://stiftung-kindertraum.sicher-helfen.org/storage/templates/stiftung-kindertraum/4ae0926d-98db-4d58-b1b0-32e4e9cd564d/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.89.129 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.89.201.138.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c3a70ecc16fe27dfb3d697713ac7cb1c4969599b378e13d9238de3525e1e422d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://stiftung-kindertraum.sicher-helfen.org/laura
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 12:10:25 GMT
content-encoding
gzip
last-modified
Wed, 24 Jun 2020 10:26:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ef32a3d-47e"
vary
Accept-Encoding
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| fbq function| _fbq string| parentUrl string| pageId function| $ function| jQuery function| handleMessage

3 Cookies

Domain/Path Name / Value
stiftung-kindertraum.sicher-helfen.org/ Name: XSRF-TOKEN
Value: eyJpdiI6Imh2SURML3V4QTdCTlJpRldZeldGeWc9PSIsInZhbHVlIjoiZEJjYzdFd3RROFhZZi96cllTTDF4bDBaTHFUR0U0Tkg5OW1QOG8rZmZwVmVzZExvRisxRmVlR2V6RGJTNlRwNmZrb1dzNzFJeTIvaFN6dFRmVkhDQytQMnRXekxOZU5LRUNndE9FNWhieUgvSldmSlExZXpHN05Rc2JycnorNE0iLCJtYWMiOiJlOGJiY2UzOTYzNDFkYmUyMWUyY2ZmZTBhOTMzODAwNGI2NWI5NTRmMmM3MmVjMTEzYmNmYzJkYjIwNjc1MTI1In0%3D
stiftung-kindertraum.sicher-helfen.org/ Name: grounded_leads_session
Value: eyJpdiI6IldFdk0xUG4yNVZpRGQvYnVtVy9mZkE9PSIsInZhbHVlIjoiUSsyN2ZuNkQ0dFFkK0FMd1ExOFR1STFybTJTVjdQdVE1Wjd0TEJlTGNML0Z2MVQ2ZlNYR2dqRCs1aVZIV2RMd1o5NzVwWlp6MWlhQlkwVEQ5R1kwak5zaUdEa1RpaXoybU1rVUNpSUVGSjZmOVVYNC9jVjJmL0ZtNE5Pd2NJYlQiLCJtYWMiOiIzNGQ3ODBmN2M5YzAwOTBhYTNiMzc4ZDQ2M2M0ZjQ1YmM4ODcxY2E4YjRkMjgyZGNlMmY3OWRiYWIzODI3ZThkIn0%3D
.sicher-helfen.org/ Name: _fbp
Value: fb.1.1720267824953.427222244870234745

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://www.kronehit.at
X-Frame-Options ALLOW-FROM https://www.kronehit.at

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
secure.sicherhelfen.org
stiftung-kindertraum.sicher-helfen.org
www.facebook.com
138.201.89.129
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::649
49.12.116.114
2b209ac5a353831fb8544e19eddb453821671e6b018405e119b5b9ec3dc4abd4
38a2ec8cff340994fdf4f8e72078011983acae3184b3e0b3f7a997f370a369f2
40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
5f36443ef021a34dd23858b199983fff9b5985c034cba017c46db6cc67da8981
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
8408b6733c63ed10769900d804165c2d33e952f4673e3872a8ee529ae1b63905
86e590015b81aade62f47551a0e7720f4ea28a17715923856e984b92ac92b8f6
a9c0e8d06caab082c2350d1b480238a0666327b14390421332f052839c30743d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ba3470cef64b1908623ed8d52be5291c89f15c00efb9f6c49561cd6590daeec9
c3a70ecc16fe27dfb3d697713ac7cb1c4969599b378e13d9238de3525e1e422d
d6b34148a2246059e94195951005853922531a93d910e87b5c59e764a343aa27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2acaf9dc49f14209cc372e303d89a1508a2f5842ce3af08a6dc7cc11b2c5205
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d