urlscan.io logo urlscan.io
SecurityTrails logo

compliance.hinweis.digital Open in urlscan Pro
2a03:4000:7:5e0:989a:7fff:fecd:555d  Public Scan

Go To Rescan Add Verdict Report
URL: https://compliance.hinweis.digital/
Submission: On September 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2a03:4000:7:5e0:989a:7fff:fecd:555d, located in Nuremberg, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is compliance.hinweis.digital.
TLS certificate: Issued by R10 on July 19th 2024. Valid for: 3 months.
This is the only time compliance.hinweis.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a03:4000:7:5... 197540 (NETCUP-AS...)
13 1
Apex Domain
Subdomains		 Transfer
13 hinweis.digital
compliance.hinweis.digital
326 KB
13 1
Domain Requested by
13 compliance.hinweis.digital compliance.hinweis.digital
13 1

This site contains links to these domains. Also see Links.

Domain
www.rafas.de
Subject Issuer Validity Valid
*.hinweis.digital
R10		 2024-07-19 -
2024-10-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://compliance.hinweis.digital/
Frame ID: DFCEB399317FDD9C3DC78C2AA98F1BC0
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RAFAS ::: compliance.Hinweis.digital

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

326 kB
Transfer

1395 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
compliance.hinweis.digital/ 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d2137ba2cc2cf5fa30587ed164540a0788bc9df96b181042732ef31fe79f5832
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-inline';img-src 'self' blob: 'unsafe-inline' data: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;script-src 'self' https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-eval' 'unsafe-inline';connect-src 'self';frame-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de https://player.vimeo.com https://www.youtube-nocookie.com;child-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;font-src https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'self' data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
7597
Content-Security-Policy
default-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-inline';img-src 'self' blob: 'unsafe-inline' data: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;script-src 'self' https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-eval' 'unsafe-inline';connect-src 'self';frame-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de https://player.vimeo.com https://www.youtube-nocookie.com;child-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;font-src https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'self' data: 'unsafe-inline';
Content-Type
text/html;charset=utf-8
Date
Tue, 03 Sep 2024 11:55:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
kddefault.min.css
compliance.hinweis.digital/media/public/css/ 		479 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/css/kddefault.min.css?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
2b2af2ba2abf75221fe5365558be3d02245aa023cffe5ce14ba1747312666d58

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
br
Last-Modified
Sat, 06 Jul 2024 09:41:21 GMT
Server
nginx
ETag
W/"66891141-77a06"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 03 Oct 2024 11:55:29 GMT
fonts.min.css
compliance.hinweis.digital/media/public/css/ 		2 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/css/fonts.min.css?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6bcf69a74743975e1e86a1d971071d65f9a8a13cd6daede1f3a4d508dc54449d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
br
Last-Modified
Tue, 22 Jun 2021 19:46:14 GMT
Server
nginx
ETag
W/"60d23e06-970"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 03 Oct 2024 11:55:29 GMT
dropzone.min.css
compliance.hinweis.digital/media/public/js/dropzone/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/js/dropzone/dropzone.min.css?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
br
Last-Modified
Wed, 14 Dec 2022 19:31:11 GMT
Server
nginx
ETag
W/"639a247f-2666"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 03 Oct 2024 11:55:29 GMT
fontawesome.min.css
compliance.hinweis.digital/media/theme/fontawesome-pro/css/ 		89 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/theme/fontawesome-pro/css/fontawesome.min.css?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
7c98db4b56639c9d7123ce6f966c04060d4673e26a880d8e22726cf4bcdf6d41

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
br
Last-Modified
Tue, 22 Jun 2021 19:46:14 GMT
Server
nginx
ETag
W/"60d23e06-163f2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 03 Oct 2024 11:55:29 GMT
regular.min.css
compliance.hinweis.digital/media/theme/fontawesome-pro/css/ 		632 B
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/theme/fontawesome-pro/css/regular.min.css?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
57a691d0c8c335bbc117978b8874d1d50d98132e631f7cba217f168f5428c1f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
274
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 22 Jun 2021 19:46:14 GMT
Server
nginx
X-Accel-Version
0.01
ETag
"278-5c5600af314aa-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Expires
Thu, 03 Oct 2024 11:55:29 GMT
753a043674f0193523abc1bbce678686_logo.jpg
compliance.hinweis.digital/media/upload/753a043674f0193523abc1bbce678686/logo/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compliance.hinweis.digital/media/upload/753a043674f0193523abc1bbce678686/logo/753a043674f0193523abc1bbce678686_logo.jpg
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
361beea4aba32b9e9ac189559554762b0b569ab75f36c6f31fa4e1b609347a0a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Last-Modified
Sun, 16 Jun 2024 18:28:21 GMT
Server
nginx
ETag
"666f2ec5-14d7e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85374
Expires
Thu, 03 Oct 2024 11:55:29 GMT
scripts.js
compliance.hinweis.digital/media/public/js/ 		584 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/js/scripts.js?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
9d59f3ad7be75b17616f8f8cf658a15edd3c94cf016f3896a41995c3c361620a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
br
Last-Modified
Wed, 19 Jul 2023 20:51:15 GMT
Server
nginx
ETag
W/"64b84cc3-920d8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 03 Oct 2024 11:55:29 GMT
dropzone.min.js
compliance.hinweis.digital/media/public/js/dropzone/ 		112 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/js/dropzone/dropzone.min.js?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
1e5269d149592bb99c29157a9410d1ffb6753466a9f77a3539b947dcf99467c9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
br
Last-Modified
Wed, 14 Dec 2022 19:31:11 GMT
Server
nginx
ETag
W/"639a247f-1bffa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 03 Oct 2024 11:55:29 GMT
whistleblower.min.js
compliance.hinweis.digital/media/public/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/js/whistleblower.min.js?ver=1.9.26
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
34ab355408be4453fee565c1049355b8e34bef5530487c0cebd6d012ad2cb571

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:29 GMT
Content-Encoding
br
Last-Modified
Thu, 07 Mar 2024 13:39:42 GMT
Server
nginx
ETag
W/"65e9c39e-22cd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 03 Oct 2024 11:55:29 GMT
favicon.ico
compliance.hinweis.digital/media/public/icons/signing/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/icons/signing/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
bc4c878a6bfcc7d562fa95656ea2a9a229d17de4a29e6f65a4f67d334ef62655

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:30 GMT
Last-Modified
Tue, 22 Jun 2021 19:46:14 GMT
Server
nginx
ETag
"60d23e06-47e"
Content-Type
image/vnd.microsoft.icon
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150
Expires
Thu, 03 Oct 2024 11:55:30 GMT
favicon.ico
compliance.hinweis.digital/media/public/icons/signing/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/media/public/icons/signing/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
bc4c878a6bfcc7d562fa95656ea2a9a229d17de4a29e6f65a4f67d334ef62655

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 11:55:30 GMT
Last-Modified
Tue, 22 Jun 2021 19:46:14 GMT
Server
nginx
ETag
"60d23e06-47e"
Content-Type
image/vnd.microsoft.icon
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
1150
Expires
Thu, 03 Oct 2024 11:55:30 GMT
/
compliance.hinweis.digital/submit/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://compliance.hinweis.digital/submit/
Requested by
Host: compliance.hinweis.digital
URL: https://compliance.hinweis.digital/media/public/js/scripts.js?ver=1.9.26
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:7:5e0:989a:7fff:fecd:555d Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-inline';img-src 'self' blob: 'unsafe-inline' data: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;script-src 'self' https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-eval' 'unsafe-inline';connect-src 'self';frame-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de https://player.vimeo.com https://www.youtube-nocookie.com;child-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;font-src https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'self' data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 03 Sep 2024 11:55:33 GMT
Content-Security-Policy
default-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-inline';img-src 'self' blob: 'unsafe-inline' data: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;script-src 'self' https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-eval' 'unsafe-inline';connect-src 'self';frame-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de https://player.vimeo.com https://www.youtube-nocookie.com;child-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;font-src https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'self' data: 'unsafe-inline';
Content-Encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx
Vary
Accept-Encoding
X-Frame-Options
sameorigin
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dropzoneDict string| __submitUrl string| __csrfToken function| $ function| jQuery function| Popper function| moment function| Stepper function| Dropzone function| default object| fileKeys function| checkEmail

1 Cookies

Domain/Path Name / Value
compliance.hinweis.digital/ Name: PHPSESSID
Value: 4d2hbihaje9800vn92ngp9ejik

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://compliance.hinweis.digital/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-inline';img-src 'self' blob: 'unsafe-inline' data: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;script-src 'self' https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'unsafe-eval' 'unsafe-inline';connect-src 'self';frame-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de https://player.vimeo.com https://www.youtube-nocookie.com;child-src 'self' blob: https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de;font-src https://*.nithosys.de/ https://dsgvo.rafas.de https://*.dsgvo.rafas.de 'self' data: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block