www.vip-geld-zurueck.de Open in urlscan Pro
2606:4700:3030::6815:3d8f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.xn--vip-geld-zurck-rsb.de/
Effective URL:
https://www.vip-geld-zurueck.de/
Submission: On August 26 via automatic, source certstream-suspicious (August 26th 2021, 7:09:12 pm UTC)

Summary HTTP 61 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3030::6815:3d8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vip-geld-zurueck.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 14th 2021. Valid for: a year.

This is the only time www.vip-geld-zurueck.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	89.107.187.113 89.107.187.113	12843 (TELEMAXX) (TELEMAXX)
21	2606:4700:303... 2606:4700:3030::6815:3d8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
4	2600:9000:215... 2600:9000:2156:b200:9:1645:9cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	63.34.27.68 63.34.27.68	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
61	21

1 89.107.187.113 (Germany) 1 redirects

ASN12843 (TELEMAXX, DE)
PTR: xb4.serverdomain.org

www.xn--vip-geld-zurck-rsb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3030::6815:3d8f (United States)

ASN13335 (CLOUDFLARENET, US)

www.vip-geld-zurueck.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code-eu1.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:b200:9:1645:9cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustindex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.27.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-27-68.eu-west-1.compute.amazonaws.com

node-eu1-c-1.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	vip-geld-zurueck.de www.vip-geld-zurueck.de	541 KB
8	jivosite.com code.jivosite.com node-eu1-c-1.jivosite.com code-eu1.jivosite.com	336 KB
6	gstatic.com fonts.gstatic.com	151 KB
4	google-analytics.com www.google-analytics.com	63 KB
4	trustindex.io cdn.trustindex.io	9 KB
3	bing.com bat.bing.com	9 KB
3	googletagmanager.com www.googletagmanager.com	119 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	92 KB
2	facebook.com www.facebook.com	162 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	facebook.net connect.facebook.net	113 KB
1	google.de www.google.de	108 B
1	google.com www.google.com	67 B
1	googleadservices.com www.googleadservices.com	14 KB
1	xn--vip-geld-zurck-rsb.de 1 redirects www.xn--vip-geld-zurck-rsb.de	106 B
61	15

	Domain	Requested by
21	www.vip-geld-zurueck.de	www.vip-geld-zurueck.de
6	fonts.gstatic.com	fonts.googleapis.com
5	code-eu1.jivosite.com	code.jivosite.com www.vip-geld-zurueck.de
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.trustindex.io	www.vip-geld-zurueck.de
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.googletagmanager.com	www.vip-geld-zurueck.de www.googletagmanager.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	www.vip-geld-zurueck.de connect.facebook.net
2	code.jivosite.com	www.vip-geld-zurueck.de code.jivosite.com
2	fonts.googleapis.com	www.vip-geld-zurueck.de
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	node-eu1-c-1.jivosite.com	code.jivosite.com
1	ajax.googleapis.com	www.vip-geld-zurueck.de
1	www.xn--vip-geld-zurck-rsb.de	1 redirects
61	19

This site contains links to these domains. Also see Links.

Domain
verbraucherschutz.de
de.trustpilot.com
www.jivochat.de

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-14` - `2022-01-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2020-04-05` - `2022-06-04`	2 years	crt.sh
cdn.trustindex.io GoGetSSL RSA DV CA	`2020-06-02` - `2022-06-02`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.vip-geld-zurueck.de/
Frame ID: C184E56BD2A4F122B52C7646E712EFE5
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fabletics kündigen und Ihr Geld zurück | VIP-Geld-zurück.de

Page URL History Show full URLs

https://www.xn--vip-geld-zurck-rsb.de/ HTTP 301
https://www.vip-geld-zurueck.de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

61
Requests

100 %
HTTPS

86 %
IPv6

15
Domains

19
Subdomains

21
IPs

4
Countries

1448 kB
Transfer

4664 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://verbraucherschutz.de/vip-geld-zurueck-de-geld-zurueck-fuer-das-ungewollte-abo/
Title: <img width="883" height="1187" src="https://www.vip-geld-zurueck.de/wp-content/uploads/2021/04/verbraucherschutz_de_service_versprechen.svg" class="attachment-full size-full" alt="" />

Search URL Search Domain Scan URL

URL: https://de.trustpilot.com/review/vip-geld-zurueck.de
Title: Alle Bewertungen bei Trustpilot ansehen

Search URL Search Domain Scan URL

URL: https://www.jivochat.de/i_sa/?utm_source=www.vip-geld-zurueck.de&utm_medium=link&utm_content=label_tooltip&utm_campaign=from_widget
Title: Business Messenger von

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.xn--vip-geld-zurck-rsb.de/ HTTP 301
https://www.vip-geld-zurueck.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.vip-geld-zurueck.de/
Redirect Chain

https://www.xn--vip-geld-zurck-rsb.de/
https://www.vip-geld-zurueck.de/

133 KB
26 KB

31ms
13ms

Document
text/html

2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.16
Resource Hash: 780b518c7dd40a8dc5df76538ab3fc2e9d2e4cbf8de0a373c156b1710b41849c

Request headers

:method: GET
:authority: www.vip-geld-zurueck.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.16
link: <https://www.vip-geld-zurueck.de/wp-json/>; rel="https://api.w.org/" <https://www.vip-geld-zurueck.de/wp-json/wp/v2/pages/1714>; rel="alternate"; type="application/json" <https://www.vip-geld-zurueck.de/>; rel=shortlink
cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
cf-cache-status: HIT
age: 296010
last-modified: Mon, 23 Aug 2021 08:55:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FJ1MVL36SWBzDZpdIDNuJrIcP3MOq15R207hCgUj0Enx4n8OzqMcXxsjktrs552XX7Beost7NRQdV%2Bbrxusn6BlT%2BJaiAsFE1pQE%2BYotFHQEccFJC5%2FaPrJwMs896uQjXK63y33mfcEWF6aXEm1%2FLeKGAywHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 684f59fabe9d2c19-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server: nginx
date: Thu, 26 Aug 2021 19:08:54 GMT
content-type: text/html; charset=iso-8859-1
content-length: 239
location: https://www.vip-geld-zurueck.de

GET
H3-29 200 autoptimize_d91e300080e0b055fb591ed42d7e148e.css
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/ 642 KB
92 KB 50ms
30ms Stylesheet
text/css 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_d91e300080e0b055fb591ed42d7e148e.css
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97fd432ac83119341127309319a188db4a243171aaf9d583d7d988fc56b54148

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_d91e300080e0b055fb591ed42d7e148e.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917343
cf-polished: origSize=657350
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"a07c6-5c88273187f05-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jrLaYO9BwIYipQ0JditmaQaXbvygFYKn4l%2FD7xehuh3jfksvdCdZNBz4KetGWYr0vQ8CjELp6aKuLdBm3RgFms1KVFfhsAkjFJGrdVb1BpU05wAVkq73ekcK0%2BIDEsfLeZTU%2BGtBSXF1gnl4p89fwU1KMZcAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=30672000, public, immutable
cf-ray: 684f59faef882c2a-FRA
expires: Mon, 25 Jul 2022 14:33:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
850 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A400%7CLora%3A700%7CRaleway%3A600%7CNunito%3A600%7CRaleway%3A400%7CRaleway%3A400%7CLora%3A700%7CLora%3A700%7CLora%3A400%7CLora%3A400%7CLora%3A400%7CRaleway%3A700%7CRaleway%3A700%7CRaleway%3A600%7CLora%3A700%7CRaleway%3A400&ver=5.8

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

091f33a9078121619d3265faee704bcba2b7fbe045d3b270f93a3ca80039b370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 19:08:54 GMT
server: ESF
date: Thu, 26 Aug 2021 19:08:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 19:08:54 GMT

GET
H3-29 200 autoptimize_single_e4eef9cd3b3c216e01e9dbbdc8ce75af.css
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/ 993 B
979 B 64ms
45ms Stylesheet
text/css 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_e4eef9cd3b3c216e01e9dbbdc8ce75af.css?ver=1627833418
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab07366e9d225515c7b7fc55f2f24bcac8dc2f11d6905797498f7feb293c40cc

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_single_e4eef9cd3b3c216e01e9dbbdc8ce75af.css?ver=1627833418
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917524
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"3e1-5c8827317d325-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izD4S1nXplcbwqUZaUJo9CfN1djvuaf1gItAf%2FvyiwNChgvMP31N%2B0n%2F7V%2BYUrrgbpbxdmuSUKH5%2FMmehMgrQ2ZrnWUbbwe8XIgq6CdMQRDmQ4UXrIR%2FCrbsurDhjwlBibXmy6OAyUcUWMRa2iaxt3WO34aCjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=30672000, public, immutable
cf-ray: 684f59faefa02c2a-FRA
expires: Mon, 25 Jul 2022 14:30:10 GMT

GET
H3-29 200 autoptimize_single_a9ca805bba6861f49fa4387121c7cb6c.css
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/ 35 KB
3 KB 63ms
44ms Stylesheet
text/css 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a9ca805bba6861f49fa4387121c7cb6c.css?ver=1627833418
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9cc9e284a265847084c18a6eb1cc3e29c3c24e8a77da5d9112f752a746b9164

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_single_a9ca805bba6861f49fa4387121c7cb6c.css?ver=1627833418
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917524
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"8cac-5c8827317f265-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fTK41AHyRl6aSKcIB2CcZLK9lt95lSsJcew9LndSFGQoW73s%2FMjfpW8DqrMwnsTryxkNEOJuTJC0hBsQsqqoEUer1TpdJzW1bfcYNU1UsFHw2qC8rMaihWgtaPyIv5154OEu8LWu9oQL4SeNkXiu8aApReDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=30672000, public, immutable
cf-ray: 684f59faef9d2c2a-FRA
expires: Mon, 25 Jul 2022 14:30:10 GMT

GET
H3-29 200 autoptimize_single_a2d9517a6bea078008f54c88b007af17.css
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/ 55 KB
5 KB 61ms
43ms Stylesheet
text/css 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f3b393fdc0c35eb590b6e83047fedee768ba74572809fdbc3761ec2c0aa628

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917284
cf-polished: origSize=56335
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"dc0f-5c882731811a5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aym9PkfLq290cy1Io%2Fx%2BXNwgMIKN0s27%2F2nnnTnPxx4K7ik3QSg1d9Zr7R2%2FQ2%2FQ75f0jMvZaV08OpLQJ3X9uVKKJuH%2ByD9xyd5sWfARiEXGQdf66tH1Ks8iAkAPGBGsrsbECz6m95mE%2BgZgKiuy2Fm5nwQzxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=30672000, public, immutable
cf-ray: 684f59faef8d2c2a-FRA
expires: Mon, 25 Jul 2022 14:34:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 105 KB
3 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fec5ae4dd533cd6fca0d6f36879e106be1770d928d2bcaea85771220ee1be7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 19:08:54 GMT
server: ESF
date: Thu, 26 Aug 2021 19:08:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 19:08:54 GMT

GET
H3-29 200 fa-solid-900.woff2
www.vip-geld-zurueck.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 32ms
14ms Font
application/octet-stream 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

:path: /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://www.vip-geld-zurueck.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.vip-geld-zurueck.de
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Jul 2021 15:36:24 GMT
server: cloudflare
age: 3422
etag: "13174-5c7cc2a8915d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3u%2Fi2BizEjgOlo7yFKUsrHE3%2B8hgmpj9D%2B8PD%2FyoJ%2FkOw4FCC4HfHJ9jefTEpX7CWX4%2F2QWJR0j1lQdKIrdtzktTQi%2Bf6mjkKUB6vktRTx8hwFm5YbNixqI2HVayUX1dhnnFTtE1YqP9XBNMV6R156S%2B215Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 684f59faef892c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78196

GET
H3-29 200 themegrill-icons.woff2
www.vip-geld-zurueck.de/wp-content/themes/zakra/assets/fonts/ 1 KB
2 KB 60ms
43ms Font
application/octet-stream 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84099a6f7f94d98d7e0f52cf017c2a1cc0b2a9aa1d3f542f8e1379a8bc83a99

Request headers

:path: /wp-content/themes/zakra/assets/fonts/themegrill-icons.woff2?5d42b271f668d2d6461ba91fc5a5a839
pragma: no-cache
origin: https://www.vip-geld-zurueck.de
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.vip-geld-zurueck.de
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Dec 2020 18:03:56 GMT
server: cloudflare
age: 3422
etag: "528-5b6c0ee916f3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FriuzEmbdfyaIkRijqc776OTdIQo1vAsy43Jk1ZRchJ2UvYS631cEs3Sc%2Bcii8YrP7IKFbKeMgU0f6i4D26X60K1AwvXcC%2FSELfTKnUVpK0njJ2oOs%2BIkyBJYTgv0GvOoLER6nQva5uZLkEsJzF0OeBdCG7oA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 684f59faef8e2c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1320

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9777dcb989c05ed8ffa83507ded14622a3865205eff275b4d012c600de316b74

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94953f051ce7aa4d2001e147c8080dd25b7c3f2c22a6987171065784c5c7ed49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe75fff2f7fdebaa567c538bc4547226cd852234e060c3bf1916e6177997d850

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 email-decode.min.js Show response
www.vip-geld-zurueck.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 17ms
13ms Script
application/javascript 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vip-geld-zurueck.de/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 12:03:41 GMT
server: cloudflare
etag: W/"611e489d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZHK5v7mB31ozQ6ZkS99wfDRmzGb2zv0tl2xn5fvE2UJwBmeKM7JTQ%2BDS5FKpqeKBBOynuZcauvp3f2CyWz8R8d%2BuGmeDAqGAFVschP8LC3yeFKWh6cRyCGWyfc%2FVt959RLJNJX9bSVacOrcS5TQk8KoH8vdOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684f59faef862c2a-FRA
vary: Accept-Encoding
expires: Sat, 28 Aug 2021 19:08:54 GMT

GET
H3-29 200 autoptimize_single_aa15eddc743ea892cbe8fc6b35d10a9a.css
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/ 1 KB
926 B 48ms
44ms Stylesheet
text/css 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_aa15eddc743ea892cbe8fc6b35d10a9a.css?ver=1627833419
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcec5817a94af42669938662d9ff650c6dd162ebc92441fe0d0751247aee2a6d

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_single_aa15eddc743ea892cbe8fc6b35d10a9a.css?ver=1627833419
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917284
cf-polished: origSize=1360
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"550-5c882731811a5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BeFS5jR3yot3IifdSqST26s5L%2F%2B0s0aMGZ2MN9mPRg%2BPU96iMEjbB2qcEJXJf5j54BeOGtcVbOyZ7y8Aoe0Y25vRC0%2BrTQUWmykovJLg2%2F7stL9CktnwDloPvx2tSI6xr17nFlVrCXyK4jYmDbayIxIQcoM9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=30672000, public, immutable
cf-ray: 684f59faef9a2c2a-FRA
expires: Mon, 25 Jul 2022 14:34:10 GMT

GET
H3-29 200 autoptimize_single_1d629af433831dab45841e2ac425133c.css
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/ 1 KB
931 B 48ms
43ms Stylesheet
text/css 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_1d629af433831dab45841e2ac425133c.css?ver=1627833419
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5871d7225a34ca3f0d51e00e2d5d6567864df66cfb0cd217cccdbc69c4517541

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_single_1d629af433831dab45841e2ac425133c.css?ver=1627833419
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917284
cf-polished: origSize=1360
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"550-5c88273182145-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC9RHCWbLtw9BedCAkOOXp9QFkQbSLShR%2F3kOu7l%2BYLo0DALF%2FFPZTzxGWUNzptPl4BL8SZu%2Fuz%2FZWxQe5d%2FYoL4ZnytdNosnE6byM%2FN0TJVxNeBXUy9uLqh8zt39u3NCb0n49BlcZNt0EQFmA6r9p1OYHoGMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=30672000, public, immutable
cf-ray: 684f59faef912c2a-FRA
expires: Mon, 25 Jul 2022 14:34:10 GMT

GET
H3-29 200 autoptimize_single_1050ad4eef7058f39724c72f7edc2237.css
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/ 1 KB
919 B 49ms
44ms Stylesheet
text/css 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_1050ad4eef7058f39724c72f7edc2237.css?ver=1627833419
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e24ceede316febfa8a5aa8f02c4abe81765a54e8903a4f48582de70c921ebd

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_single_1050ad4eef7058f39724c72f7edc2237.css?ver=1627833419
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1917284
cf-polished: origSize=1360
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"550-5c88273182145-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qwms1gWg%2BjYRhqLnIQIekoyv9VZIveqOTOSQhZcaHjvtc211aLY34YDROJ736B%2BHYnUpxYqdDFYtNglotuEWOmZaaEfhp1UymGCj0P0120eoWnOJslweafoMfYh1eep2NLci9vlEYu125kvEcY8MnN7KwoNkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=30672000, public, immutable
cf-ray: 684f59faef9e2c2a-FRA
expires: Mon, 25 Jul 2022 14:34:10 GMT

GET
H3-29 200 rocket-loader.min.js Show response
www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 15ms
12ms Script
application/javascript 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 12:03:41 GMT
server: cloudflare
etag: W/"611e489d-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BdD8KPA7E4IA0B8CqU7rv8ruFk0seST34RV0WVFMPEcw95w09nWw%2BCtEFzaLAz8iRi5fb%2FKFTnnV5FWX5C1Q5sLvrsJMzyg8Tfg3x82xBh61JGp2xnPTQEGxYEHwRJlFmkYcWKZlb9r5ERPswg%2F5PmwaiV1ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684f59faef852c2a-FRA
vary: Accept-Encoding
expires: Sat, 28 Aug 2021 19:08:54 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a500fd544eb362458fc5a66689c9afa1b3b58ba59da198e886fb8494d6854ea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65a18406f49c8f8b6b236ef5c6119657fea7e85f387af30d77ace08c6d40c655

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 autoptimize_856510ac794261dffdfba25d94d5bf04.js Show response
www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/ 677 KB
167 KB 32ms
29ms Script
application/x-javascript 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b61a392c5b183946db4cf34e79b3fb3e75c92b1cedfd75ffd02d58a60e08b1d1

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3421
cf-polished: origSize=693007
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 01 Aug 2021 17:04:45 GMT
server: cloudflare
etag: W/"a930f-5c8827317c385-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jehGMNZFCyGPKO0MCiyi3zSA2NlchDUVmjx9nlRUArzZo0SHR0Lq6a0SD9%2BgzSZSu4eK8RMkm0Fi0QakvTn4gHIb%2BFQLloaeugIPps%2BJmc3shTmsfqWEn4KpCGrcrDlJ03avyjeuDp4woILow67xYH7XUtVirQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, immutable
cf-ray: 684f59fb68692c2a-FRA
cf-bgj: minify

GET
H2 200 8b0QwY4xrM Show response
code.jivosite.com/widget/ 17 KB
6 KB 34ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/widget/8b0QwY4xrM
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f3401a364cba730f2aad789b6e6eb352d102b23cb3f6bcbfde1e0f47e543105a

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
access-control-allow-origin: *
x-cached-since: 2021-08-26T18:58:42+00:00
x-geo-shard: eu1
content-length: 6144
last-modified: Mon, 23 Aug 2021 07:45:58 GMT
server: nginx
etag: "61235236-1800"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 sharxy
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
expires: Thu, 26 Aug 2021 20:58:42 GMT

GET
H2 200 loader.js Show response
cdn.trustindex.io/ 20 KB
6 KB 87ms
61ms Script
application/javascript 2600:9000:2156:b200:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trustindex.io/loader.js?ver=5.8

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:b200:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

779b14abf22905fd2846391baaee9658d60bf3c8413cfca1a4ccb3ae1382dabf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:50:28 GMT
content-encoding: gzip
age: 4707
x-cache: Hit from cloudfront
content-length: 5565
access-control-allow-origin: *
referrer-policy: origin
last-modified: Wed, 18 Aug 2021 17:34:32 GMT
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: "4e94-5c9d8d8e29d9a-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: 4Tzu96bhdRC3sbU7Puo4lCRLBFwJPXZhxI1RgWgrMxZXmYqIIS-H2w==

GET
H3-29 200 lazysizes.min.js Show response
www.vip-geld-zurueck.de/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 18ms
16ms Script
application/x-javascript 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vip-geld-zurueck.de/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.0
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

:path: /wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Jul 2021 06:56:08 GMT
server: cloudflare
age: 1196
etag: W/"2655-5c83d98ff931a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdEZRzjvRCe4WifqPngjGYe94x3z2cxmuLxhGzzbqpP0JPwaezCcTMtF6emp9RLgEcKWPcUMSn6PVJvt1N6aw2D%2FVwDBCNB8jcfGZo%2BlcZdAWOa16PE5Uz3VuzsLu9orxjnPdQocdKGVrMPjXxrLCyosay19wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684f59fb686a2c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 00:54:47 GMT
x-content-type-options: nosniff
age: 324847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 00:54:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10971857-15

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e588c3fc98b6bee9873ee9d1f5908b7fadf1b4ff15ed044f2b57ee247276717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41234
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 19:08:54 GMT

GET
H3-29 200 bgheader.png
www.vip-geld-zurueck.de/wp-content/uploads/2021/02/ 6 KB
7 KB 49ms
46ms Image
image/png 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vip-geld-zurueck.de/wp-content/uploads/2021/02/bgheader.png
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc6801850a576077333e2afc6df0a95039859c023ee1b30035e67977d17e4f2

Request headers

:path: /wp-content/uploads/2021/02/bgheader.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 20:34:06 GMT
server: cloudflare
age: 3422
etag: "1872-5ba9cbdde8640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItzioZUrokHGKZPJpPGZ4e5vxRMVO1KdRQrN5Kwkst%2B0TyHeVbT3tv4Amuc4l5GRFf9QdSfTI8EOolJaQqGrhIIjlbeYoYZ2MRzrOl%2FFVbZbmkciR28UqWRjBk4znHcqiRIgP43u3zOq5yGEV3ypVWuzFyJcBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 684f59fb98aa2c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6258

GET
H3-29 200 happycustomer.jpg
www.vip-geld-zurueck.de/wp-content/uploads/2021/02/ 50 KB
50 KB 48ms
47ms Image
image/jpeg 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vip-geld-zurueck.de/wp-content/uploads/2021/02/happycustomer.jpg
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba5ca82e531da821a6259628fa0bb9558c2e87005cfeaf4c6502e4bd61ac25a

Request headers

:path: /wp-content/uploads/2021/02/happycustomer.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:54 GMT
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 11:57:32 GMT
server: cloudflare
age: 2489
etag: "c78b-5ba8168a340cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xh7smZoQW8%2BpxWlfeMqPEsZHSfdAIZGnjlOTqfKorXWUTGeLEYGMZnh4V9yfCVIJwrPYyXivhieJtOk9x%2BeExFXBmmHZ%2B4i5NOedIg4b0Fe1MZ9mjLvOmcNoCmwl0kbshQVhsATjZC7veRyEXz%2BWv7MvI2MPnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 684f59fb98ac2c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 51083

GET
H2 200 f.svg
cdn.trustindex.io/assets/platform/Trustpilot/star/ 559 B
907 B 24ms
10ms Image
image/svg+xml 2600:9000:2156:b200:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.trustindex.io/assets/platform/Trustpilot/star/f.svg
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_d91e300080e0b055fb591ed42d7e148e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b200:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a1d8d3ec05c5a50b9efcfb91c1c5c3be301460b24e10522207e5eb05dc445cb0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 07 May 2021 22:50:40 GMT
content-encoding: gzip
age: 9577094
x-cache: Hit from cloudfront
content-length: 388
access-control-allow-origin: *
referrer-policy: origin
last-modified: Thu, 18 Mar 2021 12:55:08 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "22f-5bdcf1bee2bdd-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: 4nXan7xlnEbIAfCMUPWY0EgtijS__1Rrlx312h5ibRvn_q_bEXADVg==

GET
H2 200 icon.svg
cdn.trustindex.io/assets/platform/Trustpilot/ 1 KB
1 KB 28ms
15ms Image
image/svg+xml 2600:9000:2156:b200:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.trustindex.io/assets/platform/Trustpilot/icon.svg

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_d91e300080e0b055fb591ed42d7e148e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:b200:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

98725152b25ade13497768f3b05beab69cb4657a7c5ae5adbffc5f22e6e9234a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 22:11:53 GMT
content-encoding: gzip
age: 2926621
x-cache: Hit from cloudfront
content-length: 629
access-control-allow-origin: *
referrer-policy: origin
last-modified: Fri, 07 May 2021 17:52:35 GMT
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: "470-5c1c117c35ab2-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: YTR3AImSaEY_O9pvObK4hJ50Hep-41jF40ii5Bc6zFMSC4vVR78kcg==

GET
H2 200 trustindex-verified-icon.svg
cdn.trustindex.io/assets/icon/ 2 KB
1 KB 31ms
23ms Image
image/svg+xml 2600:9000:2156:b200:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.trustindex.io/assets/icon/trustindex-verified-icon.svg

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_d91e300080e0b055fb591ed42d7e148e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:b200:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

6a577ce2824cc67da56a1e07fd2441283a433b9e03fee86adf99c636f7fb07fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:14:30 GMT
content-encoding: gzip
age: 2832864
x-cache: Hit from cloudfront
content-length: 933
access-control-allow-origin: *
referrer-policy: origin
last-modified: Mon, 17 Aug 2020 11:32:14 GMT
server: nginx/1.10.3 (Ubuntu)
x-frame-options: SAMEORIGIN
etag: "8dd-5ad111f4aa21e-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: C9mZmqptr76tF7G8HRMhyWDkta0ErBUlbJUWdg1IjfN83oXZLwCatA==

GET
H3-29 200 cs2.jpg
www.vip-geld-zurueck.de/wp-content/uploads/2021/02/ 69 KB
69 KB 39ms
33ms Image
image/jpeg 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vip-geld-zurueck.de/wp-content/uploads/2021/02/cs2.jpg
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 736e88b7c85f70e7aa48b05717db98e279567dbe32614229b4d6e7bb3d67a022

Request headers

:path: /wp-content/uploads/2021/02/cs2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/css/autoptimize_single_a2d9517a6bea078008f54c88b007af17.css?ver=1627835554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:55 GMT
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 11:53:20 GMT
server: cloudflare
age: 2490
etag: "112bd-5ba81599924f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy2a1Lql5n%2Fd6Qkz%2BaL01jWijBNSUR%2FZwzE4OVsYa4ibDEkQwt1MCCyl48UdX2zUMWb%2FuONLgzlt08xLcU7aSDywjCEw%2B1GFzi5nbMP67FhN9tImG3o5uK2%2BTGofdiA815I62bmvDofHvSaqMpjuzRtnmIYRAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 684f59fba8ed2c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 70333

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 14ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%7CLora%3A700%7CRaleway%3A600%7CNunito%3A600%7CRaleway%3A400%7CRaleway%3A400%7CLora%3A700%7CLora%3A700%7CLora%3A400%7CLora%3A400%7CLora%3A400%7CRaleway%3A700%7CRaleway%3A700%7CRaleway%3A600%7CLora%3A700%7CRaleway%3A400&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vip-geld-zurueck.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 21:18:35 GMT
x-content-type-options: nosniff
age: 251419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 21:18:35 GMT

GET
H2 200 XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 30ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vip-geld-zurueck.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 23:34:06 GMT
x-content-type-options: nosniff
age: 243288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19248
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 23:34:06 GMT

GET
H2 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 29ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vip-geld-zurueck.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 20:32:24 GMT
x-content-type-options: nosniff
age: 81390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 20:32:24 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v6/ 17 KB
17 KB 31ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v6/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vip-geld-zurueck.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 15:51:14 GMT
x-content-type-options: nosniff
age: 184660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17008
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 15:51:14 GMT

GET
H3-29 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 34 KB
34 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vip-geld-zurueck.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 21:18:39 GMT
x-content-type-options: nosniff
age: 251416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35284
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 21:18:39 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.vip-geld-zurueck.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 216997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 06:52:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10971857-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1011
date: Thu, 26 Aug 2021 18:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 20:52:04 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-471041437&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10971857-15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f72ef56d4e24574ee2052a1428663da33a8269dcfce6aaeff1f318ba721245ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39283
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 19:08:55 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T84ZDRW

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7439a7988d807eb074f15f13a459c2c303d4a81648018b0e5b7ac50151405df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41469
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 19:08:55 GMT

GET
H2 200 8b0QwY4xrM Show response
code.jivosite.com/script/widget/config/ 3 KB
2 KB 25ms
11ms XHR
application/x-javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/config/8b0QwY4xrM
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/8b0QwY4xrM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 510255aa29e70159b6a2258aaf4f37c04bfaeb1f1101018098dff68529af67e3

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cached-since: 2021-08-26T18:58:43+00:00
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
x-geo-shard: eu1
content-length: 1504
via: 1.1 sharxy
expires: Thu, 26 Aug 2021 20:58:43 GMT

GET
H3-29 200 vip-geld-zurueck-logo-weiss.svg
www.vip-geld-zurueck.de/wp-content/uploads/2021/02/ 22 KB
9 KB 25ms
23ms Image
image/svg+xml 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vip-geld-zurueck.de/wp-content/uploads/2021/02/vip-geld-zurueck-logo-weiss.svg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350fde10435ed6e8a34436f137bcb74ce85cf9c6dbec530a713a722217036286

Request headers

:path: /wp-content/uploads/2021/02/vip-geld-zurueck-logo-weiss.svg
pragma: no-cache
cookie: _uc_referrer=direct; _uc_last_referrer=direct; _uc_initial_landing_page=https%3A//www.vip-geld-zurueck.de/; _uc_current_session=true; _uc_visits=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 20:35:00 GMT
server: cloudflare
age: 1197
etag: W/"59dc-5ba9cc117d806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Qgsm1POwNziQB1niX%2FUL3YiWNJlYcVzCERGpshAaodLep59ScZDmzJtqzfIERsTrKRcKscWDA%2FjNApVSyZDpSSebzvH9Qfz0UF4JwNO3zEq%2BxIMJhi89d0TAI5955sx57BDFnkoYRr4v370ZbZlRVYUzM8gDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684f59fe3db52c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 8b0QwY4xrM Show response
node-eu1-c-1.jivosite.com/widget/status/1603243/ 191 B
469 B 112ms
32ms XHR
application/json 63.34.27.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://node-eu1-c-1.jivosite.com/widget/status/1603243/8b0QwY4xrM?rnd=0.9029455242789555
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/8b0QwY4xrM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.34.27.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-27-68.eu-west-1.compute.amazonaws.com
Software: foxy /
Resource Hash: 3c204acefb2ef29c693bbca0730505c4fb2bc495dd13d5e733f7ac444153239e

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 19:08:55 GMT
server: foxy
x-botmode: no
x-geoip: DE;HE;Frankfurt am Main
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.vip-geld-zurueck.de
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
content-length: 191

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
152 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=20646348&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vip-geld-zurueck.de%2F&ul=en-us&de=UTF-8&dt=Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=761261958&gjid=2101202338&cid=5531336.1630004935&tid=UA-10971857-15&_gid=1732930085.1630004935&_r=1&gtm=2ou8p0&z=408224325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 19:08:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vip-geld-zurueck.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 41ms
41ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-471041437&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

4763031532a7e8158dd70840883891162d509da2ab0e35a615a761899d00e29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14024
x-xss-protection: 0
server: cafe
etag: 2823035467097736592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Aug 2021 19:08:55 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 44ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84ZDRW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: CEB942892C454A73A7FDCB1488534FF3 Ref B: FRAEDGE1418 Ref C: 2021-08-26T19:08:55Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99d9db36685f4473105170acb756d375a1bf6aa18a5f9453964ca7cae9083830

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25993
x-xss-protection: 0
pragma: public
x-fb-debug: T30RYUtmn/Misjf3RSR69VxC42M+M/bn7TIwf7wf4nbcqSgIvhKx2lc7QO3VJ2QlVWiHow2jxuVbrX2Lc7BpTg==
x-fb-trip-id: 2032824576
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 26 Aug 2021 19:08:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 119 KB
43 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-TW797ZC&t=gtag_UA_10971857_15&cid=5531336.1630004935&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eed7fe0dbc2fb570a714365a801c37eb24179314a9298cf4ac2c3d0e1403aec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44161
x-xss-protection: 0
expires: Thu, 26 Aug 2021 19:08:55 GMT

GET
H2 200 bundle_de.js Show response
code-eu1.jivosite.com/js/ 1 MB
265 KB 13ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/js/bundle_de.js?rand=1629718095
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/8b0QwY4xrM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 757d0c76afa2047a91a7a26473a375544bcd8136ffd2ec0d3057d910149a7eb6

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Thu, 26 Aug 2021 19:08:55 GMT
content-encoding: br
access-control-allow-origin: *
x-cached-since: 2021-08-26T14:05:07+00:00
x-geo-shard: eu1
content-length: 271085
last-modified: Mon, 23 Aug 2021 07:47:48 GMT
server: nginx
etag: "612352a4-422ed"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 sharxy
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
152 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-10971857-15&cid=5531336.1630004935&jid=761261958&gjid=2101202338&_gid=1732930085.1630004935&_u=YEBAAUAAAAAAAC~&z=513287838

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 26 Aug 2021 19:08:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.vip-geld-zurueck.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 56363768.js Show response
bat.bing.com/p/action/ 0
92 B 167ms
166ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56363768.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 26 Aug 2021 19:08:55 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 5A40998A19324D1B84F84BE2DF488A6B Ref B: FRAEDGE1418 Ref C: 2021-08-26T19:08:56Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56363768&tm=gtm001&Ver=2&mid=bccc88b7-73da-4287-a753-95c3e7f6790f&sid=0f74f95006a111ecb4fc570ccf3774f3&vid=0f75200006a111eca9d7f72224bab40a&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de&p=https%3A%2F%2Fwww.vip-geld-zurueck.de%2F&r=&lt=488&evt=pageLoad&msclkid=N&sv=1&rn=192502
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 26 Aug 2021 19:08:55 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 5E1EF501FCD8411FA3218A615A162EB5 Ref B: FRAEDGE1418 Ref C: 2021-08-26T19:08:56Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/471041437/ 2 KB
1 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/471041437/?random=1630004936050&cv=9&fst=1630004936050&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.vip-geld-zurueck.de%2F&tiba=Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba34419bd79605fd5f76c78727a5a3527eec283d3a6b0443ef3f50c8156b32d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 19:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 758059144917011 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/758059144917011?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b9c6f900138f8dc9a4b4b3062df2c20c5610b99d329935953f66920daec1945

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: GHXy8UUjYFDO/bwifY//cFr8EM6cdTvPm+2QTxlOqxudMs0HuU7hCVZ72GpUzAxnkrRggbzMpJ8KWhOrSwUgMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 26 Aug 2021 19:08:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
64 B 9ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=20646348&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vip-geld-zurueck.de%2F&ul=en-us&de=UTF-8&dt=Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUADRAAAAC~&jid=&gjid=&cid=5531336.1630004935&tid=UA-10971857-15&_gid=1732930085.1630004935&gtm=2ou8p0&did=dZTNiMT&z=1336143120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 23:05:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72214
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.css
code-eu1.jivosite.com/css/da29a81e/ 224 KB
48 KB 7ms
6ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/css/da29a81e/widget.css
Requested by: Host: www.vip-geld-zurueck.de
URL: https://www.vip-geld-zurueck.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d27f98fba3731e51111e3e61558240a76fb250c3c3610b7834b8dd99719a4256

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Thu, 26 Aug 2021 19:08:56 GMT
content-encoding: br
x-cached-since: 2021-08-23T14:03:31+00:00
x-geo-shard: eu1
content-length: 48530
last-modified: Mon, 23 Aug 2021 07:47:21 GMT
server: nginx
etag: "61235289-bd92"
vary: Accept-Encoding
content-type: text/css
via: 1.1 sharxy
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Thu, 02 Sep 2021 14:03:31 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/471041437/ 42 B
67 B 74ms
74ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/471041437/?random=1630004936050&cv=9&fst=1630004400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.vip-geld-zurueck.de%2F&tiba=Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de&async=1&fmt=3&is_vtc=1&random=3565901220&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 19:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/471041437/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/471041437/?random=1630004936050&cv=9&fst=1630004400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.vip-geld-zurueck.de%2F&tiba=Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de&async=1&fmt=3&is_vtc=1&random=3565901220&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 19:08:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=758059144917011&ev=PageView&dl=https%3A%2F%2Fwww.vip-geld-zurueck.de%2F&rl=&if=false&ts=1630004936318&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630004936317.1130996403&it=1630004936082&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 26 Aug 2021 19:08:56 GMT

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00bd5619aba3c22667c2750268d5518bd6d0d47788a0fc903064a3a1c7f91f21

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 agent_message.mp3
code-eu1.jivosite.com/sounds/ 4 KB
4 KB 10ms
10ms Media
audio/mpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/sounds/agent_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer: https://www.vip-geld-zurueck.de/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc14
date: Thu, 26 Aug 2021 19:08:56 GMT
via: 1.1 sharxy
x-cached-since: 2021-08-23T14:04:35+00:00
Content-Range: bytes 0-3759/3760
x-geo-shard: eu1
Content-Length: 3760
last-modified: Mon, 23 Aug 2021 07:45:16 GMT
server: nginx
etag: "6123520c-eb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 22 Sep 2021 14:04:35 GMT

GET
H2 206 notification.mp3
code-eu1.jivosite.com/sounds/ 6 KB
6 KB 9ms
6ms Media
audio/mpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/sounds/notification.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer: https://www.vip-geld-zurueck.de/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc14
date: Thu, 26 Aug 2021 19:08:56 GMT
via: 1.1 sharxy
x-cached-since: 2021-08-23T14:03:26+00:00
Content-Range: bytes 0-5807/5808
x-geo-shard: eu1
Content-Length: 5808
last-modified: Mon, 23 Aug 2021 07:45:16 GMT
server: nginx
etag: "6123520c-16b0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 22 Sep 2021 14:03:26 GMT

GET
H2 206 outgoing_message.mp3
code-eu1.jivosite.com/sounds/ 5 KB
5 KB 11ms
8ms Media
audio/mpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/sounds/outgoing_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer: https://www.vip-geld-zurueck.de/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc14
date: Thu, 26 Aug 2021 19:08:56 GMT
via: 1.1 sharxy
x-cached-since: 2021-08-23T14:04:14+00:00
Content-Range: bytes 0-5013/5014
x-geo-shard: eu1
Content-Length: 5014
last-modified: Mon, 23 Aug 2021 07:45:16 GMT
server: nginx
etag: "6123520c-1396"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 22 Sep 2021 14:04:14 GMT

GET
H2 200 trpsvg.svg
www.vip-geld-zurueck.de/wp-content/uploads/2021/04/ 6 KB
3 KB 20ms
19ms Image
image/svg+xml 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vip-geld-zurueck.de/wp-content/uploads/2021/04/trpsvg.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7643120b799c370593f443dcc1b6b685b0ea083504a46dc12b7ab397b4801391

Request headers

:path: /wp-content/uploads/2021/04/trpsvg.svg
pragma: no-cache
cookie: _ga=GA1.2.5531336.1630004935; _gid=GA1.2.1732930085.1630004935; _gat_gtag_UA_10971857_15=1; _gcl_au=1.1.888916198.1630004936; _uetsid=0f74f95006a111ecb4fc570ccf3774f3; _uetvid=0f75200006a111eca9d7f72224bab40a; jv_store_8b0QwY4xrM_app_8b0QwY4xrM=%7B%22route%22%3A%22label%22%2C%22is_online%22%3A1%2C%22is_focused%22%3A0%2C%22chat_started%22%3Afalse%2C%22chat_accepted%22%3Afalse%2C%22widget_color%22%3A%22%230f5f5c%22%2C%22widget_font_color%22%3A%22light%22%2C%22cap_id%22%3Anull%2C%22cap_result%22%3Anull%2C%22proactiveName%22%3Afalse%2C%22forcedOffline%22%3Afalse%2C%22callText%22%3Anull%2C%22proactive%22%3Afalse%2C%22eula_accepted%22%3Afalse%2C%22show_eula%22%3Afalse%2C%22width%22%3Afalse%2C%22height%22%3Afalse%2C%22viReconnectTime%22%3Anull%2C%22show_container%22%3Afalse%2C%22lastMsgId%22%3Anull%2C%22lastChatOpened%22%3Anull%2C%22started%22%3Afalse%2C%22lastMsgTime%22%3Anull%7D; jv_temp_sess_enter_ts_8b0QwY4xrM=%7B%22val%22%3A1630004936263%2C%22expire%22%3A1630048136263%7D; jv_temp_visits_count_8b0QwY4xrM=%7B%22val%22%3A1%2C%22expire%22%3A1661561888264%7D; jv_store_8b0QwY4xrM_client_8b0QwY4xrM=%7B%22jv_sess_id%22%3Anull%2C%22client_id%22%3Anull%2C%22pa_id%22%3Anull%2C%22is_introduced%22%3Afalse%2C%22client_info%22%3A%7B%22client_name%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22description%22%3Anull%7D%2C%22cw_call%22%3A%7B%22status%22%3Afalse%2C%22error%22%3Afalse%7D%2C%22cw_call_enabled%22%3Afalse%2C%22cw_call_delayed%22%3Afalse%2C%22cw_call_delayed_status%22%3Anull%2C%22cw_call_delayed_periods%22%3A%5B%5D%2C%22cw_call_delayed_tz%22%3Anull%2C%22department_id%22%3Anull%2C%22evaluate%22%3Afalse%2C%22last_message%22%3Anull%2C%22has_integration%22%3Afalse%2C%22utm%22%3A%7B%22campaign%22%3A%22(direct)%22%2C%22source%22%3A%22(direct)%22%2C%22medium%22%3Anull%2C%22keyword%22%3Anull%2C%22content%22%3Anull%7D%2C%22visitorId%22%3A%226bdfea1dc25a4d57%22%2C%22avatar_url%22%3Anull%2C%22display_name%22%3Anull%2C%22assigned_agent_id%22%3Anull%2C%22user_token%22%3Anull%2C%22activeWebRTCCallMessageId%22%3Anull%2C%22webRTCCallStatus%22%3Anull%2C%22inputText%22%3Anull%7D; jv_history_8b0QwY4xrM=%5B%7B%22url%22%3A%22https%3A%2F%2Fwww.vip-geld-zurueck.de%2F%22%2C%22title%22%3A%22Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de%22%2C%22time%22%3A1630004936267%7D%5D; _fbp=fb.1.1630004936317.1130996403; jv_temp_sess_pages_count_8b0QwY4xrM=%7B%22val%22%3A1%2C%22expire%22%3A1630048136348%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Apr 2021 22:00:24 GMT
server: cloudflare
age: 1198
etag: W/"17ea-5bf18976a4e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8iLQjvSxobvYL2u8Xei0P66RInxFvS2%2FNskpQYqxqrbcuvDhBhQ103vw1e3LdZ3TON%2BRWUahYecFeVdK3jtt2sHEBa5v%2FUK6av%2FXyv2dLr1ipe9nVCoKe8uiLLVhQvB%2FilXSEfF9bkOfAX1K0g74oPR6LpbiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684f5a04daa12c19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 verbraucherschutz_de_service_versprechen.svg
www.vip-geld-zurueck.de/wp-content/uploads/2021/04/ 32 KB
12 KB 24ms
23ms Image
image/svg+xml 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vip-geld-zurueck.de/wp-content/uploads/2021/04/verbraucherschutz_de_service_versprechen.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2d9c5098ccc9985d175648e97d85c41a908a6bc81e0c7f22ac6ca3339fa5e68

Request headers

:path: /wp-content/uploads/2021/04/verbraucherschutz_de_service_versprechen.svg
pragma: no-cache
cookie: _ga=GA1.2.5531336.1630004935; _gid=GA1.2.1732930085.1630004935; _gat_gtag_UA_10971857_15=1; _gcl_au=1.1.888916198.1630004936; _uetsid=0f74f95006a111ecb4fc570ccf3774f3; _uetvid=0f75200006a111eca9d7f72224bab40a; jv_store_8b0QwY4xrM_app_8b0QwY4xrM=%7B%22route%22%3A%22label%22%2C%22is_online%22%3A1%2C%22is_focused%22%3A0%2C%22chat_started%22%3Afalse%2C%22chat_accepted%22%3Afalse%2C%22widget_color%22%3A%22%230f5f5c%22%2C%22widget_font_color%22%3A%22light%22%2C%22cap_id%22%3Anull%2C%22cap_result%22%3Anull%2C%22proactiveName%22%3Afalse%2C%22forcedOffline%22%3Afalse%2C%22callText%22%3Anull%2C%22proactive%22%3Afalse%2C%22eula_accepted%22%3Afalse%2C%22show_eula%22%3Afalse%2C%22width%22%3Afalse%2C%22height%22%3Afalse%2C%22viReconnectTime%22%3Anull%2C%22show_container%22%3Afalse%2C%22lastMsgId%22%3Anull%2C%22lastChatOpened%22%3Anull%2C%22started%22%3Afalse%2C%22lastMsgTime%22%3Anull%7D; jv_temp_sess_enter_ts_8b0QwY4xrM=%7B%22val%22%3A1630004936263%2C%22expire%22%3A1630048136263%7D; jv_temp_visits_count_8b0QwY4xrM=%7B%22val%22%3A1%2C%22expire%22%3A1661561888264%7D; jv_store_8b0QwY4xrM_client_8b0QwY4xrM=%7B%22jv_sess_id%22%3Anull%2C%22client_id%22%3Anull%2C%22pa_id%22%3Anull%2C%22is_introduced%22%3Afalse%2C%22client_info%22%3A%7B%22client_name%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22description%22%3Anull%7D%2C%22cw_call%22%3A%7B%22status%22%3Afalse%2C%22error%22%3Afalse%7D%2C%22cw_call_enabled%22%3Afalse%2C%22cw_call_delayed%22%3Afalse%2C%22cw_call_delayed_status%22%3Anull%2C%22cw_call_delayed_periods%22%3A%5B%5D%2C%22cw_call_delayed_tz%22%3Anull%2C%22department_id%22%3Anull%2C%22evaluate%22%3Afalse%2C%22last_message%22%3Anull%2C%22has_integration%22%3Afalse%2C%22utm%22%3A%7B%22campaign%22%3A%22(direct)%22%2C%22source%22%3A%22(direct)%22%2C%22medium%22%3Anull%2C%22keyword%22%3Anull%2C%22content%22%3Anull%7D%2C%22visitorId%22%3A%226bdfea1dc25a4d57%22%2C%22avatar_url%22%3Anull%2C%22display_name%22%3Anull%2C%22assigned_agent_id%22%3Anull%2C%22user_token%22%3Anull%2C%22activeWebRTCCallMessageId%22%3Anull%2C%22webRTCCallStatus%22%3Anull%2C%22inputText%22%3Anull%7D; jv_history_8b0QwY4xrM=%5B%7B%22url%22%3A%22https%3A%2F%2Fwww.vip-geld-zurueck.de%2F%22%2C%22title%22%3A%22Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de%22%2C%22time%22%3A1630004936267%7D%5D; _fbp=fb.1.1630004936317.1130996403; jv_temp_sess_pages_count_8b0QwY4xrM=%7B%22val%22%3A1%2C%22expire%22%3A1630048136348%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 10:24:59 GMT
server: cloudflare
age: 1198
etag: W/"8104-5bf22fe4f508a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lq204ntHUr0hm0wdhFZ3fLuBRk6d3k6pvWNgfwjAlDCADw2pzLHMps8StSA4LMfcwTHkYkmjxks4bUN%2F0JvlddttpPX9FQFpAnx2pW%2BpiNvxvJlQw7vqJmgVbre0XcTas3BcQI%2Fiqty4aVqBKAQG%2BZ1TwtZhXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684f5a04daa52c19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 versichert_durch_rv.svg
www.vip-geld-zurueck.de/wp-content/uploads/2021/04/ 12 KB
5 KB 21ms
20ms Image
image/svg+xml 2606:4700:3030::6815:3d8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vip-geld-zurueck.de/wp-content/uploads/2021/04/versichert_durch_rv.svg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3d8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b7c1673265ed011ee720e2f5c2d988127a4b57e71f80ac8c4e50dff54bf5a0

Request headers

:path: /wp-content/uploads/2021/04/versichert_durch_rv.svg
pragma: no-cache
cookie: _ga=GA1.2.5531336.1630004935; _gid=GA1.2.1732930085.1630004935; _gat_gtag_UA_10971857_15=1; _gcl_au=1.1.888916198.1630004936; _uetsid=0f74f95006a111ecb4fc570ccf3774f3; _uetvid=0f75200006a111eca9d7f72224bab40a; jv_store_8b0QwY4xrM_app_8b0QwY4xrM=%7B%22route%22%3A%22label%22%2C%22is_online%22%3A1%2C%22is_focused%22%3A0%2C%22chat_started%22%3Afalse%2C%22chat_accepted%22%3Afalse%2C%22widget_color%22%3A%22%230f5f5c%22%2C%22widget_font_color%22%3A%22light%22%2C%22cap_id%22%3Anull%2C%22cap_result%22%3Anull%2C%22proactiveName%22%3Afalse%2C%22forcedOffline%22%3Afalse%2C%22callText%22%3Anull%2C%22proactive%22%3Afalse%2C%22eula_accepted%22%3Afalse%2C%22show_eula%22%3Afalse%2C%22width%22%3Afalse%2C%22height%22%3Afalse%2C%22viReconnectTime%22%3Anull%2C%22show_container%22%3Afalse%2C%22lastMsgId%22%3Anull%2C%22lastChatOpened%22%3Anull%2C%22started%22%3Afalse%2C%22lastMsgTime%22%3Anull%7D; jv_temp_sess_enter_ts_8b0QwY4xrM=%7B%22val%22%3A1630004936263%2C%22expire%22%3A1630048136263%7D; jv_temp_visits_count_8b0QwY4xrM=%7B%22val%22%3A1%2C%22expire%22%3A1661561888264%7D; jv_store_8b0QwY4xrM_client_8b0QwY4xrM=%7B%22jv_sess_id%22%3Anull%2C%22client_id%22%3Anull%2C%22pa_id%22%3Anull%2C%22is_introduced%22%3Afalse%2C%22client_info%22%3A%7B%22client_name%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22description%22%3Anull%7D%2C%22cw_call%22%3A%7B%22status%22%3Afalse%2C%22error%22%3Afalse%7D%2C%22cw_call_enabled%22%3Afalse%2C%22cw_call_delayed%22%3Afalse%2C%22cw_call_delayed_status%22%3Anull%2C%22cw_call_delayed_periods%22%3A%5B%5D%2C%22cw_call_delayed_tz%22%3Anull%2C%22department_id%22%3Anull%2C%22evaluate%22%3Afalse%2C%22last_message%22%3Anull%2C%22has_integration%22%3Afalse%2C%22utm%22%3A%7B%22campaign%22%3A%22(direct)%22%2C%22source%22%3A%22(direct)%22%2C%22medium%22%3Anull%2C%22keyword%22%3Anull%2C%22content%22%3Anull%7D%2C%22visitorId%22%3A%226bdfea1dc25a4d57%22%2C%22avatar_url%22%3Anull%2C%22display_name%22%3Anull%2C%22assigned_agent_id%22%3Anull%2C%22user_token%22%3Anull%2C%22activeWebRTCCallMessageId%22%3Anull%2C%22webRTCCallStatus%22%3Anull%2C%22inputText%22%3Anull%7D; jv_history_8b0QwY4xrM=%5B%7B%22url%22%3A%22https%3A%2F%2Fwww.vip-geld-zurueck.de%2F%22%2C%22title%22%3A%22Fabletics%20k%C3%BCndigen%20und%20Ihr%20Geld%20zur%C3%BCck%20%7C%20VIP-Geld-zur%C3%BCck.de%22%2C%22time%22%3A1630004936267%7D%5D; _fbp=fb.1.1630004936317.1130996403; jv_temp_sess_pages_count_8b0QwY4xrM=%7B%22val%22%3A1%2C%22expire%22%3A1630048136348%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.vip-geld-zurueck.de
referer: https://www.vip-geld-zurueck.de/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 19:08:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Apr 2021 10:25:19 GMT
server: cloudflare
age: 1198
etag: W/"2e71-5bf22ff74f499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kk0E0aZDZZqqTXPBWLjRITv7BfLwAK9YLJDDjjAIe1M%2F28rlUp4zL2gimv9e13lsy9l2QScWxnyQu2GD6ykVV1jupRsc0b%2BwAKYgPBHTd9c6AM4VYUEnr%2BzQJW6GsAL66lgNgqIXprohIkmNud5yugxQfDXHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 684f5a05bd472c2a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.vip-geld-zurueck.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNRiTDDQsoZPswPAI

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 26 Aug 2021 19:08:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.vip-geld-zurueck.de
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js(Line 1) Message: opt-in
console-api	log	URL: https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js(Line 1) Message: fire cmplz_event_functional
console-api	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at _default.get (https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js:92:67503) at _default.setViewsAndSessions (https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js:92:168305) at new _default (https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js:92:168056) at Function.<anonymous> (https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js:1:157933) at Function.each (https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0:2:3053) at ElementorProFrontend.initModules (https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js:1:157898) at ElementorProFrontend.onElementorFrontendInit (https://www.vip-geld-zurueck.de/wp-content/cache/autoptimize/js/autoptimize_856510ac794261dffdfba25d94d5bf04.js:1:158154) at dispatch (https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0:2:43064) at v.handle (https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0:2:41048) at Object.trigger (https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=3.6.0:2:71515) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
cdn.trustindex.io
code-eu1.jivosite.com
code.jivosite.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
node-eu1-c-1.jivosite.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.vip-geld-zurueck.de
www.xn--vip-geld-zurck-rsb.de
142.250.74.194
2600:9000:2156:b200:9:1645:9cc0:93a1
2606:4700:3030::6815:3d8f
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
63.34.27.68
89.107.187.113
00bd5619aba3c22667c2750268d5518bd6d0d47788a0fc903064a3a1c7f91f21
04e24ceede316febfa8a5aa8f02c4abe81765a54e8903a4f48582de70c921ebd
091f33a9078121619d3265faee704bcba2b7fbe045d3b270f93a3ca80039b370
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
1cc6801850a576077333e2afc6df0a95039859c023ee1b30035e67977d17e4f2
1e588c3fc98b6bee9873ee9d1f5908b7fadf1b4ff15ed044f2b57ee247276717
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
350fde10435ed6e8a34436f137bcb74ce85cf9c6dbec530a713a722217036286
3c204acefb2ef29c693bbca0730505c4fb2bc495dd13d5e733f7ac444153239e
4763031532a7e8158dd70840883891162d509da2ab0e35a615a761899d00e29b
4b9c6f900138f8dc9a4b4b3062df2c20c5610b99d329935953f66920daec1945
510255aa29e70159b6a2258aaf4f37c04bfaeb1f1101018098dff68529af67e3
5871d7225a34ca3f0d51e00e2d5d6567864df66cfb0cd217cccdbc69c4517541
5a500fd544eb362458fc5a66689c9afa1b3b58ba59da198e886fb8494d6854ea
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
65a18406f49c8f8b6b236ef5c6119657fea7e85f387af30d77ace08c6d40c655
6a577ce2824cc67da56a1e07fd2441283a433b9e03fee86adf99c636f7fb07fb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
736e88b7c85f70e7aa48b05717db98e279567dbe32614229b4d6e7bb3d67a022
7439a7988d807eb074f15f13a459c2c303d4a81648018b0e5b7ac50151405df1
757d0c76afa2047a91a7a26473a375544bcd8136ffd2ec0d3057d910149a7eb6
7643120b799c370593f443dcc1b6b685b0ea083504a46dc12b7ab397b4801391
779b14abf22905fd2846391baaee9658d60bf3c8413cfca1a4ccb3ae1382dabf
780b518c7dd40a8dc5df76538ab3fc2e9d2e4cbf8de0a373c156b1710b41849c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
92f3b393fdc0c35eb590b6e83047fedee768ba74572809fdbc3761ec2c0aa628
94953f051ce7aa4d2001e147c8080dd25b7c3f2c22a6987171065784c5c7ed49
9777dcb989c05ed8ffa83507ded14622a3865205eff275b4d012c600de316b74
97fd432ac83119341127309319a188db4a243171aaf9d583d7d988fc56b54148
98725152b25ade13497768f3b05beab69cb4657a7c5ae5adbffc5f22e6e9234a
99d9db36685f4473105170acb756d375a1bf6aa18a5f9453964ca7cae9083830
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
a1d8d3ec05c5a50b9efcfb91c1c5c3be301460b24e10522207e5eb05dc445cb0
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a9cc9e284a265847084c18a6eb1cc3e29c3c24e8a77da5d9112f752a746b9164
ab07366e9d225515c7b7fc55f2f24bcac8dc2f11d6905797498f7feb293c40cc
b2d9c5098ccc9985d175648e97d85c41a908a6bc81e0c7f22ac6ca3339fa5e68
b61a392c5b183946db4cf34e79b3fb3e75c92b1cedfd75ffd02d58a60e08b1d1
b84099a6f7f94d98d7e0f52cf017c2a1cc0b2a9aa1d3f542f8e1379a8bc83a99
ba34419bd79605fd5f76c78727a5a3527eec283d3a6b0443ef3f50c8156b32d4
bcec5817a94af42669938662d9ff650c6dd162ebc92441fe0d0751247aee2a6d
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d27f98fba3731e51111e3e61558240a76fb250c3c3610b7834b8dd99719a4256
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b7c1673265ed011ee720e2f5c2d988127a4b57e71f80ac8c4e50dff54bf5a0
eba5ca82e531da821a6259628fa0bb9558c2e87005cfeaf4c6502e4bd61ac25a
eed7fe0dbc2fb570a714365a801c37eb24179314a9298cf4ac2c3d0e1403aec2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3401a364cba730f2aad789b6e6eb352d102b23cb3f6bcbfde1e0f47e543105a
f72ef56d4e24574ee2052a1428663da33a8269dcfce6aaeff1f318ba721245ad
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe75fff2f7fdebaa567c538bc4547226cd852234e060c3bf1916e6177997d850
fec5ae4dd533cd6fca0d6f36879e106be1770d928d2bcaea85771220ee1be7a1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

www.vip-geld-zurueck.de Open in urlscan Pro 2606:4700:3030::6815:3d8f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

86 %IPv6

15 Domains

19 Subdomains

21 IPs

4 Countries

1448 kBTransfer

4664 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vip-geld-zurueck.de Open in urlscan Pro
2606:4700:3030::6815:3d8f Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

86 %
IPv6

15
Domains

19
Subdomains

21
IPs

4
Countries

1448 kB
Transfer

4664 kB
Size

0
Cookies

61 HTTP transactions
7 data transactions