URL: https://bille.kontaktformular6.de/
Submission: On August 21 via automatic, source certstream-suspicious

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 29 HTTP transactions. The main IP is 35.198.149.115, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is bille.kontaktformular6.de.
TLS certificate: Issued by R3 on August 21st 2021. Valid for: 3 months.
This is the only time bille.kontaktformular6.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
4 europe-west1-niro-tracking.cloudfunctions.net bille.kontaktformular6.de
4 storage.googleapis.com bille.kontaktformular6.de
3 www.facebook.com bille.kontaktformular6.de
3 f.vimeocdn.com player.vimeo.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 i.vimeocdn.com player.vimeo.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net bille.kontaktformular6.de
connect.facebook.net
2 fonts.googleapis.com bille.kontaktformular6.de
1 vimeo.com f.vimeocdn.com
1 player.vimeo.com bille.kontaktformular6.de
1 privacy-proxy.usercentrics.eu bille.kontaktformular6.de
1 app.usercentrics.eu bille.kontaktformular6.de
1 bille.kontaktformular6.de
29 14

This site contains links to these domains. Also see Links.

Domain
www.bille-bad-und-waerme.de
Subject Issuer Validity Valid
bille.kontaktformular6.de
R3
2021-08-21 -
2021-11-19
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-07-26 -
2021-10-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
app.usercentrics.eu
GTS CA 1D4
2021-06-29 -
2021-09-27
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2021-07-26 -
2021-10-18
3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-05-21 -
2022-06-22
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
misc.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-05-18 -
2022-06-19
a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4
2021-06-26 -
2021-09-25
3 months crt.sh

This page contains 2 frames:

Primary Page: https://bille.kontaktformular6.de/
Frame ID: FF65F86D6C20E8B509769DE822C74E2A
Requests: 18 HTTP requests in this frame

Frame: https://player.vimeo.com/video/565534375
Frame ID: EBBC2687EE6FF24DD38CEAA9D7B1DAC6
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Recruiting Bille Bad & Wärme GmbH & Co. KGlike-1dislike-2business-team-goalmobile-launchmood-peacecalendar-favorite-heartperformance-money-increaseschool-test-physical-educationcheck-squarecheck-squarecheck-squarecheck-squarecheck-squarecheck-squarelike-1dislike-2ionicons-v5-atarget-centerlaptop-launchbusiness-deal-handshakebusiness-climb-top-1ionicons-v5-aionicons-v5-aionicons-v5-ae-learning-smartphonelaptop-launchbusiness-deal-handshakebusiness-climb-top-1ionicons-v5-aionicons-v5-asend-emaillogout-1logout-1

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

29
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

14
Subdomains

12
IPs

2
Countries

2579 kB
Transfer

3946 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bille.kontaktformular6.de/
464 KB
112 KB
Document
General
Full URL
https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.198.149.115 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
115.149.198.35.bc.googleusercontent.com
Software
nginx/1.15.10 / Express
Resource Hash
7b508f487162fe8af4e80a971f82b377df1d6fe6956c10e8a7e0e5c1b2c5e72c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
bille.kontaktformular6.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.15.10
date
Sat, 21 Aug 2021 08:52:05 GMT
content-type
text/html
vary
Accept-Encoding
x-powered-by
Express
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
icon
fonts.googleapis.com/
568 B
461 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 08:52:05 GMT
server
ESF
date
Sat, 21 Aug 2021 08:52:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 08:52:05 GMT
css
fonts.googleapis.com/
13 KB
931 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800&display=swap
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8be3c740039fad83ea778abd0e85f107fdf927b67b1f8830aff454b914e62e4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 Aug 2021 08:52:05 GMT
server
ESF
date
Sat, 21 Aug 2021 08:52:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Aug 2021 08:52:05 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25940
x-xss-protection
0
pragma
public
x-fb-debug
vNgz1yQKLhFLzOORbkceKokPjMvwTbBj3RVoYaX2D10XP1dMj7WOcocIziwXe0d0e2zjiBVqE6w2PSOYoXDTwQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sat, 21 Aug 2021 08:52:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.js
app.usercentrics.eu/latest/
26 KB
9 KB
Script
General
Full URL
https://app.usercentrics.eu/latest/main.js
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
49958c1a45bfd46c8a02c8b5bb265b5392830f3d32ce509a437e1c7f2f721a52
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 19:13:21 GMT
content-encoding
gzip
x-goog-meta-version
2.12.0
age
49124
x-guploader-uploadid
ADPycduuWtMEgi4TFZFuRcGjm_RHD52yzm5-Dl1AYucMnhQs-HctUAVKGtb4WCw8bccFCCqiHTnSyc-uQGDKWX535Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8306
last-modified
Mon, 09 Aug 2021 11:42:03 GMT
server
UploadServer
etag
"2975273afaf3d018bcc8c2f0499488f0"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=4C0Oag==, md5=KXUnOvrz0Bi8yMLwSZSI8A==
x-goog-generation
1628509323365197
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400, no-transform
x-goog-stored-content-length
8306
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 21 Aug 2021 19:13:21 GMT
uc-block.bundle.js
privacy-proxy.usercentrics.eu/latest/
111 KB
28 KB
Script
General
Full URL
https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cafa184812f84a248bf9a655c6e4167853efaf7f2da3c6647b01eeda0c3703ff
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:22:32 GMT
content-encoding
gzip
vary
Accept-Encoding
x-goog-meta-version
2.4.24
age
1773
x-guploader-uploadid
ADPycdsnZ5Kmvk8wu3myGDBV1SmoRMfsUhKNRBDjYQjcpFC24rfEim0d_Os1nhUTeKpcAu1SK3xknn2ICECJw7WsJaCq1EOVcQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
28299
last-modified
Tue, 10 Aug 2021 07:42:13 GMT
server
UploadServer
etag
"9fccd684eb5bda014a1429ee70d5f117"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=fc3jVQ==, md5=n8zWhOtb2gFKFCnucNXxFw==
x-goog-generation
1628581333510180
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600
x-goog-stored-content-length
28299
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 21 Aug 2021 09:22:32 GMT
ba21d1e8-4bdd-450c-a422-f80a2a56d6fd
storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/
27 KB
25 KB
Image
General
Full URL
https://storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/ba21d1e8-4bdd-450c-a422-f80a2a56d6fd
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1f1c7a41154debae041a722f885e360da2451f6cead1d85100258e1836a602a7

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtW-p0lp1gTzTHkVTixvUMFZA0vrtImC9-_8uh4oLJoKEb8bY6RA3cgUSyWCQVsa3PjxIWDpA1SQzLd9HtnnO5T3jq_hA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25432
last-modified
Tue, 22 Jun 2021 09:17:41 GMT
server
UploadServer
etag
"59a207eed3a0c7cc317d23d223f3076e"
vary
Accept-Encoding
x-goog-hash
crc32c=ErfGaw==, md5=WaIH7tOgx8wxfSPSI/MHbg==
x-goog-generation
1624353461776719
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
25432
accept-ranges
bytes
content-type
false
expires
Sat, 21 Aug 2021 09:52:05 GMT
4d06129a-143e-48d8-a330-6609289fcf33
storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/
640 KB
640 KB
Image
General
Full URL
https://storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/4d06129a-143e-48d8-a330-6609289fcf33
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b95d62f7cc3a503b1154ff03582ced2f526cd1a8042a719ba55c767114268717

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduBWZbRGe_krjBDUPpEUcDQXbc7AsvsJKKziSU4uAgmBW0en27i9W5DEhri1bSDWWwiIY_uB54L2vPhC0YJxcTrzhTn7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
655244
last-modified
Tue, 22 Jun 2021 09:34:20 GMT
server
UploadServer
etag
"7a634e4b86b27fdc0e40a140049d5e1e"
vary
Accept-Encoding
x-goog-hash
crc32c=Lu49Sg==, md5=emNOS4ayf9wOQKFABJ1eHg==
x-goog-generation
1624354460776331
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
655244
accept-ranges
bytes
content-type
false
expires
Sat, 21 Aug 2021 09:52:05 GMT
1f4d0d10-f907-4481-892b-e1368feac1f6
storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/
655 KB
656 KB
Image
General
Full URL
https://storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/1f4d0d10-f907-4481-892b-e1368feac1f6
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a932e61d6e55129e64b82a1b8861833befdff5399a3803c1d175c211431f8ec8

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt1wiq6zqALp6HCTyxp1Ip4z7plC4biGgTY2iBxnQuVHdjCmMONJY32M2sqhoJpEvBsg5hTndRp6uAyP-Vo1G5r1T3fSw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
670673
last-modified
Tue, 22 Jun 2021 09:34:33 GMT
server
UploadServer
etag
"db614d33e7bfc2e8d60f33ecae42207e"
vary
Accept-Encoding
x-goog-hash
crc32c=6PtEoA==, md5=22FNM+e/wujWDzPsrkIgfg==
x-goog-generation
1624354473263136
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
670673
accept-ranges
bytes
content-type
false
expires
Sat, 21 Aug 2021 09:52:05 GMT
0242902e-9aee-4103-b1c9-4db83e100a98
storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/
627 KB
628 KB
Image
General
Full URL
https://storage.googleapis.com/builder.zenflow.de/recruiting-bille-bad-waerme/www/assets/0242902e-9aee-4103-b1c9-4db83e100a98
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7be0eca52010c2e537a1a35d503361895a9d77fbf6878aa90b637fbad88cc39d

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv2ljctoPXcdT3_pCIE6FfAVN3e76VigBmDg9FmSp1LqTIOiitXgPfupA09l6FLKZNQeOoB0__VtvRESwQHphLWmlHDqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
642102
last-modified
Tue, 22 Jun 2021 09:44:56 GMT
server
UploadServer
etag
"ad7bfd1a4a548875f370de319368660b"
vary
Accept-Encoding
x-goog-hash
crc32c=/gA7Ww==, md5=rXv9GkpUiHXzcN4xk2hmCw==
x-goog-generation
1624355096345996
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
642102
accept-ranges
bytes
content-type
false
expires
Sat, 21 Aug 2021 09:52:05 GMT
309489370888049
connect.facebook.net/signals/config/
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/309489370888049?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c85757c1dd339bc66de9db059ce1dea113a906ecef1ac6cfd031b0e9c17b243e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
f2c5RuBvmoIl9Ddz04hAGUcfrzff1me2X5IBvQj+9LZuzKUzK1JaGu3t3FSbcdN1wnxWU/IMcOANv6RFVfI31A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 21 Aug 2021 08:52:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
565534375
player.vimeo.com/video/ Frame EBBC
16 KB
8 KB
Document
General
Full URL
https://player.vimeo.com/video/565534375
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c3972660049f3ef9e1f2482f66627ad6732be2557c0731b10544332e4d2d1fb7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bille.kontaktformular6.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bille.kontaktformular6.de/

Response headers

Connection
keep-alive
Content-Length
5383
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Sat, 21 Aug 2021 09:02:05 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-b-9
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Sat, 21 Aug 2021 08:52:05 GMT
Age
0
X-Served-By
cache-fra19162-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1629535926.720361,VS0,VE189
Vary
Accept-Encoding
X-Player-Backend
p
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bille.kontaktformular6.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:48 GMT
x-content-type-options
nosniff
age
375737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:48 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700,800|Lato:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bille.kontaktformular6.de
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:29:49 GMT
x-content-type-options
nosniff
age
375736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:29:49 GMT
onEvent
europe-west1-niro-tracking.cloudfunctions.net/ Frame
0
0
Preflight
General
Full URL
https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Protocol
H2
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bille.kontaktformular6.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://bille.kontaktformular6.de
function-execution-id
ry47cpmk7v04
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
x-cloud-trace-context
255a1aa2ac824e499c0bcf2053090ab1
date
Sat, 21 Aug 2021 08:52:05 GMT
content-type
text/html
server
Google Frontend
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
onEvent
europe-west1-niro-tracking.cloudfunctions.net/
2 B
42 B
XHR
General
Full URL
https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
content-encoding
gzip
server
Google Frontend
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://bille.kontaktformular6.de
x-cloud-trace-context
cd53939d1a4b33ca6a18bc96bc2f2c83
cache-control
private
function-execution-id
ry47hhtzk1kc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22
onEvent
europe-west1-niro-tracking.cloudfunctions.net/
2 B
42 B
XHR
General
Full URL
https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
content-encoding
gzip
server
Google Frontend
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://bille.kontaktformular6.de
x-cloud-trace-context
7dca6f493b1944c7d10e5cdb8af31d11
cache-control
private
function-execution-id
lu0ijvbi187e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22
onEvent
europe-west1-niro-tracking.cloudfunctions.net/ Frame
0
0
Preflight
General
Full URL
https://europe-west1-niro-tracking.cloudfunctions.net/onEvent
Protocol
H2
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bille.kontaktformular6.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://bille.kontaktformular6.de
function-execution-id
lu0iza9u08be
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
x-cloud-trace-context
c1ca0af4c41941543e7d8c4f7667d749
date
Sat, 21 Aug 2021 08:52:05 GMT
content-type
text/html
server
Google Frontend
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1169380662.jpg
i.vimeocdn.com/video/ Frame EBBC
2 KB
2 KB
Image
General
Full URL
https://i.vimeocdn.com/video/1169380662.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/565534375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c76510306887fddc83cb7d780a854c4ef8bae74419a8f78bca940f5c6b94fc1

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
161899
x-viewmaster-lossless-format
false
x-cache
miss, MISS, HIT
x-backend-server
varnish
content-length
1786
viewmaster-server
viewmaster-us-central1-gzll
x-served-by
cache-dfw18673-DFW, cache-fra19175-FRA
x-timer
S1629535926.993343,VS0,VE1
etag
9f68adc1014b879505cce2be7a2837fa
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
0, 1
player.js
f.vimeocdn.com/p/3.39.2/js/ Frame EBBC
647 KB
151 KB
Script
General
Full URL
https://f.vimeocdn.com/p/3.39.2/js/player.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/565534375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8142cb184125a326bfda6561228f368e30c5dce3a2aef2bbe11d848b50607e89

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
via
1.1 varnish, 1.1 varnish
age
131856
x-guploader-uploadid
ADPycdsM-o3vWfXfbIIFkzkcWGec-Ivn29nzr53itf690jCVFLRzuUTQiwdJh0QTxTgeo_ALenQxVMsMDrQSVvuhMq0
x-cache
MISS, HIT
content-encoding
br
content-length
154619
x-served-by
cache-bwi5157-BWI, cache-fra19181-FRA
last-modified
Thu, 19 Aug 2021 20:05:08 GMT
server
UploadServer
x-timer
S1629535926.989129,VS0,VE0
etag
"40bdd721f3dfb6a4b477437700bce2c7"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 43692
player.css
f.vimeocdn.com/p/3.39.2/css/ Frame EBBC
166 KB
18 KB
Stylesheet
General
Full URL
https://f.vimeocdn.com/p/3.39.2/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/565534375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e21a219c59e34103b8da34c6d0624279147cd630b749e49f32a7910623186867

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
via
1.1 varnish, 1.1 varnish
age
131857
x-guploader-uploadid
ADPycdun2At0IUDfP6ba3CXXOjiVnIiev4k8pKOHDJxPbZWMu_l6xF-7siZYf-irvoUHh1MAk5HU1T206RjlxxkLzG4
x-cache
HIT, HIT
content-encoding
br
content-length
17975
x-served-by
cache-bwi5173-BWI, cache-fra19181-FRA
last-modified
Thu, 19 Aug 2021 20:05:09 GMT
server
UploadServer
x-timer
S1629535926.988972,VS0,VE0
etag
"e7d6aacf4277b31f43e91d0671a9e3fd"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
1, 63288
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame EBBC
3 KB
1 KB
Script
General
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/565534375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:05 GMT
content-encoding
gzip
age
11197613
x-cache
HIT, HIT
x-cache-hits
2, 370988
content-length
1238
x-served-by
cache-bwi5144-BWI, cache-fra19181-FRA
last-modified
Tue, 13 Apr 2021 16:24:13 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1629535926.989151,VS0,VE0
etag
"a68-5bfdd0f8b0540"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
x-vimeo-dc
ge
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Apr 2031 18:25:13 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=309489370888049&ev=PageView&dl=https%3A%2F%2Fbille.kontaktformular6.de%2F%23start&rl=&if=false&ts=1629535926017&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629535926016.1780468473&it=1629535925643&coo=false&rqm=GET
Requested by
Host: bille.kontaktformular6.de
URL: https://bille.kontaktformular6.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 21 Aug 2021 08:52:06 GMT
vuid
vimeo.com/ablincoln/ Frame EBBC
0
790 B
Ping
General
Full URL
https://vimeo.com/ablincoln/vuid?pid=f97dc86fb4b2fdda060847f3d9cc51b2d0c3ad741629535925
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5137-BWI, cache-hhn4074-HHN
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1629535926.099108,VS0,VE121
X-Frame-Options
sameorigin
Date
Sat, 21 Aug 2021 08:52:06 GMT
Vary
User-Agent
Expires
Fri, 20 Aug 2021 20:52:06 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v13920-rvlm8
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
player-test-impression
fresnel.vimeocdn.com/add/ Frame EBBC
0
40 B
Ping
General
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.39.2/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Sat, 21 Aug 2021 08:52:06 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
1169380662
i.vimeocdn.com/video/ Frame EBBC
153 KB
154 KB
Image
General
Full URL
https://i.vimeocdn.com/video/1169380662
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/565534375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a53f0f115177df3113bc79bdf26d5ae031d2dfd8de07b3988cfef1a66500f

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:06 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
161898
x-viewmaster-lossless-format
false
x-cache
miss, MISS, HIT
x-backend-server
varnish
content-length
156928
viewmaster-server
viewmaster-us-central1-jfkt
x-served-by
cache-dfw18637-DFW, cache-fra19175-FRA
x-timer
S1629535926.116730,VS0,VE2
etag
95bb54d6e5ff9d04e27260ae7578b877
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
0, 1
player-stats
fresnel.vimeocdn.com/add/ Frame EBBC
0
110 B
Ping
General
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f97dc86fb4b2fdda060847f3d9cc51b2d0c3ad741629535925
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.39.2/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Sat, 21 Aug 2021 08:52:06 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=309489370888049&ev=PageView&dl=https%3A%2F%2Fbille.kontaktformular6.de%2F%23start&rl=&if=false&ts=1629535926179&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629535926016.1780468473&it=1629535925643&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 21 Aug 2021 08:52:06 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=309489370888049&ev=Microdata&dl=https%3A%2F%2Fbille.kontaktformular6.de%2F%23start&rl=&if=false&ts=1629535927520&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Recruiting%20Bille%20Bad%20%26%20W%C3%A4rme%20GmbH%20%26%20Co.%20KG%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1629535926016.1780468473&it=1629535925643&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bille.kontaktformular6.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 08:52:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 21 Aug 2021 08:52:07 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| FB_PIXEL_ID string| FB_PIXEL_SUBMIT_EVENT function| fbq function| _fbq string| API_ENDPOINT string| RESPONSE_API string| LAST_UPDATE string| FIRESTORE_URL string| ENV boolean| PASS_QS string| PASS_QS_RX string| ID string| TITLE object| styles function| Cleave function| Awesomplete object| regeneratorRuntime function| onLessReady object| flowHistory object| heyflow object| niroflow object| Client object| usercentrics number| initTs object| dataLayer string| sessionId object| currentScreen

2 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl1063265762.1324288615
.kontaktformular6.de/ Name: _fbp
Value: fb.1.1629535926016.1780468473

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.usercentrics.eu
bille.kontaktformular6.de
connect.facebook.net
europe-west1-niro-tracking.cloudfunctions.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
player.vimeo.com
privacy-proxy.usercentrics.eu
storage.googleapis.com
vimeo.com
www.facebook.com
151.101.0.217
151.101.12.217
151.101.14.109
2001:4860:4802:36::36
2600:1901:0:5987::
2a00:1450:4001:802::2003
2a00:1450:4001:829::200a
2a00:1450:4001:831::2010
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.202.204
35.198.149.115
069a53f0f115177df3113bc79bdf26d5ae031d2dfd8de07b3988cfef1a66500f
0c76510306887fddc83cb7d780a854c4ef8bae74419a8f78bca940f5c6b94fc1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f1c7a41154debae041a722f885e360da2451f6cead1d85100258e1836a602a7
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
49958c1a45bfd46c8a02c8b5bb265b5392830f3d32ce509a437e1c7f2f721a52
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
7b508f487162fe8af4e80a971f82b377df1d6fe6956c10e8a7e0e5c1b2c5e72c
7be0eca52010c2e537a1a35d503361895a9d77fbf6878aa90b637fbad88cc39d
8142cb184125a326bfda6561228f368e30c5dce3a2aef2bbe11d848b50607e89
8be3c740039fad83ea778abd0e85f107fdf927b67b1f8830aff454b914e62e4d
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
a932e61d6e55129e64b82a1b8861833befdff5399a3803c1d175c211431f8ec8
b95d62f7cc3a503b1154ff03582ced2f526cd1a8042a719ba55c767114268717
c3972660049f3ef9e1f2482f66627ad6732be2557c0731b10544332e4d2d1fb7
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c85757c1dd339bc66de9db059ce1dea113a906ecef1ac6cfd031b0e9c17b243e
cafa184812f84a248bf9a655c6e4167853efaf7f2da3c6647b01eeda0c3703ff
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
e21a219c59e34103b8da34c6d0624279147cd630b749e49f32a7910623186867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855