mitarbeiterbefragung.rhein-zeitung.de Open in urlscan Pro
136.243.84.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mitarbeiterbefragung.rhein-zeitung.de/
Submission: On September 30 via automatic, source certstream-suspicious (September 30th 2021, 10:41:39 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 136.243.84.103, located in Germany and belongs to HETZNER-AS, DE. The main domain is mitarbeiterbefragung.rhein-zeitung.de.
TLS certificate: Issued by R3 on August 1st 2021. Valid for: 3 months.

This is the only time mitarbeiterbefragung.rhein-zeitung.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
14	136.243.84.103 136.243.84.103		24940 (HETZNER-AS) (HETZNER-AS)
14	1

14 136.243.84.103 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: failover.he15.netzindianer.net

mitarbeiterbefragung.rhein-zeitung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rhein-zeitung.de mitarbeiterbefragung.rhein-zeitung.de	170 KB
14	1

	Domain	Requested by
14	mitarbeiterbefragung.rhein-zeitung.de	mitarbeiterbefragung.rhein-zeitung.de
14	1

This site contains links to these domains. Also see Links.

Domain
www.rhein-zeitung.de

Subject Issuer	Validity	Valid
mitarbeiterbefragung.rhein-zeitung.de R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mitarbeiterbefragung.rhein-zeitung.de/
Frame ID: C97B0B7764C32205BA114D97F8E19510
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mitarbeiterbefragung der Rhein-Zeitung

Detected technologies

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

210 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.rhein-zeitung.de/nachrichten/redaktion-impressum.html
Title: Impressum

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
mitarbeiterbefragung.rhein-zeitung.de/ 6 KB
3 KB 60ms
14ms Document
text/html 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

2ebd431fd05f120aba901c6b761bfe6e14c11368edfcbe2969ce797f4f74cff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: mitarbeiterbefragung.rhein-zeitung.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 30 Sep 2021 22:41:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK reset.css
mitarbeiterbefragung.rhein-zeitung.de/css/ 926 B
1011 B 9ms
9ms Stylesheet
text/css 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/css/reset.css

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

5947c7e4e5e2afea0fb554cbcac0493308136e25646ec21d2e656001bc4a4d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
X-XSS-Protection: 1
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Keep-Alive: timeout=10
Expires: Thu, 07 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK main.css
mitarbeiterbefragung.rhein-zeitung.de/css/ 23 KB
5 KB 21ms
10ms Stylesheet
text/css 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/css/main.css?2

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

161085917d6716b7182d3834fdc5476d99f5daabf9bd71785f168698efdb5d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
X-XSS-Protection: 1
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Keep-Alive: timeout=10
Expires: Thu, 07 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK style.css
mitarbeiterbefragung.rhein-zeitung.de/css/ 7 KB
2 KB 22ms
6ms Stylesheet
text/css 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/css/style.css?2

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

a78c25c3f35bac1a60f827a863e263ecb3a9215ef56501277b9cbbb19da55e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:32 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
X-XSS-Protection: 1
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Keep-Alive: timeout=10
Expires: Thu, 07 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK jquery.js Show response
mitarbeiterbefragung.rhein-zeitung.de/_public/ 29 KB
15 KB 28ms
13ms Script
application/javascript 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/_public/jquery.js

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

8107cbffb89d340918691e7f2569c3f02474236c961bad169be3c06d9281dddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:19 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
X-XSS-Protection: 1
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Keep-Alive: timeout=10
Expires: Thu, 07 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK head-worker.jpg
mitarbeiterbefragung.rhein-zeitung.de/images/ 131 KB
131 KB 8ms
7ms Image
image/jpeg 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/images/head-worker.jpg

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

482818b6c2d8041be5e997aca1188fea56c4fe494fa9f1baeeb09cd44fdb2cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Last-Modified: Thu, 01 Dec 2011 08:53:42 GMT
Server: nginx
ETag: "4ed74096-20b3b"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
X-XSS-Protection: 1
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 133947
X-Content-Type-Options: nosniff
Expires: Sat, 30 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK token.jpg
mitarbeiterbefragung.rhein-zeitung.de/token/ 2 KB
2 KB 15ms
15ms Image
image/jpeg 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/token/token.jpg

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

9755108cb81a1a9ccfeac7db4e7afdc7c8e4781d2b60a42320e17b7ad268e5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
X-XSS-Protection: 1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
X-Content-Type-Options: nosniff
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK swfobject.js Show response
mitarbeiterbefragung.rhein-zeitung.de/etc/ 7 KB
3 KB 8ms
7ms Script
application/javascript 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/etc/swfobject.js

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:34 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
X-XSS-Protection: 1
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Keep-Alive: timeout=10
Expires: Thu, 07 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK mainnavi_bg.gif
mitarbeiterbefragung.rhein-zeitung.de/images/ 152 B
637 B 9ms
9ms Image
image/gif 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/images/mainnavi_bg.gif

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/css/main.css?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

2d057b589d573472e220a32195e52831d8ae8a7de24c1d57299d27ade8acdabb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:58 GMT
Server: nginx
ETag: "4e57ad6e-98"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/gif
X-XSS-Protection: 1
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 152
X-Content-Type-Options: nosniff
Expires: Sat, 30 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK bg_boks.gif
mitarbeiterbefragung.rhein-zeitung.de/images/ 1 KB
2 KB 9ms
9ms Image
image/gif 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/images/bg_boks.gif

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/css/style.css?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

a66f0a3f92489fcfcafae2f4aa8bc1c30741f00b5d462b7798ce24c45ec69bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:38 GMT
Server: nginx
ETag: "4e57ad5a-537"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/gif
X-XSS-Protection: 1
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1335
X-Content-Type-Options: nosniff
Expires: Sat, 30 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK red_arrow.gif
mitarbeiterbefragung.rhein-zeitung.de/images/ 987 B
1 KB 7ms
6ms Image
image/gif 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/images/red_arrow.gif

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/css/style.css?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

730a95401532b7574069419ab2f533d318a36729644b511b581e482dddf69d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:28:00 GMT
Server: nginx
ETag: "4e57ad70-3db"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/gif
X-XSS-Protection: 1
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 987
X-Content-Type-Options: nosniff
Expires: Sat, 30 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK red_arrow.png
mitarbeiterbefragung.rhein-zeitung.de/images/ 2 KB
2 KB 14ms
8ms Image
image/png 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/images/red_arrow.png

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/css/style.css?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

2004ae2f80282c841ee9ef246d05866c24f723b7f980ea2254a61ed5a5c8d518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:39 GMT
Server: nginx
ETag: "4e57ad5b-785"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
X-XSS-Protection: 1
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1925
X-Content-Type-Options: nosniff
Expires: Sat, 30 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK dotted_line_horiz.gif
mitarbeiterbefragung.rhein-zeitung.de/images/ 43 B
527 B 14ms
9ms Image
image/gif 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/images/dotted_line_horiz.gif

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/css/main.css?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

75dfcfdeeeb2c8c7eedda732cdf89650e84044ba9929db1d42bec3e8b337d3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:28:03 GMT
Server: nginx
ETag: "4e57ad73-2b"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/gif
X-XSS-Protection: 1
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 43
X-Content-Type-Options: nosniff
Expires: Sat, 30 Oct 2021 22:41:34 GMT

GET
H/1.1 200
OK separator.gif
mitarbeiterbefragung.rhein-zeitung.de/images/ 44 B
528 B 10ms
7ms Image
image/gif 136.243.84.103
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mitarbeiterbefragung.rhein-zeitung.de/images/separator.gif

Requested by

Host: mitarbeiterbefragung.rhein-zeitung.de
URL: https://mitarbeiterbefragung.rhein-zeitung.de/css/main.css?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.243.84.103 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

failover.he15.netzindianer.net

Software

nginx /

Resource Hash

8d5f90ba1ff66577de2cca89f6ec1eea40adbb1962d745fdd76fa692f50dc942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mitarbeiterbefragung.rhein-zeitung.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
Cookie: PHPSESSID=ccede581afd2e36fea021c023a51ee07
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://mitarbeiterbefragung.rhein-zeitung.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 22:41:34 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 26 Aug 2011 14:27:53 GMT
Server: nginx
ETag: "4e57ad69-2c"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/gif
X-XSS-Protection: 1
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 44
X-Content-Type-Options: nosniff
Expires: Sat, 30 Oct 2021 22:41:34 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mitarbeiterbefragung.rhein-zeitung.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: ccede581afd2e36fea021c023a51ee07

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mitarbeiterbefragung.rhein-zeitung.de
136.243.84.103
161085917d6716b7182d3834fdc5476d99f5daabf9bd71785f168698efdb5d19
2004ae2f80282c841ee9ef246d05866c24f723b7f980ea2254a61ed5a5c8d518
228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6
2d057b589d573472e220a32195e52831d8ae8a7de24c1d57299d27ade8acdabb
2ebd431fd05f120aba901c6b761bfe6e14c11368edfcbe2969ce797f4f74cff0
482818b6c2d8041be5e997aca1188fea56c4fe494fa9f1baeeb09cd44fdb2cf6
5947c7e4e5e2afea0fb554cbcac0493308136e25646ec21d2e656001bc4a4d1d
730a95401532b7574069419ab2f533d318a36729644b511b581e482dddf69d94
75dfcfdeeeb2c8c7eedda732cdf89650e84044ba9929db1d42bec3e8b337d3df
8107cbffb89d340918691e7f2569c3f02474236c961bad169be3c06d9281dddf
8d5f90ba1ff66577de2cca89f6ec1eea40adbb1962d745fdd76fa692f50dc942
9755108cb81a1a9ccfeac7db4e7afdc7c8e4781d2b60a42320e17b7ad268e5fd
a66f0a3f92489fcfcafae2f4aa8bc1c30741f00b5d462b7798ce24c45ec69bcc
a78c25c3f35bac1a60f827a863e263ecb3a9215ef56501277b9cbbb19da55e90

mitarbeiterbefragung.rhein-zeitung.de Open in urlscan Pro 136.243.84.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

170 kBTransfer

210 kBSize

1 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

mitarbeiterbefragung.rhein-zeitung.de Open in urlscan Pro
136.243.84.103 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

210 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions