urlscan.io logo urlscan.io
SecurityTrails logo

www.tchibo.com Open in urlscan Pro
2.16.186.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blog.tchibo.com/
Effective URL: https://www.tchibo.com/blog
Submission: On October 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2.16.186.162, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.tchibo.com.
TLS certificate: Issued by R3 on October 11th 2022. Valid for: 3 months.
This is the only time www.tchibo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18 2.16.186.162 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
18 tchibo.com
blog.tchibo.com
www.tchibo.com
2 MB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
10 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
0 cookielaw.org Failed
cdn.cookielaw.org Failed
19 4
Domain Requested by
16 www.tchibo.com www.tchibo.com
2 blog.tchibo.com 2 redirects
1 cdnjs.cloudflare.com www.tchibo.com
0 www.googletagmanager.com Failed www.tchibo.com
0 cdn.cookielaw.org Failed www.tchibo.com
19 5
Subject Issuer Validity Valid
www.tchibo.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.tchibo.com/blog
Frame ID: 1F007AEFB4EB1FB85810D1B6D3C0FD12
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Blog - Tchibo

Page URL History Show full URLs

  1. http://blog.tchibo.com/ HTTP 301
    https://blog.tchibo.com/ HTTP 301
    https://www.tchibo.com/blog Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

19
Requests

89 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

2173 kB
Transfer

2244 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blog.tchibo.com/ HTTP 301
    https://blog.tchibo.com/ HTTP 301
    https://www.tchibo.com/blog Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request blog
www.tchibo.com/
Redirect Chain
  • http://blog.tchibo.com/
  • https://blog.tchibo.com/
  • https://www.tchibo.com/blog
34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
85ba988bb0e323261b05f95623b99be45aeed029dd5776c63f2af5431f6f9e92
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=4518
content-encoding
gzip
content-length
9238
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 06:27:30 GMT
expires
Sun, 23 Oct 2022 07:42:48 GMT
referrer-policy
same-origin
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
0
date
Sun, 23 Oct 2022 06:27:30 GMT
expires
Sun, 23 Oct 2022 06:27:30 GMT
location
https://www.tchibo.com/blog
pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 06:27:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
1563748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9939
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-da9f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75e86841dce6bb47-FRA
expires
Fri, 13 Oct 2023 06:27:30 GMT
index.css
www.tchibo.com/assets/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/assets/css/index.css?1663679900
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e59d34d270cbbeb3989a3a4b13c2ba1a061db1a7a10a96f8127ce4b293acf0d0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 13:18:20 GMT
date
Sun, 23 Oct 2022 06:27:30 GMT
etag
W/"6329bd9c-483d"
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=507654
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
content-length
5111
blog.css
www.tchibo.com/assets/css/templates/ 		1 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/assets/css/templates/blog.css?1663679900
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
efb8015f208174817d481b9fa97e0702cc7c271a06cf64931a370f354c59de31
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 13:18:20 GMT
date
Sun, 23 Oct 2022 06:27:30 GMT
etag
W/"6329bd9c-53e"
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=507715
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
content-length
568
post.css
www.tchibo.com/assets/css/templates/ 		776 B
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/assets/css/templates/post.css?1663679900
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c2fbbdf61a335458b542f4289b8be5ef8464ccb6496a12c6c97f5815ae4f5ee2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 13:18:20 GMT
date
Sun, 23 Oct 2022 06:27:30 GMT
etag
W/"6329bd9c-308"
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=507671
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
content-length
365
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		0
0
index.js
www.tchibo.com/assets/js/ 		916 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/assets/js/index.js?1663679900
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a07d46a2e1c609b90f0b5a759266a66b3b47b80aef9c16c5c9527e4170b6a03
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 13:18:20 GMT
date
Sun, 23 Oct 2022 06:27:30 GMT
etag
W/"6329bd9c-394"
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=507720
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
content-length
391
gtm.js
www.googletagmanager.com/ 		0
0
interstate-wgl-regular.woff2
www.tchibo.com/assets/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/assets/fonts/interstate-wgl-regular.woff2
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/assets/css/index.css?1663679900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66f611480213c941b67ea86c7a3e6168089fb7c44a521d8eb6eee1d280ed889c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tchibo.com/assets/css/index.css?1663679900
Origin
https://www.tchibo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 13:18:20 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"6329bd9c-7d7c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=2365323
accept-ranges
bytes
content-length
32124
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
interstate-wgl-bold.woff2
www.tchibo.com/assets/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/assets/fonts/interstate-wgl-bold.woff2
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/assets/css/index.css?1663679900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb83bb8d322b4541c9f8fb47b986f821c1a45c07eb45f0ffb7f95b1efc976ef8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tchibo.com/assets/css/index.css?1663679900
Origin
https://www.tchibo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 13:18:20 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"6329bd9c-60b8"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=2365221
accept-ranges
bytes
content-length
24760
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
interstate-wgl-light.woff2
www.tchibo.com/assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tchibo.com/assets/fonts/interstate-wgl-light.woff2
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/assets/css/index.css?1663679900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6256d1e1a47d05083150d0dfa9dec54f1cd3cd9adb204b5d0e44d089c7320521
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tchibo.com/assets/css/index.css?1663679900
Origin
https://www.tchibo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 13:18:20 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"6329bd9c-7a94"
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=2365341
accept-ranges
bytes
content-length
31380
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
gruppenfoto-1-1300x.jpg
www.tchibo.com/media/pages/blog/2022/ausflug-nach-bremen-zum-lagerstandort/c6399bb008-1666023380/ 		266 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/ausflug-nach-bremen-zum-lagerstandort/c6399bb008-1666023380/gruppenfoto-1-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4650688888a06cd8b3ba2588bfc36fe9d089fb50bedcf251e068cbc2759766ef
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 17:38:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"634d932d-429d4"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
272852
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
20221004-tchibo-tag-des-kaffees-0007-dsf2246-1300x.jpg
www.tchibo.com/media/pages/blog/2022/64-kaffeereise-in-die-speicherstadt-zum-tag-des-kaffees/09ce2208c5-1666023379/ 		333 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/64-kaffeereise-in-die-speicherstadt-zum-tag-des-kaffees/09ce2208c5-1666023379/20221004-tchibo-tag-des-kaffees-0007-dsf2246-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60d60f917c3a997dd4e632c26c8f29e03bbc7a611b35a10bce66f5fe57daa3c6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 17:38:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"634d932d-53500"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
341248
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
tools-864983-1280-1300x.jpg
www.tchibo.com/media/pages/blog/2022/repair-everywhere-reparatur-bei-tchibo/cc727ad0ee-1666023379/ 		415 KB
416 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/repair-everywhere-reparatur-bei-tchibo/cc727ad0ee-1666023379/tools-864983-1280-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66647e442b81d56cedafef0469665ddc00dd5fd05e9b786e908a422634a2466f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
x-frame-options
SAMEORIGIN
content-type
image/jpeg; charset=UTF-8
cache-control
max-age=31536000
content-length
424644
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
20221004-tchibo-tag-des-kaffees-0007-dsf2246-1300x.jpg
www.tchibo.com/media/pages/blog/2022/der-wichtigste-tag-des-jahres-oder-auch-tag-des-kaffees/eab407051c-1666023379/ 		314 KB
315 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/der-wichtigste-tag-des-jahres-oder-auch-tag-des-kaffees/eab407051c-1666023379/20221004-tchibo-tag-des-kaffees-0007-dsf2246-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef89941009a07030234b7bd7151239a794b276fa2ab6ac92e146dbe4b97e6085
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 19:05:50 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"634da78e-4e818"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
321560
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
screenshot-2022-10-06-133020-1300x.jpg
www.tchibo.com/media/pages/blog/2022/er-braucht-mehr-davon-sie-mag-es-lieber-zu-hause/70fd5f9dc1-1666023379/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/er-braucht-mehr-davon-sie-mag-es-lieber-zu-hause/70fd5f9dc1-1666023379/screenshot-2022-10-06-133020-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c483a38ed64f8b126a4578e3f5297533e3e73588489c58e5e17b5aa27a7368a5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 19:41:17 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"634dafdd-9e7c"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
40572
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
header-produkt-1300x.jpg
www.tchibo.com/media/pages/blog/2022/63-verrueckte-tchibo-produkte-wer-steckt-dahinter/d84adb24c0-1666023378/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/63-verrueckte-tchibo-produkte-wer-steckt-dahinter/d84adb24c0-1666023378/header-produkt-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77fa388a79e2474ec999e6a8708e7e544a888b1a6c93126d11d386b42ee52419
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 17:38:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"634d932d-3a573"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
238963
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
kirschen-1000-1300x.jpg
www.tchibo.com/media/pages/blog/2022/fazit-des-tchibo-joint-forces-projekts-honduras/c9666564cd-1666023379/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/fazit-des-tchibo-joint-forces-projekts-honduras/c9666564cd-1666023379/kirschen-1000-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09a6bca164c6ecfb6a6efdd4128448b7723faa7b75b70496f25ec1d5c72aa39e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 17:38:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"634d932d-29039"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
167993
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block
bla-1300x.jpg
www.tchibo.com/media/pages/blog/2022/ein-praktikum-das-in-erinnerung-bleibt/dc31ef7a1a-1666023378/ 		283 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tchibo.com/media/pages/blog/2022/ein-praktikum-das-in-erinnerung-bleibt/dc31ef7a1a-1666023378/bla-1300x.jpg
Requested by
Host: www.tchibo.com
URL: https://www.tchibo.com/blog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
961023f600ad52ac761191c8ab2e1b351a9eae6b0c5cc15ab2a2c643c424fa04
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tchibo.com/blog
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
date
Sun, 23 Oct 2022 06:27:30 GMT
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 17:38:54 GMT
strict-transport-security
max-age=86400 ; includeSubDomains ; preload
etag
"634d932e-46d54"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
290132
x-webkit-csp
base-uri 'self'; default-src 'self'; form-action 'self'; frame-ancestors 'self'; require-sri-for script style
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.cookielaw.org
URL
xxxhttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Domain
www.googletagmanager.com
URL
xxxhttps://www.googletagmanager.com/gtm.js?id=GTM-WCZFNVK

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| doOptout object| dataLayer function| OptanonWrapper function| toggleSearch object| body object| overlay object| closeoverlay object| openoverlay object| overlayButton

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: xxxhttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network error URL: xxxhttps://www.googletagmanager.com/gtm.js?id=GTM-WCZFNVK
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block