urlscan.io logo urlscan.io
SecurityTrails logo

mitarbeiteroffensive.com Open in urlscan Pro
85.13.157.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.mitarbeiteroffensive.com/
Effective URL: https://mitarbeiteroffensive.com/
Submission: On September 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 85.13.157.25, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is mitarbeiteroffensive.com.
TLS certificate: Issued by R3 on July 24th 2021. Valid for: 3 months.
This is the only time mitarbeiteroffensive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 85.13.157.25 34788 (NMM-AS D)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.0.217 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
2 151.101.14.109 54113 (FASTLY)
3 151.101.114.109 54113 (FASTLY)
1 151.101.128.217 54113 (FASTLY)
2 34.120.202.204 15169 (GOOGLE)
32 9
11    85.13.157.25 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd51022.kasserver.com
www.mitarbeiteroffensive.com
mitarbeiteroffensive.com
5    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.0.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
3    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
f.vimeocdn.com
1    151.101.128.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
2    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
Domain Requested by
10 mitarbeiteroffensive.com mitarbeiteroffensive.com
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com mitarbeiteroffensive.com
3 f.vimeocdn.com player.vimeo.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 i.vimeocdn.com player.vimeo.com
2 player.vimeo.com mitarbeiteroffensive.com
2 www.google-analytics.com mitarbeiteroffensive.com
www.google-analytics.com
1 vimeo.com f.vimeocdn.com
1 www.mitarbeiteroffensive.com 1 redirects
32 10

This site contains links to these domains. Also see Links.

Domain
datenschutzkompass.com
Subject Issuer Validity Valid
mitarbeiteroffensive.com
R3		 2021-07-24 -
2021-10-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-15 -
2022-10-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2021-08-22 -
2021-11-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mitarbeiteroffensive.com/
Frame ID: 521CF79F69E6D9C8DCA810C54FA5A076
Requests: 22 HTTP requests in this frame

Frame: https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Frame ID: 1EA37EB4075B8083A3A496F711B646B5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MO Local Hero 2019-05-22 - Starten Sie die Mitarbeiter Offensive

Page URL History Show full URLs

  1. https://www.mitarbeiteroffensive.com/ HTTP 301
    https://mitarbeiteroffensive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

10
Subdomains

9
IPs

2
Countries

3789 kB
Transfer

5371 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.mitarbeiteroffensive.com/ HTTP 301
    https://mitarbeiteroffensive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mitarbeiteroffensive.com/
Redirect Chain
  • https://www.mitarbeiteroffensive.com/
  • https://mitarbeiteroffensive.com/
818 KB
146 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
7e106ade198d631950a8d112aac903dcd397260cd8658c450b089f2eed2ad756

Request headers

:method
GET
:authority
mitarbeiteroffensive.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
server
Apache
vary
Accept-Encoding,Cookie
accept-ranges
none
cache-control
max-age=0
expires
Wed, 22 Sep 2021 18:59:46 GMT
referrer-policy
no-referrer-when-downgrade
x-pingback
https://mitarbeiteroffensive.com/xmlrpc.php
content-length
148069
content-type
text/html; charset=UTF-8
content-encoding
gzip

Redirect headers

date
Wed, 22 Sep 2021 18:59:45 GMT
server
Apache
x-redirect-by
WordPress
vary
Accept-Encoding,User-Agent
location
https://mitarbeiteroffensive.com/
cache-control
max-age=3600
expires
Wed, 22 Sep 2021 19:59:45 GMT
referrer-policy
no-referrer-when-downgrade
content-length
0
content-type
text/html
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ab224bd291f4389f6f0987d6171fce6dbb6ec78b5f63e37ebdb98c06244b5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 17:45:07 GMT
server
ESF
date
Wed, 22 Sep 2021 18:59:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 18:59:46 GMT
jquery.js
mitarbeiteroffensive.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mitarbeiteroffensive.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
none
content-length
33776
expires
Thu, 22 Sep 2022 18:59:46 GMT
css
fonts.googleapis.com/ 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 18:56:43 GMT
server
ESF
date
Wed, 22 Sep 2021 18:59:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 18:59:46 GMT
css
fonts.googleapis.com/ 		10 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,300,600,800&subset=latin
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38ddd38c4dce3e0cd876086726bf45d1c8709aa14aa2f47b3b76963b625ae09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 18:59:46 GMT
server
ESF
date
Wed, 22 Sep 2021 18:59:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 18:59:46 GMT
css
fonts.googleapis.com/ 		2 KB
468 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oxygen:300,700,400&subset=latin
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaac1ee6b9c6440ad1693c509e910730abc89c7f19f171d87d8a96bdbef8819c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 18:59:46 GMT
server
ESF
date
Wed, 22 Sep 2021 18:59:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 18:59:46 GMT
css
fonts.googleapis.com/ 		6 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,600,200,500&subset=latin
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1b26ea60b8c07f3f32f180eada611c370507fb0588185461192c1074d5e851a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 18:59:46 GMT
server
ESF
date
Wed, 22 Sep 2021 18:59:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 18:59:46 GMT
Gelb-oben.png
mitarbeiteroffensive.com/wp-content/uploads/2019/05/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mitarbeiteroffensive.com/wp-content/uploads/2019/05/Gelb-oben.png
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
6c078cca49fe3df880596d711320cba051bdd72afaf358f1c25d6bd5e674ba34

Request headers

:path
/wp-content/uploads/2019/05/Gelb-oben.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
etag
"3b07-58950af333ca2"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15111
expires
Thu, 22 Sep 2022 18:59:46 GMT
wp-emoji-release.min.js
mitarbeiteroffensive.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mitarbeiteroffensive.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
none
content-length
4619
expires
Thu, 22 Sep 2022 18:59:46 GMT
Irene-w.jpg
mitarbeiteroffensive.com/wp-content/uploads/2019/05/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mitarbeiteroffensive.com/wp-content/uploads/2019/05/Irene-w.jpg
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
4eccf5a547c30003e61d930040b44a48bfeda35e82295b04f6a006bec026d23f

Request headers

:path
/wp-content/uploads/2019/05/Irene-w.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
etag
"803e-5897941e1eef1"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32830
expires
Thu, 22 Sep 2022 18:59:46 GMT
s7b_image4-2.png
mitarbeiteroffensive.com/wp-content/uploads/2019/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mitarbeiteroffensive.com/wp-content/uploads/2019/05/s7b_image4-2.png
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
8f59bcf25d9b3b1d12b1f575f8067787d71dcdb7bf6691450b6a8c9ecfeccdd1

Request headers

:path
/wp-content/uploads/2019/05/s7b_image4-2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
etag
"4772-5895eb6c7c63d"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18290
expires
Thu, 22 Sep 2022 18:59:46 GMT
adult-beard-boy-220453-1-2.jpg
mitarbeiteroffensive.com/wp-content/uploads/2019/05/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mitarbeiteroffensive.com/wp-content/uploads/2019/05/adult-beard-boy-220453-1-2.jpg
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
cd55e2f2e95d67208b0001e8ce650f79e537bb113625fa5f7d9fc2164722c734

Request headers

:path
/wp-content/uploads/2019/05/adult-beard-boy-220453-1-2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
etag
"24e13a-5895eb6d34f55"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2416954
expires
Thu, 22 Sep 2022 18:59:46 GMT
Bildschirmfoto-2019-02-10-um-15.38.24-2.png
mitarbeiteroffensive.com/wp-content/uploads/2019/05/ 		799 KB
799 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mitarbeiteroffensive.com/wp-content/uploads/2019/05/Bildschirmfoto-2019-02-10-um-15.38.24-2.png
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
dce2a45446342dcab3f5f6a08550074698985a05361eeb1c09bd739af96fdd13

Request headers

:path
/wp-content/uploads/2019/05/Bildschirmfoto-2019-02-10-um-15.38.24-2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
etag
"c7a6d-5895eb7078e33"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
817773
expires
Thu, 22 Sep 2022 18:59:46 GMT
autoptimize_a88e238ddec451e08356f1555eca3b12.js
mitarbeiteroffensive.com/wp-content/cache/autoptimize/js/ 		170 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mitarbeiteroffensive.com/wp-content/cache/autoptimize/js/autoptimize_a88e238ddec451e08356f1555eca3b12.js
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
699f93668c10022afef0dc81b15b6256d98a5eb160cfb33d6ed24fe6671fd264

Request headers

:path
/wp-content/cache/autoptimize/js/autoptimize_a88e238ddec451e08356f1555eca3b12.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public, immutable
accept-ranges
none
content-length
49643
expires
Thu, 22 Sep 2022 18:59:46 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
466
date
Wed, 22 Sep 2021 18:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 22 Sep 2021 20:52:00 GMT
337940909
player.vimeo.com/video/ Frame 1EA3 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1937f21a34a09e45fbaefb36a32a2dfe008c4b7284dc13edd242a028ef9e6f96
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mitarbeiteroffensive.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mitarbeiteroffensive.com/

Response headers

Connection
keep-alive
Content-Length
5280
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Wed, 22 Sep 2021 19:09:46 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-b-1
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Wed, 22 Sep 2021 18:59:46 GMT
Age
0
X-Served-By
cache-fra19121-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1632337186.240118,VS0,VE347
Vary
Accept-Encoding
X-Player-Backend
p
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mitarbeiteroffensive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 06:39:46 GMT
x-content-type-options
nosniff
age
303600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 06:39:46 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v25/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mitarbeiteroffensive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:34:46 GMT
x-content-type-options
nosniff
age
8700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:34:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mitarbeiteroffensive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 04:13:08 GMT
x-content-type-options
nosniff
age
139598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 04:13:08 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v25/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mitarbeiteroffensive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:57 GMT
x-content-type-options
nosniff
age
8869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:57 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,600,200,500&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mitarbeiteroffensive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 17:32:54 GMT
x-content-type-options
nosniff
age
264412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:32:54 GMT
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=413168092&t=pageview&_s=1&dl=https%3A%2F%2Fmitarbeiteroffensive.com%2F&ul=en-us&de=UTF-8&dt=MO%20Local%20Hero%202019-05-22%20-%20Starten%20Sie%20die%20Mitarbeiter%20Offensive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1044503966&gjid=1119491016&cid=289543898.1632337186&tid=UA-98439521-9&_gid=1744681599.1632337186&_r=1&_slc=1&z=992630072
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mitarbeiteroffensive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 18:59:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mitarbeiteroffensive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
admin-ajax.php
mitarbeiteroffensive.com/wp-admin/ 		1 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mitarbeiteroffensive.com/wp-admin/admin-ajax.php
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.157.25 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd51022.kasserver.com
Software
Apache /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://mitarbeiteroffensive.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_ga=GA1.2.289543898.1632337186; _gid=GA1.2.1744681599.1632337186; _gat=1
content-length
44
:path
/wp-admin/admin-ajax.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
mitarbeiteroffensive.com
referer
https://mitarbeiteroffensive.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://mitarbeiteroffensive.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 18:59:46 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://mitarbeiteroffensive.com
cache-control
no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials
true
accept-ranges
none
x-robots-tag
noindex
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
_csp
player.vimeo.com/ Frame 1EA3 		0
889 B 		Other
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/_csp
Requested by
Host: mitarbeiteroffensive.com
URL: https://mitarbeiteroffensive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Cache
MISS
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Host
player-v737-8x8vb
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
X-Served-By
cache-fra19121-FRA
X-Vimeo-DC
ge
X-Player-Backend
p
Server
nginx
X-Timer
S1632337187.602894,VS0,VE107
Date
Wed, 22 Sep 2021 18:59:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=UTF-8
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges
bytes
X-Cache-Hits
0
785227541-c771e06b937da0b4c03ce5d11ec5f20f56229bd3d3646a809faad8a519c85278-d.jpg
i.vimeocdn.com/video/ Frame 1EA3 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/785227541-c771e06b937da0b4c03ce5d11ec5f20f56229bd3d3646a809faad8a519c85278-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f75bd6d2acda41f4e6a970df70542c541bce16d891cb1471decd10250c6eceaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
241415
x-viewmaster-lossless-format
false
x-cache
miss, HIT, MISS
x-backend-server
varnish
content-length
1209
viewmaster-server
viewmaster-us-central1-h88j
x-served-by
cache-dfw18667-DFW, cache-fra19160-FRA
x-timer
S1632337187.660671,VS0,VE120
etag
c44a973d6520406ed108329879c6e1ae
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 0
player.de-DE.js
f.vimeocdn.com/p/3.41.1/js/ Frame 1EA3 		659 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.41.1/js/player.de-DE.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e38e78a75116f90a2eabaf843ed02d5ce5d5b70a1b0536ece84f97919072ad54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
via
1.1 varnish, 1.1 varnish
age
7186
x-guploader-uploadid
ADPycdu3WY_rSrgEshurey4uDObXMVBhpHJb0DxNgLQu1IdvzO3BJ_v_e-ie-o7uhCbrgVtHZ6YotXgLQ0ohQN_8oLY
x-cache
MISS, HIT
content-encoding
br
content-length
158134
x-served-by
cache-bwi5181-BWI, cache-hhn4068-HHN
last-modified
Wed, 22 Sep 2021 16:50:58 GMT
server
UploadServer
x-timer
S1632337187.659686,VS0,VE0
etag
"579919219be687b68caa7a70b8923778"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 9348
player.css
f.vimeocdn.com/p/3.41.1/css/ Frame 1EA3 		171 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.41.1/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f8bf4e08783cb6e00e31bf96b46e4aa429c72aaf8c2b8ba270c334b4a0b6b1c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
via
1.1 varnish, 1.1 varnish
age
7186
x-guploader-uploadid
ADPycdvJKeMWRD6E-iOy3G_lEDeVUY7kEAPfL2W80e7-8Yr4B6fvg22xgacC6K9qhUMzScbsPGN7f6mYkDfugFr0wjY
x-cache
MISS, HIT
content-encoding
br
content-length
18394
x-served-by
cache-bwi5167-BWI, cache-hhn4068-HHN
last-modified
Wed, 22 Sep 2021 16:50:59 GMT
server
UploadServer
x-timer
S1632337187.659334,VS0,VE0
etag
"30d43c57e6afc7ba37ce4471438fb422"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 11908
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 1EA3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:46 GMT
content-encoding
gzip
age
4797151
x-cache
HIT, HIT
content-length
1238
x-served-by
cache-bwi5172-BWI, cache-hhn4068-HHN
last-modified
Thu, 29 Jul 2021 05:38:40 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1632337187.659353,VS0,VE0
etag
"a68-5c83c83e57800-gzip"
vary
Accept-Encoding,x-http-method-override
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
expires
Sun, 27 Jul 2031 06:27:16 GMT
x-vimeo-dc
ge
x-bapp-server
assets-v949-4qvwc
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1104359
vuid
vimeo.com/ablincoln/ Frame 1EA3 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=38ba0ed935998c553e7d8af170bd51b8bc6dcc0f1632337186
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5181-BWI, cache-fra19135-FRA
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1632337187.707584,VS0,VE128
X-Frame-Options
sameorigin
Date
Wed, 22 Sep 2021 18:59:46 GMT
Vary
User-Agent
Expires
Wed, 22 Sep 2021 06:59:46 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v15085-h8s49
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
player-test-impression
fresnel.vimeocdn.com/add/ Frame 1EA3 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.41.1/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 22 Sep 2021 18:59:46 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
785227541-c771e06b937da0b4c03ce5d11ec5f20f56229bd3d3646a809faad8a519c85278-d
i.vimeocdn.com/video/ Frame 1EA3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/785227541-c771e06b937da0b4c03ce5d11ec5f20f56229bd3d3646a809faad8a519c85278-d?mw=700&mh=393
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/337940909?portrait=1&title=1&color=0069c0&byline=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f3a9e58575ec84b5d974400b45ef1da00bdcf458ba4e942049e593445ef8749

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:59:47 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
0
x-viewmaster-lossless-format
false
x-cache
miss, MISS, MISS
x-backend-server
varnish
content-length
8908
viewmaster-server
viewmaster-us-central1-2sfc
x-served-by
cache-dfw18659-DFW, cache-fra19160-FRA
x-timer
S1632337187.768756,VS0,VE1042
etag
a5e9f21acb0ce671fd2bf4cf2ed65ef0
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
0, 0
player-stats
fresnel.vimeocdn.com/add/ Frame 1EA3 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=38ba0ed935998c553e7d8af170bd51b8bc6dcc0f1632337186
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.41.1/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 22 Sep 2021 18:59:46 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| THO_Head string| gaProperty string| disableStr function| gaOptout string| GoogleAnalyticsObject function| ga object| TVE_Ult_Data object| eafl_public object| tve_frontend_options object| generatepressNavSearch object| tve_dash_front object| THO_Front object| tcb_post_lists object| TL_Const object| twemoji object| wp object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| tho_change_titles function| tho_brute_search_replace function| tho_get_title_variation function| tho_output_title function| tho_random_key function| tho_get_cookie function| tho_set_cookie string| THO_Titles object| THO_Variations undefined| __thrive_$oJ object| ThriveGlobal function| _possibleConstructorReturn function| _assertThisInitialized function| _getPrototypeOf function| _inherits function| _setPrototypeOf function| ownKeys function| _objectSpread function| _defineProperty function| _classCallCheck function| _defineProperties function| _createClass function| _typeof undefined| TVE_Dash number| tho_title_interval

4 Cookies

Domain/Path Name / Value
.mitarbeiteroffensive.com/ Name: _ga
Value: GA1.2.289543898.1632337186
.mitarbeiteroffensive.com/ Name: _gid
Value: GA1.2.1744681599.1632337186
.mitarbeiteroffensive.com/ Name: _gat
Value: 1
.vimeo.com/ Name: vuid
Value: pl711221430.1815865251

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
mitarbeiteroffensive.com
player.vimeo.com
vimeo.com
www.google-analytics.com
www.mitarbeiteroffensive.com
151.101.0.217
151.101.114.109
151.101.128.217
151.101.14.109
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::200a
34.120.202.204
85.13.157.25
1937f21a34a09e45fbaefb36a32a2dfe008c4b7284dc13edd242a028ef9e6f96
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
38ddd38c4dce3e0cd876086726bf45d1c8709aa14aa2f47b3b76963b625ae09b
3ab224bd291f4389f6f0987d6171fce6dbb6ec78b5f63e37ebdb98c06244b5c2
4eccf5a547c30003e61d930040b44a48bfeda35e82295b04f6a006bec026d23f
4f3a9e58575ec84b5d974400b45ef1da00bdcf458ba4e942049e593445ef8749
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
699f93668c10022afef0dc81b15b6256d98a5eb160cfb33d6ed24fe6671fd264
6c078cca49fe3df880596d711320cba051bdd72afaf358f1c25d6bd5e674ba34
7e106ade198d631950a8d112aac903dcd397260cd8658c450b089f2eed2ad756
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f59bcf25d9b3b1d12b1f575f8067787d71dcdb7bf6691450b6a8c9ecfeccdd1
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1b26ea60b8c07f3f32f180eada611c370507fb0588185461192c1074d5e851a
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aaac1ee6b9c6440ad1693c509e910730abc89c7f19f171d87d8a96bdbef8819c
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cd55e2f2e95d67208b0001e8ce650f79e537bb113625fa5f7d9fc2164722c734
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
dce2a45446342dcab3f5f6a08550074698985a05361eeb1c09bd739af96fdd13
e38e78a75116f90a2eabaf843ed02d5ce5d5b70a1b0536ece84f97919072ad54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75bd6d2acda41f4e6a970df70542c541bce16d891cb1471decd10250c6eceaf
f8bf4e08783cb6e00e31bf96b46e4aa429c72aaf8c2b8ba270c334b4a0b6b1c4
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62