login.partners Open in urlscan Pro
86.109.249.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.rheinduett.de/
Effective URL:
https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login&redirect_uri=https%...
Submission: On August 13 via automatic, source certstream-suspicious (August 13th 2024, 10:43:41 pm UTC) — Scanned from DE

Summary HTTP 50 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 50 HTTP transactions. The main IP is 86.109.249.113, located in Germany and belongs to AS12348 Hermann-Glockner-Str. 7, DE. The main domain is login.partners.
TLS certificate: Issued by R11 on August 8th 2024. Valid for: 3 months.

This is the only time login.partners was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	86.109.249.113 86.109.249.113	12348 (AS12348 H...) (AS12348 Hermann-Glockner-Str. 7)
6	86.109.249.114 86.109.249.114	12348 (AS12348 H...) (AS12348 Hermann-Glockner-Str. 7)
50	3

43 86.109.249.113 (Germany)

ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE)

login.rheinduett.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matomo.mark.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.partners	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 86.109.249.114 (Germany)

ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE)

api.mark.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	rheinduett.de login.rheinduett.de	2 MB
9	mark.ee matomo.mark.ee api.mark.ee	61 KB
8	login.partners login.partners Failed	70 KB
50	3

	Domain	Requested by
32	login.rheinduett.de	login.rheinduett.de
8	login.partners	login.rheinduett.de login.partners
6	api.mark.ee	login.rheinduett.de login.partners
3	matomo.mark.ee	login.rheinduett.de login.partners matomo.mark.ee
50	4

This site contains links to these domains. Also see Links.

Domain
login.rheinduett.de
www.rheinduett.de

Subject Issuer	Validity	Valid
login.rheinduett.de R11	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.mark.ee Sectigo RSA Domain Validation Secure Server CA	`2023-11-14` - `2024-12-14`	a year	crt.sh
login.partners R11	`2024-08-08` - `2024-11-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login&redirect_uri=https%3A%2F%2Flogin.rheinduett.de%2F&state=c399f290-051b-4400-9a73-b9749dfe0539&response_mode=fragment&response_type=code&scope=openid&nonce=114f4b4e-2a33-48c1-9864-cc77f31dafff
Frame ID: 9F23FA07C1B6D0A24A2AF2DBC678C72E
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Einloggen in login_rheinduett_de

Page URL History Show full URLs

https://login.rheinduett.de/ Page URL
https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

50
Requests

98 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

2004 kB
Transfer

6055 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://login.rheinduett.de/

Search URL Search Domain Scan URL

URL: http://www.rheinduett.de/Datenschutz.html
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: http://www.rheinduett.de/impressum.html
Title: Impressum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.rheinduett.de/ Page URL
https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login&redirect_uri=https%3A%2F%2Flogin.rheinduett.de%2F&state=c399f290-051b-4400-9a73-b9749dfe0539&response_mode=fragment&response_type=code&scope=openid&nonce=114f4b4e-2a33-48c1-9864-cc77f31dafff Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
login.rheinduett.de/ 16 KB
6 KB 74ms
9ms Document
text/html 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

798e8c76eb9b72dab35090de57171a30854d85309618cf250e682cbdd314291a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 13 Aug 2024 22:43:36 GMT
etag: W/"66b216c3-3e7d"
last-modified: Tue, 06 Aug 2024 12:27:47 GMT
lcs: s1
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
server: nginx
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
x-frame-options: SAMEORIGIN

GET
H2 200 runtime.8cd37557caf56f3d.js Show response
login.rheinduett.de/ 4 KB
5 KB 11ms
10ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

980a1101d44f034da66477af491ffe2d5ad98e55c34799ff147a7025a9549cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:47 GMT
server: nginx
etag: "66b216c3-10ff"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1
accept-ranges: bytes
content-length: 4351

GET
H2 200 polyfills.12f15632be8a27ef.js Show response
login.rheinduett.de/ 44 KB
18 KB 18ms
18ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/polyfills.12f15632be8a27ef.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

9f064a3523c63bda4bba202d1d205e820f81b7a59b1e3002d58d0c48ef649ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:47 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c3-b184"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 scripts.259b342e2f06e792.js Show response
login.rheinduett.de/ 135 KB
45 KB 25ms
24ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/scripts.259b342e2f06e792.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

187f4c643ca35d2d02a6b366afe3d4a9dd355cbbbe3086013df1dd81c41a5093

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:47 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c3-21d74"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 main.5f09ab8980849302.js Show response
login.rheinduett.de/ 3 MB
1010 KB 21ms
21ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/main.5f09ab8980849302.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

050157b8559fee88176a528f94bc88f7a0eb1310b2c7b8688172f6da27db4c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:47 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c3-32082c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 styles.c8ca29f8e52e57ca.css
login.rheinduett.de/ 587 KB
123 KB 25ms
25ms Stylesheet
text/css 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/styles.c8ca29f8e52e57ca.css

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

760fbf738e96dc536ff59f10da7361e70a3f32d435c70264936337374e0525ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:47 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c3-92b99"
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 SourceSansPro-Regular.ttf.ba487c32d105d659.woff2
login.rheinduett.de/ 85 KB
85 KB 22ms
22ms Font
font/woff2 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/SourceSansPro-Regular.ttf.ba487c32d105d659.woff2

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

27c06ca531d01f12d9e28d869000985e4cf84dd0724afe578e942d44f09d19c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
etag: "66b216c2-1533c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1
accept-ranges: bytes
content-length: 86844

GET
H2 200 matomo.js Show response
matomo.mark.ee/ 66 KB
25 KB 166ms
38ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.mark.ee/matomo.js
Requested by: Host: login.rheinduett.de
URL: https://login.rheinduett.de/main.5f09ab8980849302.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash: f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

Referer: https://login.rheinduett.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Aug 2024 22:43:37 GMT
content-encoding: gzip
last-modified: Tue, 11 Jun 2024 05:40:50 GMT
server: nginx
etag: W/"6667e362-10784"
content-type: application/javascript
cache-control: max-age=3600, public
expires: Tue, 13 Aug 2024 23:43:29 GMT

GET
H2 200 config.json Show response
login.rheinduett.de/assets/ 953 B
2 KB 10ms
10ms XHR
application/json 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/assets/config.json?t=1723589016985

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/polyfills.12f15632be8a27ef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

bec84ded7b679dec4eee1b01b7e5538e7d48450b27bb812d7b21185c74ea1b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://login.rheinduett.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 13 Aug 2024 22:43:11 GMT
server: nginx
etag: "66bbe17f-3b9"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1
accept-ranges: bytes
content-length: 953

GET
H2 200 config.json Show response
login.rheinduett.de/assets/ 953 B
2 KB 10ms
10ms XHR
application/json 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/assets/config.json?t=1723589016987

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/polyfills.12f15632be8a27ef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

bec84ded7b679dec4eee1b01b7e5538e7d48450b27bb812d7b21185c74ea1b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://login.rheinduett.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:36 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 13 Aug 2024 22:43:11 GMT
server: nginx
etag: "66bbe17f-3b9"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1
accept-ranges: bytes
content-length: 953

OPTIONS
H2 200 profile
api.mark.ee/api/v5/user/ 0
0 215ms
10ms Preflight 86.109.249.114
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mark.ee/api/v5/user/profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.114 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://login.rheinduett.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: OPTIONS, POST, PUT, GET, DELETE GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://login.rheinduett.de
content-length: 0
date: Tue, 13 Aug 2024 22:43:37 GMT
server: nginx

OPTIONS
H2 200 emailConsent
api.mark.ee/api/userManagement/user/ 0
0 215ms
11ms Preflight 86.109.249.114
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mark.ee/api/userManagement/user/emailConsent
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.114 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://login.rheinduett.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: OPTIONS, POST, PUT, GET, DELETE GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://login.rheinduett.de
content-length: 0
date: Tue, 13 Aug 2024 22:43:37 GMT
server: nginx

GET
H2 200 colors.css
login.rheinduett.de/assets/css/ 0
595 B 11ms
10ms Stylesheet
text/css 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/assets/css/colors.css

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/main.5f09ab8980849302.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
etag: "66b216c2-0"
x-frame-options: SAMEORIGIN
content-type: text/css
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1
accept-ranges: bytes
content-length: 0

GET
H2 200 27.851199b933105b4f.js Show response
login.rheinduett.de/ 37 KB
12 KB 12ms
11ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/27.851199b933105b4f.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

1ec0aed5484851ab63a9109372344f5d68872409c67dbdcaaf9be41a9db6449e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-93ac"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 common.57d2081b47713845.js Show response
login.rheinduett.de/ 25 KB
10 KB 13ms
13ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/common.57d2081b47713845.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

8b4badba8a7baa082758729eec3ab1d425e1dff16b4e6d974b6278cf6a9408ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:47 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c3-63a1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 841.22721e57d38fb4f6.js Show response
login.rheinduett.de/ 44 KB
14 KB 15ms
15ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/841.22721e57d38fb4f6.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

fa5fddac755c0ca1cf081445368ca5a5652200dd2afd325cdcce42de926eef3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-aeca"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 401 profile
api.mark.ee/api/v5/user/ 54 B
354 B 18ms
17ms XHR
application/json 86.109.249.114
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mark.ee/api/v5/user/profile
Requested by: Host: login.rheinduett.de
URL: https://login.rheinduett.de/polyfills.12f15632be8a27ef.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.114 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://login.rheinduett.de/
Authorization: Basic OnVuZGVmaW5lZA==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://login.rheinduett.de
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 54

GET
H2 200 emailConsent
api.mark.ee/api/userManagement/user/ 17 B
313 B 18ms
18ms XHR
application/json 86.109.249.114
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mark.ee/api/userManagement/user/emailConsent
Requested by: Host: login.rheinduett.de
URL: https://login.rheinduett.de/polyfills.12f15632be8a27ef.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.114 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://login.rheinduett.de/
Authorization: Basic OnVuZGVmaW5lZA==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://login.rheinduett.de
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 17

GET
H2 200 en.json Show response
login.rheinduett.de/assets/i18n/agency/ 120 KB
121 KB 10ms
10ms XHR
application/json 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/assets/i18n/agency/en.json

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/polyfills.12f15632be8a27ef.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

22f0732d9db6a80a74c79937d7eacb186e26044899a86894fadb15b0a7dbecef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.rheinduett.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 13 Aug 2024 11:43:17 GMT
server: nginx
etag: "66bb46d5-1e0af"
x-frame-options: SAMEORIGIN
content-type: application/json
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1
accept-ranges: bytes
content-length: 123055

GET
H2 200 324.495af6ed4353cf5f.js Show response
login.rheinduett.de/ 22 KB
7 KB 14ms
13ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/324.495af6ed4353cf5f.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

07c0114499bf35527147b4a170fcd0a9172e446ab9d8fc0b53df7757286ff6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-5680"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 552.4e52793b09ed2c01.js Show response
login.rheinduett.de/ 10 KB
4 KB 14ms
10ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/552.4e52793b09ed2c01.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

f91495552275d9db2b19babd399e43e4c339e992882214171a75fa85a8be1470

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-29fd"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 942.b146e04246997604.js Show response
login.rheinduett.de/ 11 KB
4 KB 15ms
12ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/942.b146e04246997604.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

b4bf34ce893d2aa4ac5b61704e1b61017e16205902178b2e1be95fc718788db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-2ad1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 338.8a452c555c200ede.js Show response
login.rheinduett.de/ 44 KB
17 KB 18ms
15ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/338.8a452c555c200ede.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

ba4fe405288c81a4d1563a3dfa116d589c906928d670a9a5875d9c63f92107ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-b16d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 306.be5716dd89444f87.js Show response
login.rheinduett.de/ 13 KB
5 KB 18ms
15ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/306.be5716dd89444f87.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

a67852c02891e6b18f979b8bf76e83163e4ab58affd8c6121c7981644809f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-338f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 319.94fce37e69e2f91a.js Show response
login.rheinduett.de/ 57 KB
17 KB 21ms
18ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/319.94fce37e69e2f91a.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

8278e578ac6fc9ab8a8297962cc5c9bde6e8c36c355dfcc71536083c58ca938a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-e221"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 223.2831c5811fe40245.js Show response
login.rheinduett.de/ 23 KB
7 KB 21ms
18ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/223.2831c5811fe40245.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

ab6dda0f698047313aaeaabb4f36eb74ad55cac19db972f2863d2e7e452faa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-5b82"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 6.d32f8d4e9f8e3901.js Show response
login.rheinduett.de/ 30 KB
10 KB 22ms
19ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/6.d32f8d4e9f8e3901.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

f811b028e0bb6660f5024121bd7d9c32d069b62a7c685294339ad284789e4685

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-77cb"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 501.22777a1ade8ec8b7.js Show response
login.rheinduett.de/ 16 KB
6 KB 24ms
21ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/501.22777a1ade8ec8b7.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

162d56c37212688419dfce05d58a1b4c81885369d7fe6f1fa97f41b5a3359e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-3e2f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 971.f8ce3274334cd450.js Show response
login.rheinduett.de/ 210 KB
65 KB 25ms
22ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/971.f8ce3274334cd450.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

ba3bd492d0b3b79b1c99aa589cec1e9c4ec1e9601c52f63bba50f16ef784fca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-3466b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 258.e2117577ac0ba016.js Show response
login.rheinduett.de/ 135 KB
38 KB 28ms
26ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/258.e2117577ac0ba016.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

12bd0f1e06846970cf15cb8f443bf446ec7946b521b1984f8ff306252c87fb69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-21dcb"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 239.876b8f1e93892d9a.js Show response
login.rheinduett.de/ 72 KB
22 KB 31ms
29ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/239.876b8f1e93892d9a.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

743adab80df958d243002614d8349e4c81efce267ed0b28f969ee096fa613cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-12036"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 72.7e052b3b63a458a1.js Show response
login.rheinduett.de/ 31 KB
13 KB 32ms
30ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/72.7e052b3b63a458a1.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

733e36dd1ea69a64b79e4bd1e9881b3a24f14ab47ae37d6bac8c8e330f1cfc8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-7a74"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 948.af862e69607d8621.js Show response
login.rheinduett.de/ 25 KB
9 KB 32ms
30ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/948.af862e69607d8621.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

608a576995c6b5ec4512f737cfdbc9e12a8d50f988f44988ae6599009779abda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-6241"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 168.8b6230d1acc1b932.js Show response
login.rheinduett.de/ 13 KB
7 KB 32ms
31ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/168.8b6230d1acc1b932.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

b392cc678973be9fd887adec9a4e3c04ea96576a441e74404bdf19763a878c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-34b5"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 422.2307527f2f9435c5.js Show response
login.rheinduett.de/ 539 KB
141 KB 34ms
33ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/422.2307527f2f9435c5.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

376956839d3af00d1aa217a20dbe1452cef60ac469777ce46168dfbb2659c1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-86cb6"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 757.ab656fadfafea6d5.js Show response
login.rheinduett.de/ 63 KB
19 KB 42ms
41ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/757.ab656fadfafea6d5.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

ef29e9e3e30076653cd81521580727cb155bb9dae8b1ccea28ce3f28b456c80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-fa45"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET
H2 200 730.f52a02e14e4b8993.js Show response
login.rheinduett.de/ 92 KB
31 KB 43ms
42ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.rheinduett.de/730.f52a02e14e4b8993.js

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/runtime.8cd37557caf56f3d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

da93c2aac3c1edf34975f851af173edf6c218d1f255c5f168cf30460be216f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login.rheinduett.de/
Origin: https://login.rheinduett.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=15552000
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 06 Aug 2024 12:27:46 GMT
server: nginx
content-encoding: gzip
etag: W/"66b216c2-16ecc"
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: accelerometer=*, ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), web-share=(), xr-spatial-tracking=()
lcs: s1

GET auth
login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/ 0
0

GET
H2 200 Primary Request auth Show response
login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/ 13 KB
5 KB 34ms
34ms Document
text/html 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login&redirect_uri=https%3A%2F%2Flogin.rheinduett.de%2F&state=c399f290-051b-4400-9a73-b9749dfe0539&response_mode=fragment&response_type=code&scope=openid&nonce=114f4b4e-2a33-48c1-9864-cc77f31dafff

Requested by

Host: login.rheinduett.de
URL: https://login.rheinduett.de/main.5f09ab8980849302.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

daa05065ac53e2f0cee3dcdedfa8bdfbd38027f6cc69223b1e05c248d459abab

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.rheinduett.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-encoding: gzip
content-language: de
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Tue, 13 Aug 2024 22:43:37 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 styles_1.0.3.css
login.partners/auth/resources/sej16/login/markie/css/ 99 KB
19 KB 24ms
22ms Stylesheet
text/css 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/resources/sej16/login/markie/css/styles_1.0.3.css

Requested by

Host: login.partners
URL: https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login&redirect_uri=https%3A%2F%2Flogin.rheinduett.de%2F&state=c399f290-051b-4400-9a73-b9749dfe0539&response_mode=fragment&response_type=code&scope=openid&nonce=114f4b4e-2a33-48c1-9864-cc77f31dafff

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

6680e26ee9467a4fc8b9156fa026c7f1ef6213d184fa3335bfec3cd210355105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
server: nginx
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 200 validateform_1.0.1.js Show response
login.partners/auth/resources/sej16/login/markie/js/ 5 KB
5 KB 23ms
21ms Script
text/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/resources/sej16/login/markie/js/validateform_1.0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

8085643a231b368d5eee74cb67b99113279263f9ebaac568efb34500cc31a55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
content-length: 4995
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
login.partners/auth/resources/sej16/login/markie/js/ 718 B
930 B 23ms
22ms Script
text/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/resources/sej16/login/markie/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

a45925e3b77a5cd10ee110306c29ff915e3aa5179ed5a2f6da121d476874bda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
content-length: 718
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.bundle.min.js Show response
login.partners/auth/resources/sej16/login/markie/js/ 79 KB
27 KB 32ms
31ms Script
text/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/resources/sej16/login/markie/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 200 archivo_font.css
login.partners/auth/resources/sej16/login/markie/fonts/ 990 B
1 KB 32ms
31ms Stylesheet
text/css 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/resources/sej16/login/markie/fonts/archivo_font.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

20b05d5996138bd01924a1dbb08bc988f10c1b9354fbe752ae4565e95d09dbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
content-type: text/css;charset=UTF-8
cache-control: no-cache
content-length: 990
x-xss-protection: 1; mode=block

GET
H2 200 roboto_font.css
login.partners/auth/resources/sej16/login/markie/fonts/ 361 B
568 B 12ms
10ms Stylesheet
text/css 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/resources/sej16/login/markie/fonts/roboto_font.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

2a00c4685c0beb333772d296345e960fe29aced6fe0de64c3a917f2c5bb0292e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
content-type: text/css;charset=UTF-8
cache-control: no-cache
content-length: 361
x-xss-protection: 1; mode=block

GET
H2 200 ca2d306058d3109249bab946f78ff8ddb1ad2f0db325851644ef5ebc1d1696e0.png
api.mark.ee/imgs/ 8 KB
8 KB 57ms
17ms Image
image/png 86.109.249.114
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.mark.ee/imgs/ca2d306058d3109249bab946f78ff8ddb1ad2f0db325851644ef5ebc1d1696e0.png
Requested by: Host: login.partners
URL: https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login&redirect_uri=https%3A%2F%2Flogin.rheinduett.de%2F&state=c399f290-051b-4400-9a73-b9749dfe0539&response_mode=fragment&response_type=code&scope=openid&nonce=114f4b4e-2a33-48c1-9864-cc77f31dafff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.114 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash: b31199ebef6077f0a185ab3aace80b45d1ff3732e775f49ffaab9a25e5a3d7e1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
last-modified: Thu, 18 Jun 2020 08:52:38 GMT
server: nginx
etag: "5eeb2b56-2058"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8280

GET
H2 200 matomo.js Show response
matomo.mark.ee/ 66 KB
25 KB 57ms
18ms Script
application/javascript 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.mark.ee/matomo.js
Requested by: Host: login.partners
URL: https://login.partners/auth/resources/sej16/login/markie/js/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash: f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Tue, 13 Aug 2024 22:43:37 GMT
content-encoding: gzip
last-modified: Tue, 11 Jun 2024 05:40:50 GMT
server: nginx
etag: W/"6667e362-10784"
content-type: application/javascript
cache-control: max-age=3600, public
expires: Tue, 13 Aug 2024 23:43:29 GMT

GET
H2 200 Archivo_latin.woff2
login.partners/auth/resources/sej16/login/markie/fonts/ 12 KB
13 KB 13ms
12ms Font
application/octet-stream 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.partners/auth/resources/sej16/login/markie/fonts/Archivo_latin.woff2

Requested by

Host: login.partners
URL: https://login.partners/auth/resources/sej16/login/markie/fonts/archivo_font.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx /

Resource Hash

4a51d0cc55c0249dce902d672a4a349a25c924afa661324b3981350917645a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://login.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
content-type: application/octet-stream
cache-control: no-cache
content-length: 12584
x-xss-protection: 1; mode=block

POST
H2 204 matomo.php
matomo.mark.ee/ 0
212 B 406ms
405ms Ping
text/plain 86.109.249.113
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo.mark.ee/matomo.php?action_name=Einloggen%20in%20login_rheinduett_de&idsite=1&rec=1&r=934634&h=0&m=43&s=37&url=https%3A%2F%2Flogin.partners%2Fauth%2Frealms%2Flogin_rheinduett_de%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Flogin.rheinduett.de%2F%26state%3Dc399f290-051b-4400-9a73-b9749dfe0539%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3D114f4b4e-2a33-48c1-9864-cc77f31dafff&urlref=https%3A%2F%2Flogin.rheinduett.de%2F&_id=7d336947677ddb14&_idn=1&send_image=0&_refts=1723589017&_ref=https%3A%2F%2Flogin.rheinduett.de%2F&pv_id=GRpMCR&pf_net=0&pf_srv=34&pf_tfr=2&pf_dm1=51&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: matomo.mark.ee
URL: https://matomo.mark.ee/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

86.109.249.113 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),

Reverse DNS

Software

nginx / PHP/7.2.24

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
referrer-policy: origin
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.2.24
x-frame-options: DENY
access-control-allow-origin: https://login.partners
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 a716f1a6af8200af0dcbc84bae01d5bd40841dd4fc00b02d911aa4a4d7df5806.png
api.mark.ee/imgs/ 1 KB
2 KB 15ms
14ms Other
image/png 86.109.249.114
AS12348 Hermann-G...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mark.ee/imgs/a716f1a6af8200af0dcbc84bae01d5bd40841dd4fc00b02d911aa4a4d7df5806.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 86.109.249.114 , Germany, ASN12348 (AS12348 Hermann-Glockner-Str. 7, DE),
Reverse DNS
Software: nginx /
Resource Hash: b56178a4df0e6f4c4356bfbd41bbf7e96b072be89831191bb5024a424cc0a0ed

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 22:43:37 GMT
last-modified: Thu, 18 Jun 2020 08:53:18 GMT
server: nginx
etag: "5eeb2b7e-55e"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1374

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.partners
URL: https://login.partners/auth/realms/login_rheinduett_de/protocol/openid-connect/auth?client_id=login&redirect_uri=https%3A%2F%2Flogin.rheinduett.de%2F&state=3739ea81-9aad-4eb6-bd5f-388b0be1a392&response_mode=fragment&response_type=code&scope=openid&nonce=050c189f-ee7b-4947-84de-e2172b3b1bc2

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.partners/auth/realms/login_rheinduett_de/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 75e6103e-8766-4369-8ba7-f512cb89f238.ui1
login.partners/auth/realms/login_rheinduett_de/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 75e6103e-8766-4369-8ba7-f512cb89f238.ui1
login.partners/auth/realms/login_rheinduett_de/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlNWFmYTI1Mi0wOWQ2LTQwYjgtYWMwOC0wMGZiNWM2ODBlY2IifQ.eyJjaWQiOiJsb2dpbiIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vbG9naW4ucmhlaW5kdWV0dC5kZS8iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8vbG9naW4ucGFydG5lcnMvYXV0aC9yZWFsbXMvbG9naW5fcmhlaW5kdWV0dF9kZSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9sb2dpbi5yaGVpbmR1ZXR0LmRlLyIsInN0YXRlIjoiYzM5OWYyOTAtMDUxYi00NDAwLTlhNzMtYjk3NDlkZmUwNTM5Iiwibm9uY2UiOiIxMTRmNGI0ZS0yYTMzLTQ4YzEtOTg2NC1jYzc3ZjMxZGFmZmYiLCJyZXNwb25zZV9tb2RlIjoiZnJhZ21lbnQifX0.VjPPcgYwbo2YjMvFUzwRnFitGDjsMWt_L2rqd9nFSgY
login.partners/	1970-01-21 03:09:17	Name: _pk_ref.1.4858 Value: %5B%22%22%2C%22%22%2C1723589017%2C%22https%3A%2F%2Flogin.rheinduett.de%2F%22%5D
login.partners/	1970-01-21 08:12:24	Name: _pk_id.1.4858 Value: 7d336947677ddb14.1723589017.
login.partners/	1970-01-20 22:46:30	Name: _pk_ses.1.4858 Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
violation	error	URL: https://login.rheinduett.de/main.5f09ab8980849302.js Message: Permissions policy violation: picture-in-picture is not allowed in this document.
network	error	URL: https://api.mark.ee/api/v5/user/profile Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mark.ee
login.partners
login.rheinduett.de
matomo.mark.ee
login.partners
86.109.249.113
86.109.249.114
050157b8559fee88176a528f94bc88f7a0eb1310b2c7b8688172f6da27db4c75
05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7
07c0114499bf35527147b4a170fcd0a9172e446ab9d8fc0b53df7757286ff6c7
12bd0f1e06846970cf15cb8f443bf446ec7946b521b1984f8ff306252c87fb69
162d56c37212688419dfce05d58a1b4c81885369d7fe6f1fa97f41b5a3359e7b
187f4c643ca35d2d02a6b366afe3d4a9dd355cbbbe3086013df1dd81c41a5093
1ec0aed5484851ab63a9109372344f5d68872409c67dbdcaaf9be41a9db6449e
20b05d5996138bd01924a1dbb08bc988f10c1b9354fbe752ae4565e95d09dbee
22f0732d9db6a80a74c79937d7eacb186e26044899a86894fadb15b0a7dbecef
27c06ca531d01f12d9e28d869000985e4cf84dd0724afe578e942d44f09d19c2
2a00c4685c0beb333772d296345e960fe29aced6fe0de64c3a917f2c5bb0292e
376956839d3af00d1aa217a20dbe1452cef60ac469777ce46168dfbb2659c1db
4a51d0cc55c0249dce902d672a4a349a25c924afa661324b3981350917645a4c
608a576995c6b5ec4512f737cfdbc9e12a8d50f988f44988ae6599009779abda
6680e26ee9467a4fc8b9156fa026c7f1ef6213d184fa3335bfec3cd210355105
733e36dd1ea69a64b79e4bd1e9881b3a24f14ab47ae37d6bac8c8e330f1cfc8e
743adab80df958d243002614d8349e4c81efce267ed0b28f969ee096fa613cde
760fbf738e96dc536ff59f10da7361e70a3f32d435c70264936337374e0525ab
798e8c76eb9b72dab35090de57171a30854d85309618cf250e682cbdd314291a
8085643a231b368d5eee74cb67b99113279263f9ebaac568efb34500cc31a55a
8278e578ac6fc9ab8a8297962cc5c9bde6e8c36c355dfcc71536083c58ca938a
8b4badba8a7baa082758729eec3ab1d425e1dff16b4e6d974b6278cf6a9408ce
980a1101d44f034da66477af491ffe2d5ad98e55c34799ff147a7025a9549cb2
9f064a3523c63bda4bba202d1d205e820f81b7a59b1e3002d58d0c48ef649ce6
a45925e3b77a5cd10ee110306c29ff915e3aa5179ed5a2f6da121d476874bda7
a67852c02891e6b18f979b8bf76e83163e4ab58affd8c6121c7981644809f0ee
ab6dda0f698047313aaeaabb4f36eb74ad55cac19db972f2863d2e7e452faa66
b31199ebef6077f0a185ab3aace80b45d1ff3732e775f49ffaab9a25e5a3d7e1
b392cc678973be9fd887adec9a4e3c04ea96576a441e74404bdf19763a878c1e
b4bf34ce893d2aa4ac5b61704e1b61017e16205902178b2e1be95fc718788db6
b56178a4df0e6f4c4356bfbd41bbf7e96b072be89831191bb5024a424cc0a0ed
ba3bd492d0b3b79b1c99aa589cec1e9c4ec1e9601c52f63bba50f16ef784fca9
ba4fe405288c81a4d1563a3dfa116d589c906928d670a9a5875d9c63f92107ae
bec84ded7b679dec4eee1b01b7e5538e7d48450b27bb812d7b21185c74ea1b7b
da93c2aac3c1edf34975f851af173edf6c218d1f255c5f168cf30460be216f89
daa05065ac53e2f0cee3dcdedfa8bdfbd38027f6cc69223b1e05c248d459abab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef29e9e3e30076653cd81521580727cb155bb9dae8b1ccea28ce3f28b456c80d
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f811b028e0bb6660f5024121bd7d9c32d069b62a7c685294339ad284789e4685
f91495552275d9db2b19babd399e43e4c339e992882214171a75fa85a8be1470
fa5fddac755c0ca1cf081445368ca5a5652200dd2afd325cdcce42de926eef3a

login.partners Open in urlscan Pro 86.109.249.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

2004 kBTransfer

6055 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.partners Open in urlscan Pro
86.109.249.113 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

2004 kB
Transfer

6055 kB
Size

6
Cookies

50 HTTP transactions
0 data transactions