urlscan.io logo urlscan.io
SecurityTrails logo

three-steps.de Open in urlscan Pro
85.13.164.237  Public Scan

Go To Rescan Add Verdict Report
URL: https://three-steps.de/
Submission: On January 08 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 85.13.164.237, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is three-steps.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 10th 2020. Valid for: 3 months.
This is the only time three-steps.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 85.13.164.237 34788 (NMM-AS D)
3 2a00:1450:400... 15169 (GOOGLE)
3 23.111.9.35 33438 (HIGHWINDS2)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
24 5
13    85.13.164.237 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd48936.kasserver.com
three-steps.de
3    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2190:bc00:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets5.lottiefiles.com
Domain Requested by
13 three-steps.de three-steps.de
4 fonts.gstatic.com fonts.googleapis.com
3 use.fontawesome.com three-steps.de
3 fonts.googleapis.com three-steps.de
1 assets5.lottiefiles.com three-steps.de
24 5

This site contains links to these domains. Also see Links.

Domain
www.ltdesigns.de
www.three-steps.de
Subject Issuer Validity Valid
three-steps.de
Let's Encrypt Authority X3		 2020-11-10 -
2021-02-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.lottiefiles.com
Amazon		 2020-11-25 -
2021-12-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://three-steps.de/
Frame ID: 13CB01A363F3663F60D2F728EB8899D7
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

24
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

761 kB
Transfer

2335 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
three-steps.de/ 		74 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
68d73514b0948b8878e2576748f01e2434e18ac896fc53995d3e467b9d4bdf18

Request headers

:method
GET
:authority
three-steps.de
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
server
Apache
vary
User-Agent,Accept-Encoding
last-modified
Sun, 03 Jan 2021 22:08:41 GMT
accept-ranges
bytes
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Mon, 29 Oct 1923 20:30:00 GMT
content-length
11949
content-type
text/html; charset=UTF-8
a3pn6.css
three-steps.de/wp-content/cache/wpfc-minified/q9t4npsh/ 		649 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://three-steps.de/wp-content/cache/wpfc-minified/q9t4npsh/a3pn6.css
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
94731fef9cb6a66de95a52506d54c84f9c85b48953af30f263a6d23fe440dfc9

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
br
last-modified
Sat, 02 Jan 2021 04:23:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		5 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CWork+Sans%3A600&display=fallback&ver=2.6.1
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4428fa185f7aaca8f154f1110191345eff16bc14fa1cfea98aa7dce99415b0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 23:06:05 GMT
server
ESF
date
Fri, 08 Jan 2021 23:06:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Jan 2021 23:06:05 GMT
a3pn6.css
three-steps.de/wp-content/cache/wpfc-minified/drqohe6v/ 		77 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://three-steps.de/wp-content/cache/wpfc-minified/drqohe6v/a3pn6.css
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
02887009b0380e2a6fa5283803ee525c5dd3fbf2b0a8bb64463c42f2a6fbcded

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
br
last-modified
Sat, 02 Jan 2021 04:23:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
content-length
5960
expires
max-age=A10368000, public
all.css
use.fontawesome.com/releases/v5.15.1/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

Origin
https://three-steps.de
Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 15:13:10 GMT
server
NetDNA-cache/2.2
etag
W/"b227b1617a1763c8bc056772f05482b4"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
v4-shims.css
use.fontawesome.com/releases/v5.15.1/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/css/v4-shims.css
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

Origin
https://three-steps.de
Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 15:13:13 GMT
server
NetDNA-cache/2.2
etag
W/"0a121a1f354de051316c4fff1ebd1f4d"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
css
fonts.googleapis.com/ 		43 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3829d18b15abbeee4720412a74b7ff9047ef01c1115e2000e3ef5ef74cfa8e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 21:18:59 GMT
server
ESF
date
Fri, 08 Jan 2021 23:06:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Jan 2021 23:06:05 GMT
a3pn6.js
three-steps.de/wp-content/cache/wpfc-minified/35gv82l/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://three-steps.de/wp-content/cache/wpfc-minified/35gv82l/a3pn6.js
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
629d7c21ac020452c671fe0bf6e14734759209c39d336d43438a92c186b7e96d

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
br
last-modified
Sat, 02 Jan 2021 04:23:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=10368000
accept-ranges
bytes
content-length
32910
expires
max-age=A10368000, public
pexels-andrea-piacquadio-3777572-oyufc6ox3fe4r9knljqq497e5thyhznjaytsm6y1wg.jpg
three-steps.de/wp-content/uploads/elementor/thumbs/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://three-steps.de/wp-content/uploads/elementor/thumbs/pexels-andrea-piacquadio-3777572-oyufc6ox3fe4r9knljqq497e5thyhznjaytsm6y1wg.jpg
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
0d7c76df1c2da13593b9ae4dc518f9b82d4e56d71872f5661e30fd17789f4d82

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
last-modified
Mon, 23 Nov 2020 16:18:29 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=10368000
accept-ranges
bytes
content-length
82934
expires
max-age=A10368000, public
pexels-andrea-piacquadio-3779427-oyufjad0qd44h79a4m98ygorqmhsnnuiy49v5geyw0.jpg
three-steps.de/wp-content/uploads/elementor/thumbs/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://three-steps.de/wp-content/uploads/elementor/thumbs/pexels-andrea-piacquadio-3779427-oyufjad0qd44h79a4m98ygorqmhsnnuiy49v5geyw0.jpg
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
9d6dacd881088e95b0935bb3d17f71be96b4c396a5e038ba5939c92079addaf2

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
last-modified
Mon, 23 Nov 2020 16:18:29 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=10368000
accept-ranges
bytes
content-length
64821
expires
max-age=A10368000, public
three-steps-Logo-negativ.png.webp
three-steps.de/wp-content/uploads/2020/11/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://three-steps.de/wp-content/uploads/2020/11/three-steps-Logo-negativ.png.webp
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
4dab6435d4bc3c0fd02421a5703c498ccb0f3773c6d2299e66d632c7f9020fe8

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
last-modified
Mon, 23 Nov 2020 15:39:23 GMT
server
Apache
content-type
image/webp
cache-control
max-age=10368000
accept-ranges
bytes
content-length
19994
expires
max-age=A10368000, public
a3pn6.css
three-steps.de/wp-content/cache/wpfc-minified/7c6hhup2/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://three-steps.de/wp-content/cache/wpfc-minified/7c6hhup2/a3pn6.css
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
9188b9566edfbddeeb9a51f453b2fe3182b1de660dbdad67831ecc088baf87d9

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
br
last-modified
Sat, 02 Jan 2021 04:23:02 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=10368000
accept-ranges
bytes
content-length
1312
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4bfca6230b211dd1c9be87913a639ff14a70901ca8f7d39c2402419a7e1db493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 23:06:05 GMT
server
ESF
date
Fri, 08 Jan 2021 23:06:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Jan 2021 23:06:05 GMT
autoptimize_ef9aef1d492326bd090b52e450e9cb16.js
three-steps.de/wp-content/cache/autoptimize/js/ 		826 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://three-steps.de/wp-content/cache/autoptimize/js/autoptimize_ef9aef1d492326bd090b52e450e9cb16.js
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
b3ad0d33e97bf04d7fcafb8f36ab257012a0f973fcb6c648d0127dd1c4fbadea

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
gzip
last-modified
Fri, 01 Jan 2021 14:00:58 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=10368000, public, immutable
accept-ranges
bytes
expires
max-age=A10368000, public
wp-emoji-release.min.js
three-steps.de/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://three-steps.de/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
content-encoding
br
last-modified
Tue, 10 Nov 2020 12:28:14 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=10368000
accept-ranges
bytes
content-length
4328
expires
max-age=A10368000, public
Handshake-.jpg
three-steps.de/wp-content/uploads/2020/11/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://three-steps.de/wp-content/uploads/2020/11/Handshake-.jpg
Requested by
Host: three-steps.de
URL: https://three-steps.de/wp-content/cache/wpfc-minified/drqohe6v/a3pn6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
65ecfe92a3fbf2ab533900a922ec53a320725ccf0f067255ad7c6f3edaa139f4

Request headers

Referer
https://three-steps.de/wp-content/cache/wpfc-minified/drqohe6v/a3pn6.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
last-modified
Mon, 23 Nov 2020 15:40:04 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=10368000
accept-ranges
bytes
content-length
42647
expires
max-age=A10368000, public
CTA-Shapes.png
three-steps.de/wp-content/uploads/2020/11/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://three-steps.de/wp-content/uploads/2020/11/CTA-Shapes.png
Requested by
Host: three-steps.de
URL: https://three-steps.de/wp-content/cache/wpfc-minified/drqohe6v/a3pn6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
0814023a210ee27d6284e5e379213138032a1c1aebb6047916046d61c95249fe

Request headers

Referer
https://three-steps.de/wp-content/cache/wpfc-minified/drqohe6v/a3pn6.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
cache-control
no-cache, must-revalidate, max-age=0
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
Apache
link
<https://three-steps.de/wp-json/>; rel="https://api.w.org/"
vary
User-Agent
content-type
text/html; charset=UTF-8
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CWork+Sans%3A600&display=fallback&ver=2.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://three-steps.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CWork+Sans%3A600&display=fallback&ver=2.6.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 16:12:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
111240
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Fri, 07 Jan 2022 16:12:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CWork+Sans%3A600&display=fallback&ver=2.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://three-steps.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CWork+Sans%3A600&display=fallback&ver=2.6.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 04 Jan 2021 22:21:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
348285
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 04 Jan 2022 22:21:20 GMT
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHaQQ.woff
fonts.gstatic.com/s/worksans/v8/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v8/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHaQQ.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CWork+Sans%3A600&display=fallback&ver=2.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f229dc46d73612dfc5be4180c5f219a53df055390e1ef670af5118935b25d97b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://three-steps.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CWork+Sans%3A600&display=fallback&ver=2.6.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 02:07:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:24:32 GMT
server
sffe
age
75515
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21728
x-xss-protection
0
expires
Sat, 08 Jan 2022 02:07:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://three-steps.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 15:35:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
113432
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 07 Jan 2022 15:35:33 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: three-steps.de
URL: https://three-steps.de/wp-content/cache/wpfc-minified/q9t4npsh/a3pn6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Origin
https://three-steps.de
Referer
https://three-steps.de/wp-content/cache/wpfc-minified/q9t4npsh/a3pn6.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
last-modified
Mon, 05 Oct 2020 15:14:37 GMT
server
NetDNA-cache/2.2
etag
"8e1ed89b6ccb8ce41faf5cb672677105"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
80300
three-steps-Logo-negativ-1024x690.png
three-steps.de/wp-content/uploads/2020/11/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://three-steps.de/wp-content/uploads/2020/11/three-steps-Logo-negativ-1024x690.png
Requested by
Host: three-steps.de
URL: https://three-steps.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.164.237 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd48936.kasserver.com
Software
Apache /
Resource Hash
c36c191ff2b2a89222ce7360809839fb2376bff648c902cccb7a6636abf4a3ad

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:06:05 GMT
last-modified
Mon, 23 Nov 2020 15:39:26 GMT
server
Apache
content-type
image/png
cache-control
max-age=10368000
accept-ranges
bytes
content-length
19442
expires
max-age=A10368000, public
lf20_R4riCH.json
assets5.lottiefiles.com/packages/ 		59 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets5.lottiefiles.com/packages/lf20_R4riCH.json
Requested by
Host: three-steps.de
URL: https://three-steps.de/wp-content/cache/autoptimize/js/autoptimize_ef9aef1d492326bd090b52e450e9cb16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:bc00:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6e7084ec8b93abc21c00651bb4bc02c6c5fd0262114cabce0a45fdb749dcccd

Request headers

Referer
https://three-steps.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 23:05:14 GMT
content-encoding
br
vary
Accept-Encoding,Origin
age
53
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 18 Aug 2020 00:31:57 GMT
server
AmazonS3
etag
W/"248c4b15d2210f8e07b8638d6fdb1449"
access-control-max-age
1800
access-control-allow-methods
GET
x-amz-version-id
MOxoBsqV8gT8a1U79mzTenHEEt5rM3W2
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
ZRH50-C1
content-type
application/json
x-amz-cf-id
Mvd8BpA3JVZ853typeaSs4ANge-wRGbY_AuY0gTjzhwpDDF17ZEFJg==

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| cnArgs undefined| $ function| jQuery object| preloader_plus object| astra object| ElementorProFrontendConfig object| elementorFrontendConfig object| _wpUtilSettings object| wpformsElementorVars object| twemoji object| wp function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent object| WPFormsElementorFrontend function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| bodyElement object| jQuery1124033992976423317645 object| lottie object| bodymovin object| __core-js_shared__ object| core object| elementorModules function| Sticky object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper function| ShareLink object| elementorFrontend function| _

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets5.lottiefiles.com
fonts.googleapis.com
fonts.gstatic.com
three-steps.de
use.fontawesome.com
23.111.9.35
2600:9000:2190:bc00:2:49a2:4500:93a1
2a00:1450:4001:801::2003
2a00:1450:4001:808::200a
85.13.164.237
02887009b0380e2a6fa5283803ee525c5dd3fbf2b0a8bb64463c42f2a6fbcded
0814023a210ee27d6284e5e379213138032a1c1aebb6047916046d61c95249fe
0d7c76df1c2da13593b9ae4dc518f9b82d4e56d71872f5661e30fd17789f4d82
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
3829d18b15abbeee4720412a74b7ff9047ef01c1115e2000e3ef5ef74cfa8e1e
4428fa185f7aaca8f154f1110191345eff16bc14fa1cfea98aa7dce99415b0da
4bfca6230b211dd1c9be87913a639ff14a70901ca8f7d39c2402419a7e1db493
4dab6435d4bc3c0fd02421a5703c498ccb0f3773c6d2299e66d632c7f9020fe8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
629d7c21ac020452c671fe0bf6e14734759209c39d336d43438a92c186b7e96d
65ecfe92a3fbf2ab533900a922ec53a320725ccf0f067255ad7c6f3edaa139f4
68d73514b0948b8878e2576748f01e2434e18ac896fc53995d3e467b9d4bdf18
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
9188b9566edfbddeeb9a51f453b2fe3182b1de660dbdad67831ecc088baf87d9
94731fef9cb6a66de95a52506d54c84f9c85b48953af30f263a6d23fe440dfc9
9d6dacd881088e95b0935bb3d17f71be96b4c396a5e038ba5939c92079addaf2
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b3ad0d33e97bf04d7fcafb8f36ab257012a0f973fcb6c648d0127dd1c4fbadea
c36c191ff2b2a89222ce7360809839fb2376bff648c902cccb7a6636abf4a3ad
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d6e7084ec8b93abc21c00651bb4bc02c6c5fd0262114cabce0a45fdb749dcccd
f229dc46d73612dfc5be4180c5f219a53df055390e1ef670af5118935b25d97b
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93