anfrage.balance-digital-agentur.de Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

URL: https://anfrage.balance-digital-agentur.de/
Submission: On December 06 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is anfrage.balance-digital-agentur.de.
TLS certificate: Issued by WR1 on November 29th 2024. Valid for: 3 months.
This is the only time anfrage.balance-digital-agentur.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
17 34.54.43.41 396982 (GOOGLE-CL...)
2 157.240.0.6 32934 (FACEBOOK)
1 188.114.97.3 13335 (CLOUDFLAR...)
2 157.240.0.35 32934 (FACEBOOK)
28 6
Apex Domain
Subdomains
Transfer
17 heyflow.com
assets.prd.heyflow.com — Cisco Umbrella Rank: 284021
api.prd.heyflow.com — Cisco Umbrella Rank: 358644
functions.prd.heyflow.com — Cisco Umbrella Rank: 434807
197 KB
4 heyflow.cloud
fonts.heyflow.cloud — Cisco Umbrella Rank: 329651
20 KB
4 balance-digital-agentur.de
anfrage.balance-digital-agentur.de
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
28 5
Domain Requested by
9 assets.prd.heyflow.com anfrage.balance-digital-agentur.de
5 api.prd.heyflow.com assets.prd.heyflow.com
4 fonts.heyflow.cloud anfrage.balance-digital-agentur.de
fonts.heyflow.cloud
4 anfrage.balance-digital-agentur.de 1 redirects anfrage.balance-digital-agentur.de
3 functions.prd.heyflow.com assets.prd.heyflow.com
2 www.facebook.com
2 connect.facebook.net anfrage.balance-digital-agentur.de
connect.facebook.net
28 7

This site contains links to these domains. Also see Links.

Domain
modulhaus-vergleich.de
balancewebdesign.de
Subject Issuer Validity Valid
anfrage.balance-digital-agentur.de
WR1
2024-11-29 -
2025-02-27
3 months crt.sh
heyflow.cloud
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
prd.heyflow.com
WR3
2024-10-31 -
2025-01-29
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-14 -
2024-12-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://anfrage.balance-digital-agentur.de/
Frame ID: A4CFCAEADA650BAE4C6E6DC282209E41
Requests: 24 HTTP requests in this frame

Frame: https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: D583CEFE3ABAE7534E046BB9A0C41747
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

PV Hersteller

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

28
Requests

96 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

313 kB
Transfer

1050 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
anfrage.balance-digital-agentur.de/
115 KB
15 KB
Document
General
Full URL
https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4c91022e70e51a5580e11f246520a574f7e49397e75b55ceb7b0bc578910fbd5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8eddbbf8cf66dbab-FRA
content-encoding
zstd
content-type
text/html
date
Fri, 06 Dec 2024 16:43:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DaSxes%2Bj6II9Mtq2P6PHxMf8%2Fz%2FXX5%2BL7KNgQAZTMC8YK%2BY9%2FWFBlOrgP1FvCBGZLkcWKyQJQEyuC7HD2BPoPUFo4uaC0e9%2BLH31txFfVZsZdMMmCwufHyBNEbW8ccRfGBbZYTR22tNPW26AhEicNjOY%2Bf%2BlmHpDpL4m4O3WmECd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=6140&min_rtt=5959&rtt_var=638&sent=10&recv=13&lost=0&retrans=0&sent_bytes=5894&recv_bytes=2413&delivery_rate=1024162&cwnd=236&unsent_bytes=0&cid=ec9044be3a285f18&ts=149&x=0"
vary
Accept-Encoding
via
1.1 google
x-powered-by
Express
icon
fonts.heyflow.cloud/
571 B
1 KB
Stylesheet
General
Full URL
https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
576c1351daf92605ba75c2a792fef1d3f7be38d582e885597a49a67086202d94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

content-encoding
br
cf-cache-status
HIT
age
456973
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoC2Hy3FcLX8i1e0b5zujrnf0gPw7sHrWhZWLyRPsM0XP%2FDUcpn5FhjkEGavRHRo91wcsMMzT3eOZnBb70s2VSO9TzE%2BvlLxJHHCcDn4m6MOOkEOA8u0znIMSoIymjSjLenSmJJG1Wx76owBTJAd%2BdU%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=7236&min_rtt=6092&rtt_var=2157&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4001&recv_bytes=2372&delivery_rate=635576&cwnd=250&unsent_bytes=0&cid=7c5929b31438c4c0&ts=35&x=0"
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 01 Dec 2024 09:47:07 GMT
vary
Accept-Encoding
x-cloud-trace-context
348d44135869ca57700a49e7e2887225
cache-control
private, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eddbbf9f849923b-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
css
fonts.heyflow.cloud/
40 KB
2 KB
Stylesheet
General
Full URL
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Poppins:300,400,500,600,700,800&display=swap
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
112ee03813042088cbade07d9a547a148b035d27f62c4fe70d6becbf017f26d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

content-encoding
br
cf-cache-status
HIT
age
10417
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a3hbkVCH5DvQ64zPB2lH5XOOq8y%2FqRYPEfxORyv53bQrL8%2Fy40eEvnKZgCB%2BUdqStonyA0uG2h0CCrH5%2FSp3xaszrNgIrPwsRzKuxF5IdRrMA6PcuUH5zY2eBf5eWFh6NtQdy4vwOS%2B4qdIbN3SLEs0%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=7236&min_rtt=6092&rtt_var=2157&sent=10&recv=12&lost=0&retrans=0&sent_bytes=5113&recv_bytes=2372&delivery_rate=635576&cwnd=250&unsent_bytes=0&cid=7c5929b31438c4c0&ts=37&x=0"
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 06 Dec 2024 13:49:43 GMT
vary
Accept-Encoding
x-cloud-trace-context
98c438e8f59a095db9a54978353c4f11
cache-control
private, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eddbbf9f84a923b-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
flow-9kM_UL87.css
assets.prd.heyflow.com/flows/pv-hersteller/www/dist/
184 KB
28 KB
Stylesheet
General
Full URL
https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/flow-9kM_UL87.css
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d166118addb28b747fcac27d76b4bda7cedc094b9845d88d85f546a12d2495da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=y997Bg==, md5=r3JhdXXYW+9+Yj2LQjTj2A==
etag
"af72617575d85bef7e623d8b4234e3d8"
x-goog-stored-content-encoding
gzip
expires
Mon, 01 Dec 2025 16:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
27986
date
Fri, 06 Dec 2024 16:43:20 GMT
last-modified
Mon, 02 Dec 2024 19:01:49 GMT
vary
Accept-Encoding
content-type
text/css
x-guploader-uploadid
AFiumC44PxeZJ2HryTKnmPjaSkAfZazAPu923N9M5ThpFVcmH6tYzqQlt4Sms6_YHIG0c4T7cII
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733166109582448
content-length
27986
server
UploadServer
commonjshelpers.chunk-DMCfYbel.js
assets.prd.heyflow.com/flows/pv-hersteller/www/dist/
781 B
646 B
Script
General
Full URL
https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/commonjshelpers.chunk-DMCfYbel.js
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a875c30b4606ced3dcf75f3e1d3b756306dd7f17e273189efe64841c3223c652

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anfrage.balance-digital-agentur.de
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=tTQOhA==, md5=VjQbIp52CzDzGQWr9/8jyg==
etag
"56341b229e760b30f31905abf7ff23ca"
x-goog-stored-content-encoding
gzip
expires
Mon, 01 Dec 2025 16:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
431
date
Fri, 06 Dec 2024 16:43:20 GMT
last-modified
Mon, 02 Dec 2024 19:01:49 GMT
vary
Accept-Encoding
content-type
application/javascript
x-guploader-uploadid
AFiumC5GwlSfB_03Eu-bVELklEb0-NdJ_o2fDZHbY1DjXtavBS3KSA8kMLqeBCDAgtMAl1W6xFA
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733166109576419
content-length
431
server
UploadServer
app-BHqbSfqK.js
assets.prd.heyflow.com/flows/pv-hersteller/www/dist/
281 KB
96 KB
Script
General
Full URL
https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/app-BHqbSfqK.js
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ac898cb884429535eeb0216d0ac1ba584151a7912feacf55d000a3a0c5a3eae3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anfrage.balance-digital-agentur.de
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=YdZNeA==, md5=h1sJIlG5uK6YGJpXKNrbBA==
etag
"875b092251b9b8ae98189a5728dadb04"
x-goog-stored-content-encoding
gzip
expires
Mon, 01 Dec 2025 16:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
97812
date
Fri, 06 Dec 2024 16:43:20 GMT
last-modified
Mon, 02 Dec 2024 19:01:49 GMT
vary
Accept-Encoding
content-type
application/javascript
x-guploader-uploadid
AFiumC68tnZ3JsuayXP-1tGfdfzwka8fixdW5o0bUU4LCmofukF7DZJTtRw2fz4Lvcdnhrr8xgg
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733166109613232
content-length
97812
server
UploadServer
original.avif
assets.prd.heyflow.com/flows/pv-hersteller/www/assets/67d7c6d1-cc5e-41c7-88ca-233de1f2943e/
16 KB
16 KB
Image
General
Full URL
https://assets.prd.heyflow.com/flows/pv-hersteller/www/assets/67d7c6d1-cc5e-41c7-88ca-233de1f2943e/original.avif
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
68bf250569e9052d672b39aed78417c6517e4bf2a8489f7d9087dd5c363e0beb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=Si8RoQ==, md5=z4GKQnAlyDW62NlwPPE4wA==
etag
"cf818a427025c835bad8d9703cf138c0"
x-goog-stored-content-encoding
gzip
expires
Mon, 01 Dec 2025 16:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
16563
date
Fri, 06 Dec 2024 16:43:20 GMT
last-modified
Fri, 29 Nov 2024 21:40:41 GMT
content-type
image/avif
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5hVGEtWBfvzTUjU6g1eIyQ2UBdjpe_Q9AP1DnXrdSFGyn6lXa0HSLAZrN6mDkr2fnwfIo
x-goog-meta-originalfilename
marlon19988 (1) (2).png
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
access-control-allow-origin
*
x-goog-generation
1732916441425511
content-length
16563
server
UploadServer
original.avif
assets.prd.heyflow.com/flows/pv-hersteller/www/assets/d9f4c55f-88d7-459c-90dd-7b2091cff0e8/
6 KB
6 KB
Image
General
Full URL
https://assets.prd.heyflow.com/flows/pv-hersteller/www/assets/d9f4c55f-88d7-459c-90dd-7b2091cff0e8/original.avif
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
41e6ea48dfec02d3afeab147ca84c1a98b08addb735406094d6022ae505b15d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=Wg5t1A==, md5=+RP4butgzNkXeOAP+kJ1Gg==
etag
"f913f86eeb60ccd91778e00ffa42751a"
x-goog-stored-content-encoding
gzip
expires
Mon, 01 Dec 2025 16:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6140
date
Fri, 06 Dec 2024 16:43:20 GMT
last-modified
Sat, 16 Nov 2024 19:42:40 GMT
content-type
image/avif
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4onnhgWiWJyNwPq-nqK6adrzcPiMHy2iMb2gOotzcqdWUC9K247LKTjkg1tbnlghQ30Fk
x-goog-meta-originalfilename
The pictures are not ready yet and neither are the texts. Start now and use placeholders. I'll send you everything tomorrow (1).jpg
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
access-control-allow-origin
*
x-goog-generation
1731786160585644
content-length
6140
server
UploadServer
original.avif
assets.prd.heyflow.com/flows/pv-hersteller/www/assets/71eb739c-34f8-42d1-8617-e84ba34c7753/
3 KB
3 KB
Image
General
Full URL
https://assets.prd.heyflow.com/flows/pv-hersteller/www/assets/71eb739c-34f8-42d1-8617-e84ba34c7753/original.avif
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f25034cc2af9d439372f3f86f6d127bbb28d6dc8729264bc4c5ee045e73e460a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=4On11A==, md5=crCT0hzLZiokUy4e0LB92w==
etag
"72b093d21ccb662a24532e1ed0b07ddb"
x-goog-stored-content-encoding
gzip
expires
Mon, 01 Dec 2025 16:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2608
date
Fri, 06 Dec 2024 16:43:20 GMT
last-modified
Sat, 16 Nov 2024 19:42:40 GMT
content-type
image/avif
vary
Accept-Encoding
x-guploader-uploadid
AFiumC51IR-96XMsYrIf3kX9alktlGG9t_jP5jjECz2FL93aELbx3Vx2KR_jvjjlkZFR2UUlwGc
x-goog-meta-originalfilename
The pictures are not ready yet and neither are the texts. Start now and use placeholders. I'll send you everything tomorrow (2).jpg
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
access-control-allow-origin
*
x-goog-generation
1731786160337897
content-length
2608
server
UploadServer
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LMy91dZK' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 06 Dec 2024 16:43:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LMy91dZK' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4422, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
fUn1UYDyYgKEPJw+RtihYXk7Db8j2tgHvYsSYkY0zSw5X+wGwv+eqoEJaO7/uD8azpgRtQP2BDfW3ihWxomA6A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
2925247724295285
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2925247724295285?v=2.9.178&r=stable&domain=anfrage.balance-digital-agentur.de&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
e30f902593303ac9cf5995d50e872d4729f479d390326a3b9ef0eb506fc05e22
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-zF4gYlLd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-zF4gYlLd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70404, tp=66, tpl=0, uplat=162, ullat=0
pragma
public
x-fb-debug
jvS+CrFvcjHmi295xapk/Hih6UlTUrJ3sgcC3PtNbIPcTtB8Q8695cBguwQ2XlzkTBketdx2vS4FTGbf8SWwLw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.heyflow.cloud/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.heyflow.cloud/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Poppins:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anfrage.balance-digital-agentur.de
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Poppins:300,400,500,600,700,800&display=swap

Response headers

cf-cache-status
HIT
age
153740
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXD9zxTIRKWFMWt9vRRzCl%2B%2FXS8x5xIsRI%2BSPHXxYtYMYb64GYyy%2Fel6n6TG%2FpMDi%2FDvG2tYPJFx7S6OFZSfDNoDSCqndlufWKw6%2FPWkptNzNlmGXLy5GMjXvh95XmA2EXFnz1EyAVOwqd3tbE2K73E%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6563&min_rtt=6400&rtt_var=1218&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3999&recv_bytes=2467&delivery_rate=569775&cwnd=239&unsent_bytes=0&cid=6ee1accd28fbed69&ts=50&x=0"
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
font/woff2
last-modified
Wed, 04 Dec 2024 22:01:00 GMT
vary
Accept-Encoding
x-cloud-trace-context
b9ba0e4a12c238d2d3b276d279cfd02b
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eddbbfadfbf8f34-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-powered-by
Express
server
cloudflare
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.heyflow.cloud/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.heyflow.cloud/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Poppins:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anfrage.balance-digital-agentur.de
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Poppins:300,400,500,600,700,800&display=swap

Response headers

cf-cache-status
HIT
age
139854
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BLlrMUKM3tnc4tOL7dDxPegbiQ6i%2F2jYB97iCBzk3hBa%2BSD9rIdULy%2Bu7uSDEhP9HrETadTZ8m0LsaWup%2Ff5Z0Ho%2FxxvhD1WrRVzPeHMkhJUXQHzTnX1KfBA2yIhdpS9U2GevBUTs6PMdDPADViO9BY%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=6563&min_rtt=6400&rtt_var=1218&sent=18&recv=12&lost=0&retrans=0&sent_bytes=12766&recv_bytes=2467&delivery_rate=569775&cwnd=239&unsent_bytes=0&cid=6ee1accd28fbed69&ts=52&x=0"
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
font/woff2
last-modified
Thu, 05 Dec 2024 01:52:26 GMT
vary
Accept-Encoding
x-cloud-trace-context
9936c4ed320b19674545efaf26be78f4
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8eddbbfadfc18f34-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-powered-by
Express
server
cloudflare
desktop.avif
assets.prd.heyflow.com/flows/umzugsunternehmen-5307a4/www/assets/f03083d5-e073-41b7-9f3f-15a3b5ed23f6/
22 KB
22 KB
Image
General
Full URL
https://assets.prd.heyflow.com/flows/umzugsunternehmen-5307a4/www/assets/f03083d5-e073-41b7-9f3f-15a3b5ed23f6/desktop.avif
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b3e62a726e173f637676104820a2d3139981ea1360a7e9df68937975038ec65c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=o6rSXA==, md5=aWieA203TqcEl8Ngkk0l7Q==
etag
"69689e036d374ea70497c360924d25ed"
x-goog-stored-content-encoding
gzip
expires
Mon, 01 Dec 2025 16:43:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
22469
date
Fri, 06 Dec 2024 16:43:20 GMT
last-modified
Sat, 26 Oct 2024 13:39:31 GMT
content-type
image/avif
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5bXoYDi-yJN6svJJQVzXDVxk1l3uUdnvu8-ZLQt-0MF2qHsFr1H956748zWZxfVAn4gHM
x-goog-meta-originalfilename
Yellow Advertising Marketing Agency Business Logo.png
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
access-control-allow-origin
*
x-goog-generation
1729949971122137
content-length
22469
server
UploadServer
main.js
anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame D583
Redirect Chain
  • https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB
Script
General
Full URL
https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12429f38a14b30d913df9eaeeb35319e06227cc1496617a12bf014072eeb00a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0ttNRhrOYZKc1MP2vqmJMWmEyNC2v6bvPt8ZZD3YjJC4lq9M%2Bp8ar9Qd%2FO5pzL7H%2FK1rh0NdUBPQ8ULAO05r7iy2d12DkKubkIJ7%2BgpIVnxhl3i4N7HSJMuNsmE%2Bu%2FleWB5K1meH3u9VR0vaKyn%2B%2FHzKWRqtjgjAlB9yMWKu%2FRh"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8eddbbfaee26dbab-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=11268&min_rtt=5959&rtt_var=9481&sent=27&recv=24&lost=0&retrans=0&sent_bytes=21770&recv_bytes=2617&delivery_rate=1772203&cwnd=238&unsent_bytes=0&cid=ec9044be3a285f18&ts=363&x=0"
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2mMht4Px2PDYnb9YRKzxl3JIylcdTIIHBLvID2%2FY8%2BHzlkjyoPhSUE9R%2BDunv74IoXruyuH7%2FbsVWo71i%2FyqhoUfE99qeOG3yyO9o2NB9bz1Wlhy2yQJi89QADTzgaCPK%2FF%2BqDnavFsKY%2FIe2mKQ2fLXXN%2FCPsworcK3y%2BNuFGM"}],"group":"cf-nel","max_age":604800}
cf-ray
8eddbbfadde0dbab-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=TCP&rtt=12014&min_rtt=5959&rtt_var=10653&sent=26&recv=22&lost=0&retrans=0&sent_bytes=21178&recv_bytes=2522&delivery_rate=1772203&cwnd=238&unsent_bytes=0&cid=ec9044be3a285f18&ts=349&x=0"
date
Fri, 06 Dec 2024 16:43:20 GMT
vary
Accept-Encoding
server
cloudflare
logs
api.prd.heyflow.com/flow/pv-hersteller/ Frame
0
0
Preflight
General
Full URL
https://api.prd.heyflow.com/flow/pv-hersteller/logs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://anfrage.balance-digital-agentur.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html
date
Fri, 06 Dec 2024 16:43:20 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
47435eb90d7adb644acb7f6dd942c55a
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
logs
api.prd.heyflow.com/flow/pv-hersteller/
26 B
168 B
XHR
General
Full URL
https://api.prd.heyflow.com/flow/pv-hersteller/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/app-BHqbSfqK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://anfrage.balance-digital-agentur.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
a22889162e472f211811b83737886ce1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gnikcart
functions.prd.heyflow.com/ Frame
0
0
Preflight
General
Full URL
https://functions.prd.heyflow.com/gnikcart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://anfrage.balance-digital-agentur.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://anfrage.balance-digital-agentur.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Fri, 06 Dec 2024 16:43:20 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
9c7aecfad6637d6f95f8caa1c57b964c
gnikcart
functions.prd.heyflow.com/
2 B
106 B
XHR
General
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/app-BHqbSfqK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://anfrage.balance-digital-agentur.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://anfrage.balance-digital-agentur.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
73d1ff5587ed062d718415a83c8ee124
8eddbbf8cf66dbab
anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D583
0
1 KB
XHR
General
Full URL
https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/h/g/jsd/r/8eddbbf8cf66dbab
Requested by
Host: anfrage.balance-digital-agentur.de
URL: https://anfrage.balance-digital-agentur.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=649%2BBmO5raEHlJMoGALFm4JITHWmctbU9MZfuQMLfHQwccryhlE4fxY551kTGuC8jzRvTa7WNJJRdCLT7NIaRw%2FG1OlCWBS1e3fX%2Bk5RYqESxd43fcji0spcT7JOiaY0SrK5llL3T%2B9mEKAQmfs1uUBtSh9u"}],"group":"cf-nel","max_age":604800}
cf-ray
8eddbbfb4e83d39a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6670&min_rtt=6157&rtt_var=987&sent=23&recv=25&lost=0&retrans=0&sent_bytes=6233&recv_bytes=21330&delivery_rate=885&cwnd=12000&unsent_bytes=0&cid=8df365eb27afae45&ts=77&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
logs
api.prd.heyflow.com/flow/pv-hersteller/
26 B
52 B
XHR
General
Full URL
https://api.prd.heyflow.com/flow/pv-hersteller/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/app-BHqbSfqK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://anfrage.balance-digital-agentur.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
92504450ecaae5100baabdf38fe6f336
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
heyflow_favicon.png
assets.prd.heyflow.com/builder/logos/
24 KB
24 KB
Other
General
Full URL
https://assets.prd.heyflow.com/builder/logos/heyflow_favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cbd2e6e4eb3f2d4ee25a3e15c40a737d0ed419a08f2051dc3addbe3c1cd1a1ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=FiGvuw==, md5=Hc8EI1HP45D6xRdSdiJOhw==
etag
"1dcf042351cfe390fac5175276224e87"
age
3598
x-goog-stored-content-encoding
identity
expires
Fri, 06 Dec 2024 16:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
24910
date
Fri, 06 Dec 2024 15:43:22 GMT
last-modified
Thu, 19 Sep 2024 14:07:10 GMT
content-type
image/png
x-guploader-uploadid
AFiumC4yCgyJQ-rqLppB6GUPiuY-N199Irw1ljtqfFXZP4bvV42EpmNJUGHk9AnLFMBs2hZD3qs
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726754830812061
content-length
24910
server
UploadServer
heyflow_favicon.png
assets.prd.heyflow.com/builder/logos/
24 KB
0
Other
General
Full URL
https://assets.prd.heyflow.com/builder/logos/heyflow_favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cbd2e6e4eb3f2d4ee25a3e15c40a737d0ed419a08f2051dc3addbe3c1cd1a1ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

x-goog-metageneration
1
x-robots-tag
noindex
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=FiGvuw==, md5=Hc8EI1HP45D6xRdSdiJOhw==
etag
"1dcf042351cfe390fac5175276224e87"
age
3598
x-goog-stored-content-encoding
identity
expires
Fri, 06 Dec 2024 16:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
24910
date
Fri, 06 Dec 2024 15:43:22 GMT
last-modified
Thu, 19 Sep 2024 14:07:10 GMT
content-type
image/png
x-guploader-uploadid
AFiumC4yCgyJQ-rqLppB6GUPiuY-N199Irw1ljtqfFXZP4bvV42EpmNJUGHk9AnLFMBs2hZD3qs
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726754830812061
content-length
24910
server
UploadServer
logs
api.prd.heyflow.com/flow/pv-hersteller/
26 B
52 B
XHR
General
Full URL
https://api.prd.heyflow.com/flow/pv-hersteller/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/app-BHqbSfqK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://anfrage.balance-digital-agentur.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
37c430f9888ceba6bce2f39cdddcab53
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gnikcart
functions.prd.heyflow.com/
2 B
18 B
XHR
General
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/app-BHqbSfqK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://anfrage.balance-digital-agentur.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://anfrage.balance-digital-agentur.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
5e49cacc40072fe852d805b7034da19d
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2925247724295285&ev=PageView&dl=https%3A%2F%2Fanfrage.balance-digital-agentur.de%2F%23haus-typ&rl=&if=false&ts=1733503400332&cd[event]=PageView&cd[flow_id]=pv-hersteller&cd[host]=anfrage.balance-digital-agentur.de&cd[path]=%2F&cd[origin]=https%3A%2F%2Fanfrage.balance-digital-agentur.de&cd[title]=PV%20Hersteller&cd[hash]=%23haus-typ&cd[referrer]=&cd[screen_width]=1600&cd[screen_height]=1200&cd[screen_id]=screen-810ea872&cd[session_id]=qclunp&cd[ab_variant_id]=nDWf40gJDvZjKbZu8Bbu&cd[is_embedded]=false&cd[widget_version]=5.4.2&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12318&fbp=fb.1.1733503400331.260038056422646141&ler=empty&cdl=API_unavailable&it=1733503400002&coo=false&eid=xryuxfvqte8v&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4229, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
199 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2925247724295285&ev=PageView&dl=https%3A%2F%2Fanfrage.balance-digital-agentur.de%2F%23haus-typ&rl=&if=false&ts=1733503400332&cd[event]=PageView&cd[flow_id]=pv-hersteller&cd[host]=anfrage.balance-digital-agentur.de&cd[path]=%2F&cd[origin]=https%3A%2F%2Fanfrage.balance-digital-agentur.de&cd[title]=PV%20Hersteller&cd[hash]=%23haus-typ&cd[referrer]=&cd[screen_width]=1600&cd[screen_height]=1200&cd[screen_id]=screen-810ea872&cd[session_id]=qclunp&cd[ab_variant_id]=nDWf40gJDvZjKbZu8Bbu&cd[is_embedded]=false&cd[widget_version]=5.4.2&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12318&fbp=fb.1.1733503400331.260038056422646141&ler=empty&cdl=API_unavailable&it=1733503400002&coo=false&eid=xryuxfvqte8v&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anfrage.balance-digital-agentur.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7445340411103967333"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7445340411103967333", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
9gfr2hrVDBrKz1Mcw0USg7All7DlOqXuJRYZhfKN0IgPqAPgBkTslr+aXOI5vgL2J7AMkIrAT1qgKMRxPJbHpA==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4837, tp=13, tpl=0, uplat=159, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
logs
api.prd.heyflow.com/flow/pv-hersteller/
26 B
52 B
XHR
General
Full URL
https://api.prd.heyflow.com/flow/pv-hersteller/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/pv-hersteller/www/dist/app-BHqbSfqK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://anfrage.balance-digital-agentur.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 16:43:20 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
31c176f562d4d4ab6c2baacf45039c6d
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| currentlyMounting object| heyflow function| onImageLoadError function| fbq function| _fbq object| windowConstants function| filterCSS function| filterXSS function| Cleave object| dataLayer

2 Cookies

Domain/Path Name / Value
.anfrage.balance-digital-agentur.de/ Name: cf_clearance
Value: kZ6W3iOFWotATGByJ89QnVLjbXdvDDVjSoJ9ZjdxbkQ-1733503400-1.2.1.1-VMjaRARsMlag88WX2IDXTI1wsynGUUuIPjd5gdRWBBdQ.UFibLw6_PQe3Nlap8qY4VJcJwWPzEMIZqbkdMXmlY.JbxKlvfeqRUrfmG8Q7fP1.L9ShewLzpe1wUavEzKxMGKfeIpRBLb5hWRRF0ZMN02AZkULoIc6RSPbbfiWn2L7GvbjhxjtS8ghZ3D6KgS0tDf9PTm5j8a01X3SJL5_AIeGgjDYBWSoAXyG3ZoSXHUseWl5FzkLO0xjQHxdRkMUMPCiIGWtMIy7tOKuPMipB3jdR59Wl_rx1Uasy1UOmGz8jy0ZfM2gsMbBrVPldVl1W3A.AknN.UKW00SBPvUVYO6NUUeMWy128L.lWzUjTFqqXyt6znEDr6aWTi_lqtrK
.balance-digital-agentur.de/ Name: _fbp
Value: fb.1.1733503400331.260038056422646141

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anfrage.balance-digital-agentur.de
api.prd.heyflow.com
assets.prd.heyflow.com
connect.facebook.net
fonts.heyflow.cloud
functions.prd.heyflow.com
www.facebook.com
157.240.0.35
157.240.0.6
188.114.97.3
2606:4700:20::ac43:4aa7
2a06:98c1:3121::3
34.54.43.41
112ee03813042088cbade07d9a547a148b035d27f62c4fe70d6becbf017f26d1
12429f38a14b30d913df9eaeeb35319e06227cc1496617a12bf014072eeb00a4
41e6ea48dfec02d3afeab147ca84c1a98b08addb735406094d6022ae505b15d8
4c91022e70e51a5580e11f246520a574f7e49397e75b55ceb7b0bc578910fbd5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
576c1351daf92605ba75c2a792fef1d3f7be38d582e885597a49a67086202d94
68bf250569e9052d672b39aed78417c6517e4bf2a8489f7d9087dd5c363e0beb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
a875c30b4606ced3dcf75f3e1d3b756306dd7f17e273189efe64841c3223c652
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac898cb884429535eeb0216d0ac1ba584151a7912feacf55d000a3a0c5a3eae3
b3e62a726e173f637676104820a2d3139981ea1360a7e9df68937975038ec65c
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
cbd2e6e4eb3f2d4ee25a3e15c40a737d0ed419a08f2051dc3addbe3c1cd1a1ab
d166118addb28b747fcac27d76b4bda7cedc094b9845d88d85f546a12d2495da
e30f902593303ac9cf5995d50e872d4729f479d390326a3b9ef0eb506fc05e22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f25034cc2af9d439372f3f86f6d127bbb28d6dc8729264bc4c5ee045e73e460a
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149