www.gesundheitspaket.community Open in urlscan Pro
45.138.175.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gesundheitspaket.community/
Submission: On January 14 via automatic, source certstream-suspicious (January 14th 2023, 4:23:36 am UTC) — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 48 HTTP transactions. The main IP is 45.138.175.224, located in Germany and belongs to COMBAHTON combahton GmbH, DE. The main domain is www.gesundheitspaket.community.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 14th 2023. Valid for: 3 months.

This is the only time www.gesundheitspaket.community was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	45.138.175.224 45.138.175.224	30823 (COMBAHTON...) (COMBAHTON combahton GmbH)
17	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	31.25.12.20 31.25.12.20	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	130.211.21.179 130.211.21.179	15169 (GOOGLE) (GOOGLE)
4	94.130.226.120 94.130.226.120	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6 10	52.214.203.9 52.214.203.9	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5 8	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
48	18

1 45.138.175.224 (Germany)

ASN30823 (COMBAHTON combahton GmbH, DE)

www.gesundheitspaket.community	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.funnelcockpit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.25.12.20 (Switzerland)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

www.digistore24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.21.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.21.211.130.bc.googleusercontent.com

koi-3qnq9j78vy.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.226.120 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.120.226.130.94.clients.your-server.de

api.funnelcockpit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.214.203.9 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-203-9.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.212 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	funnelcockpit.com static.funnelcockpit.com — Cisco Umbrella Rank: 681525 api.funnelcockpit.com — Cisco Umbrella Rank: 919749	497 KB
10	prfct.co 6 redirects pixel-geo.prfct.co — Cisco Umbrella Rank: 14804	4 KB
8	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 413	8 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	278 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	91 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	492 B
2	marketingautomation.services koi-3qnq9j78vy.marketingautomation.services	6 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	2 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 306	239 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 420	273 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 618	393 B
1	perfectaudience.com tag.perfectaudience.com — Cisco Umbrella Rank: 17638	4 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5983	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	digistore24.com www.digistore24.com — Cisco Umbrella Rank: 197894	836 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	53 KB
1	gesundheitspaket.community www.gesundheitspaket.community	7 KB
48	17

	Domain	Requested by
17	static.funnelcockpit.com	www.gesundheitspaket.community static.funnelcockpit.com
10	pixel-geo.prfct.co	6 redirects
8	secure.adnxs.com	5 redirects
4	www.facebook.com
4	api.funnelcockpit.com	static.funnelcockpit.com
3	connect.facebook.net	tag.perfectaudience.com connect.facebook.net
2	ups.analytics.yahoo.com	1 redirects
2	koi-3qnq9j78vy.marketingautomation.services	www.gesundheitspaket.community koi-3qnq9j78vy.marketingautomation.services
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com
1	us-u.openx.net
1	analytics.twitter.com
1	tag.perfectaudience.com	koi-3qnq9j78vy.marketingautomation.services
1	www.google.de	www.gesundheitspaket.community
1	www.google.com	www.gesundheitspaket.community
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.digistore24.com	www.gesundheitspaket.community
1	www.googletagmanager.com	www.gesundheitspaket.community
1	www.gesundheitspaket.community
48	19

This site contains no links.

Subject Issuer	Validity	Valid
www.gesundheitspaket.community ZeroSSL ECC Domain Secure Site CA	`2023-01-14` - `2023-04-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
digistore24.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.marketingautomation.services GlobalSign RSA OV SSL CA 2018	`2022-06-03` - `2023-07-05`	a year	crt.sh
*.funnelcockpit.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-21` - `2023-10-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.perfectaudience.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-23` - `2023-01-21`	3 months	crt.sh
*.prfct.co GlobalSign RSA OV SSL CA 2018	`2022-10-28` - `2023-11-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.gesundheitspaket.community/
Frame ID: EDD8619E117482186F6C4CB6E4178462
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eintragung zur Warteliste Gesundheitspaket

Detected technologies

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

48
Requests

79 %
HTTPS

37 %
IPv6

17
Domains

19
Subdomains

18
IPs

4
Countries

667 kB
Transfer

1654 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://pixel-geo.prfct.co/tagjs?a_id=177839&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag

Request Chain 34

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202301|63c22e440cd47f3a5a664f2e&pid=pa_k6ejbb9TmDugEJFDr HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202301%7C63c22e440cd47f3a5a664f2e%26pid%3Dpa_k6ejbb9TmDugEJFDr HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=8305311832801108128&sid=202301|63c22e440cd47f3a5a664f2e&pid=pa_k6ejbb9TmDugEJFDr

Request Chain 35

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_k6ejbb9TmDugEJFDr

Request Chain 36

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_k6ejbb9TmDugEJFDr&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_k6ejbb9TmDugEJFDr&_origin=1&verify=true

Request Chain 37

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_k6ejbb9TmDugEJFDr

Request Chain 38

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_k6ejbb9TmDugEJFDr

Request Chain 39

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfazZlamJiOVRtRHVnRUpGRHI HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 42

https://secure.adnxs.com/seg?t=2&add=32094921 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921

Request Chain 44

https://secure.adnxs.com/seg?t=2&add=31971705 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705

Request Chain 46

https://secure.adnxs.com/seg?t=2&add=31305467 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gesundheitspaket.community/ 30 KB
7 KB 204ms
41ms Document
text/html 45.138.175.224
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.138.175.224 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Caddy /
Resource Hash: d9e64ed398d66c20c5564e91b240512aa41b0d1d5e5b15fefeaea208f70e0a8c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 04:23:32 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 funnel-page.css
static.funnelcockpit.com/assets/css/ 526 KB
81 KB 105ms
44ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=5f97f633fc4cc424
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb3a9c291145389a1a04fd1adb9383f1541098931cae62b46b914f00d604d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQPBZKH94PPVD453
age: 98
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: SwZ5AZ1y1pLTQjljb+GXARpDnByc6/nksAqwPPenSvUQhP4J/OzqGxOfQzfaXiH1J78qnp9E6W4=
last-modified: Thu, 29 Dec 2022 21:39:18 GMT
server: cloudflare
etag: W/"066ce9b0881cc4eb88c2e82c3b1a362d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLhLlTOTwOSahAat5KxH7s8MmNFUJzj4H3mi9AN6A6gIexKCjCGCm%2FNQCdc8TVuXh7fkEpOyMDk2MiI86liESZeE7MACs5%2Bz3NRDnW6vpJyKmnCYtPVXljDmY5IpgwOUrmNETAqESkDKtoH2mR16Ku9F12Bl4qM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 789398ca0e9290a8-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
53 KB 93ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10990549112

Requested by

Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f8fbab1a90fff6548aff9c0254945f2bb72b97914cf79e362be4823419d7f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53741
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Jan 2023 04:23:32 GMT

GET
H2 200 fdf16b98352eb0001ae7f28e3dfc02d3.webp
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 90 KB
91 KB 140ms
139ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/fdf16b98352eb0001ae7f28e3dfc02d3.webp
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066599a23ff885af740c351c59ab9dfadd02b799a66686c0d7c1a1f95997a544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTV2C3ZQBMFWBAV8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92504
x-amz-id-2: mT8F/Po6dgiqg4CSXtbGfjwcFVJ1m6eoVkO4obQZ//rXxMa37AIVYOyonozU4iA0uBDN1fEkwds=
last-modified: Wed, 14 Dec 2022 09:27:40 GMT
server: cloudflare
etag: "58d6112f16cfd226e402ecbba7705e65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suR4YwYfRl0oLPBSYci%2BwPGlHLPqBp0dly5IXziWdLV84g%2BukmqnJjgFpkLEadvstDk7vhXNJungvIa3wRM4WaL%2BZFbStEFMjxmLbAkMP0789oEaG0w7hgM2aYPAwMNf%2BbE9EKfstQAfTHi%2FhoCxTZnmu15yADs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 789398ca7ecc90a8-FRA

GET
H2 200 funnel-page.js Show response
static.funnelcockpit.com/assets/js/ 101 KB
34 KB 36ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1029fcd653baa4a0cb240b6c456877aa4ebb39499b767b73b03545df5510bb4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QQPDGC4YRFED13X1
age: 6944
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iOvJkQ5KW3CyPbtHnzD5N1upADzuoNEVSN8dm7W93F5WzPvU86ovdN93fcRYAnAxe3nK/4JN4qE=
last-modified: Thu, 29 Dec 2022 21:39:14 GMT
server: cloudflare
etag: W/"d08993b64edf6c1fba287989ccd90b0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHWZQht9g8J%2FBS5IKjlnFjuz2pi49N26EsMvpgyfrrU56EckK5nYw60e0EIMIT9myneMJa%2FFXCmFdagjegLAwO2mKLLkboctkTKOEUD8Q6Xnju4xwUnGnBYHCgEesUzMVro1%2Bxtz%2BBD%2Bu9938bGS1HmIYX9Vp98%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 789398ca7ecd90a8-FRA

GET
H2 200 96efa99e76c624d24c98e924ff775ca4e30f2664ce9202c74a40b2c33dbd89f0.js Show response
www.digistore24.com/track_info/247139/ 1 KB
836 B 130ms
51ms Script
text/javascript 31.25.12.20
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digistore24.com/track_info/247139/96efa99e76c624d24c98e924ff775ca4e30f2664ce9202c74a40b2c33dbd89f0.js?affiliate=digistore24AffiliateId
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.25.12.20 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: envoy /
Resource Hash: 7fc59520963fa16b6d9159d0ec7b9f056d1cf3edd56cfb3ed39b0dfb0cb1a4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: gzip
via: 1.1 google
x-envoy-decorator-operation: null
server: envoy
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
x-envoy-upstream-service-time: 22
x-robots-tag: noindex, nofollow, noarchive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 565

GET
H2 200 272a0a3836513609f167a5c91418403f.jpg
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 81 KB
81 KB 142ms
141ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/272a0a3836513609f167a5c91418403f.jpg
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ecf4b619a6860283409bb385034101e0862a6c190d4ab8a2aa24b1d3733019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTV5XHHE7RPNEHBR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82697
x-amz-id-2: TJRJDYkqKLC0JiAd+Yl6tYfabcynybV22NHzleWjXGbDqVYfnIVKa43LlDlwHpqY6dlihAhhdb8=
last-modified: Wed, 14 Dec 2022 09:02:06 GMT
server: cloudflare
etag: "579472757b328488e57f5e9671006445"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnAGUQcuNTp2bTirwF5SbyXtHBeYXqYG1y7m6JjMv7qnumPpnsHvEfz68MkTO6Z18mzcLaYHDLAu0EV%2FgfUB3NZuWonI15KyiJg2aOJAg4q1hr237VbveSzcXa8eB9%2Fs325W1iSoCfiv6iIUqZEP%2Fdf0g7wAkkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 789398ca9ed190a8-FRA

GET
H2 200 9ad41639a09d3d58acedd060f056acd6.jpg
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 31 KB
31 KB 67ms
66ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/9ad41639a09d3d58acedd060f056acd6.jpg
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ad37448db0a25b83f9ac4673ffb992af2c5b62cd3eedd669b2de0e87355980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTVCPTP51992V5C2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31374
x-amz-id-2: mAdcCeXbE7YIIetAG0kY4+hzR4GNGCNvlQz9FWHliIYebkc3XwGTctqkXyZ8PYCP4+dHIXWAr6o=
last-modified: Wed, 14 Dec 2022 09:14:05 GMT
server: cloudflare
etag: "6bbbc9d4cbbfe12bfbafdaadb72bd5ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xNd5%2BM37kV%2BeIXq9hM%2BrJOiQgTBk7DKKhEGLbkEC%2F7Ag5lDM0kQO6sG2qN3eJk5DZmt6oZGvS6XzSmI8ygdnhM9fSKYDiyanRrexRZQ6q8mloa7g1IDdd%2BULrriTtim0VYEwFjtWoLcwpUR790sWA6V4FKXrMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 789398ca9ed390a8-FRA

GET
H2 200 e254e5cd16a6656b1ef04f02deefefff.webp
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 38 KB
38 KB 131ms
130ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/e254e5cd16a6656b1ef04f02deefefff.webp
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d22d0ddf358369ddb3be5a2d4149f4ac4c44b9587f4b6122da091882e8e767df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTVCJ83YPVVFASCE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38436
x-amz-id-2: 2m4bQcQoZ0eEIU3tl56CBGiqkofom9Qqid59T2XWgCfMc0xIAzxc8ySCQBgx6m+j8u04tYKqaK0=
last-modified: Wed, 14 Dec 2022 09:11:58 GMT
server: cloudflare
etag: "20de649e565b564bce050e6060b30e77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu%2FHm4jSVq6zypnucFXfsIzZpl91wIljSIi%2ByKlcEUm5CEmxqdW2PFwt8w0dmBgIP%2BHiVONKKa83O26vKawrfqAyCVY8qgIWstBoyguVcgBFbCcM0UcpJPF9ohKy9JonmDaX9cXyy1HjSKd08rrWU17Ho2%2Fo%2FGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 789398ca9ed490a8-FRA

GET
H2 200 9f9475a2f1af2063799eb298971cc012.webp
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 51 KB
51 KB 90ms
90ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/9f9475a2f1af2063799eb298971cc012.webp
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b975789f62e87ed0e4f6b13fe79566a93ec8bd72de06d15aa69020317eedd81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTV0F4YC8W1ACG6A
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52084
x-amz-id-2: YutsB/zbX365DvWxbzSdGgJlqi5SLeSIaIFK10HdYVIHGGPRjoDl2QtdEntVX2BsSXfp7IEpKxY=
last-modified: Wed, 14 Dec 2022 09:11:42 GMT
server: cloudflare
etag: "49ad037a60054d42f7561bdf902f5c9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xZoDjryja2ztrvxN8DNFoDyBAHJeYvVmK3iZilmV6ezOCwgwY72Qg9ua39ou1W1lYo7mabxfFVeRgBN%2BjbYAL4c0%2BUlJ0Rd5V7fgodG0kK38oNTA6SiBQ8nNXCslc%2FbRRBj8TJd%2BruvJMwHn1nAos%2F94CkLYlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 789398ca9ed590a8-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10990549112/ 2 KB
1 KB 92ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10990549112/?random=1673670212277&cv=11&fst=1673670212277&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tiba=Eintragung%20zur%20Warteliste%20Gesundheitspaket&auid=478702905.1673670212&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10990549112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

868a4addc34df2fafd1f564d8896b11169a3a7288a6c17a5a5b8baefbe155c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 899
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ss.js Show response
koi-3qnq9j78vy.marketingautomation.services/client/ 12 KB
5 KB 330ms
123ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnq9j78vy.marketingautomation.services/client/ss.js?ver=2.4.0
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.21.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.21.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: 0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 15 Dec 2022 14:32:53 GMT
server: openresty
etag: W/"639b3015-2fe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 21 Jan 2023 04:23:32 GMT

OPTIONS
H2 200 track-page-visit
api.funnelcockpit.com/ 0
0 110ms
26ms Preflight 94.130.226.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-page-visit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.226.120 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.120.226.130.94.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gesundheitspaket.community
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
date: Sat, 14 Jan 2023 04:23:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H2 200 track-page-visit Show response
api.funnelcockpit.com/ 0
384 B 134ms
81ms XHR
text/plain 94.130.226.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-page-visit

Requested by

Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.226.120 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.120.226.130.94.clients.your-server.de

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesundheitspaket.community/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
cache-control: private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
x-xss-protection: 1; mode=block

GET
H3 200 9657.da09a34149603f1ecd6e.js Show response
static.funnelcockpit.com/assets/js/chunk/ 54 KB
18 KB 53ms
52ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/9657.da09a34149603f1ecd6e.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f13fc13b9290a05e50e615debe705c343fcc797b921bff3aade7d8650fe9f7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3MBXCDTJNC4WM5XV
age: 5335
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9mNZtfKrgprU91CW56CKVio+iGKuwXnLcxw2UXxRSLp6S4bJru5TtzZYmL3VDf+zhD2eTKfgmvQ=
last-modified: Thu, 29 Dec 2022 21:39:13 GMT
server: cloudflare
etag: W/"68da351064488be15a21aa017ccdd3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTbeQtfDvU87ur8mxTNIyr5almyCkGJUSGg66r7b1CDDYxkflSdqJtafrWHLCqgVonaTFX%2Fc%2FGFtmkncxhttJREh55y5c%2BQ%2F1r1FXCxs%2BHTcEXBE6UbH0Ye7bW8nsYKhYXU7PVVBNmLSIxCAlVFZxLY5NfcwP8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 789398caeffa922b-FRA

GET
H3 200 5204.35703219d0c56810eae8.js Show response
static.funnelcockpit.com/assets/js/chunk/ 28 KB
10 KB 32ms
32ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/5204.35703219d0c56810eae8.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d424909a75b330118328e0c0d4dc02bf940a34032f48556babd256203a7a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VW9HKKB3DCGZ78PR
age: 6873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zEdogCntuPrJWZdX8uicG4wmoQKY2Z6NPYsxTDp2HTpE4s7CKNHgwDAN1GCNG0RYSHNJ/K59HKc=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"ee85110bb30cb1c75c8c26707ae4d693"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqq93jNq7eRpHcKby2CFI3t6fo6gaYbIOxFaiHysSKiMtaEmn3vVzCEDNfaZUaPa81OS1bY%2BBm4rDZ46iHVmyLUU4wTmadP9vmYyUqIS7pDGUJelk1poAEGaSJwDhV%2FLcy6tMcwenlgD26AqnsqbF1smmC0tid8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 789398caeffb922b-FRA

GET
H3 200 2681.f9ebe191577409e358e3.js Show response
static.funnelcockpit.com/assets/js/chunk/ 4 KB
2 KB 30ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/2681.f9ebe191577409e358e3.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3MBVRFC9ZSM6SZXH
age: 4096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Nh/uCiBN8O19gIzJFo2XotH+lBkDjaKy3JatFj68w7Sm+rie2P1OOC5vO8ct8cfyF/z2BAyA6is=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"45823df5200104062056ad9fe02fc457"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0nzq4g0SmJ7BFMAznfxQkyeO28IrYsiPE765iALmyQBMpgxg%2BqeHfrfmxGM7ItJlnBUH5o7%2BiqE1NNAuZmhlN0L%2B56kOXUti7L8ItE8V%2BCsiVTJpTahMx%2FLyiKHvyYBunbFlTDXL486nzfA4hv19Jl6c4Jl%2Bt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 789398caeffc922b-FRA

GET
H3 200 1304.31030298a02161531ca7.js Show response
static.funnelcockpit.com/assets/js/chunk/ 5 KB
2 KB 31ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/1304.31030298a02161531ca7.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3MBQZGC0X1EXF3MP
age: 6797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tN4jM2oNGHPeq8RBHzclpBE26PYtSUpIPjlFxmouocuGHl21j/uCGh8K5nG+c1ibZmtDMY5frMs=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"789b48c7404e9ed9881c4fbd1f97afbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B%2B457FzkT5WZgk%2Bq7gG0bANE4s1hN8VsC1beRAbz8lP7FVAMIPnfipVkOGXnh8s4HWKqXCEvrwBF29xkdynGJXYt8DvSYjzQOMuNLNW6o3Q8WUwy2re6t2m6ukG8C%2B0Khl1LOXx7a2NmmTuOGWXhx9LNy9mN5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 789398caeffd922b-FRA

GET
H3 200 3063.1ad011790bded2b097a6.js Show response
static.funnelcockpit.com/assets/js/chunk/ 11 KB
4 KB 53ms
53ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/3063.1ad011790bded2b097a6.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad51efb57b61ff4ed23dd3a62be3f5f6fc012191306c669bda8c6e63218799fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3MBPQ4DTR6PSGC0V
age: 85
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dZuWR+l8z8+xKOm1ziicY+GGzH2N4c0FaUVW/ohWH0xO+BLYIPteKmo2nPs11CNJGFNupRv6sO8=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"47ad478609b60675d18a8ce35bd89f05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUFEu64WOu6jBBIp96t4Xl2jIuqB8cJ8bLm4nqd%2BwuSeAAo0%2BLkf%2FHl4NDgTtCT3GUncGml7LnmLhCbI2DDPBI3lwdiF1ylE977J5781pEkha%2FhIuUgpAX1AhwHdKJVr0iMKePRL2zaxLzJO9%2F5gpQ3Rd9R4rA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 789398caeffe922b-FRA

GET
H3 200 8505.ad6806a0cdf9696bb9c9.js Show response
static.funnelcockpit.com/assets/js/chunk/ 504 B
882 B 73ms
73ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/8505.ad6806a0cdf9696bb9c9.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e40ddcdf5ccd999ea0d229df7158bee481db198e293e2779138f90377b5bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8HG4VMYAQZ3DYRT1
age: 4269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4xTkhYlGwA9LvxZQ9lUy2BfKW+YWgTsL1Tk2E5Oj3VFTnQW4syTkkr6SxtYx4HijDae7Ln4E6Ts=
last-modified: Thu, 29 Dec 2022 21:39:13 GMT
server: cloudflare
etag: W/"7bed94deb53e74d53a0fdcc708ab7cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwIsAz%2FiplG1GqLfFEYn7OQ35xjHj%2FjeSiJsO4lXqY5Rdk%2BzBFWVUNOm9iFd3knuldneuNRhl9h3ePFIql0iy%2Bba%2B1Ib7qGR7T03NgttxmahYCC9XZe56aI7ZsQi6GVltlp1fvOXs1un2GW9L1u2dwFooNhYwoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 789398caefff922b-FRA

GET
H3 200 kumbh-sans.css
static.funnelcockpit.com/assets/css/fonts/ 2 KB
883 B 69ms
69ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27fd80d6a899107f7308f178315800eb2115d29cd669192fe592708e4ef1b678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Dec 2022 21:39:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: TFM5HPBW5AF7RSFX
etag: W/"8523826d84ca39895a6842b99309e08c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STtKo1jvgGyd2zNYfzTu3Dmn%2B2RZWpmHZSGOhIEkbxk09mmvPPUqLnnTrWMIJH8ZOgoCPLkMQZliIpZlmwn5V%2Bsau11WVGEFKgvSCXCmPy%2BCdAHN7TdrK3lF1tLfk0r3IXof1Fdo5S7ecoO3aVRgK3LN1OiHdhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 789398cae805922b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: e0mswkxb7MhHiXdgU7vIjvLO6nF3zHq6EH1c42m2hYsafKZLt2w6MDz5UX98LKBn0DKVi4VW2I0=

GET
H3 200 material.css
static.funnelcockpit.com/assets/css/fonts/ 77 KB
16 KB 70ms
69ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/fonts/material.css?v=5f97f633fc4cc424
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7194856f584c2055e9c3b96f641b4486f6d8c842914b9d152abffd732b97fc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GRZ8XXT1S8TX099H
age: 5715
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jdVDxT31hDvTRgCMwoWQ8gxtfQSbSGoiO8UKxplkry7ncZMr2HHIanrYi6T1hAdfi1yW5m2HdiE=
last-modified: Thu, 29 Dec 2022 21:39:17 GMT
server: cloudflare
etag: W/"f355f75488ecba3c8210f6eb832050ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeUkX7k8l%2FgWvE0ctTr%2BVJL6mROND9%2ByFn8DZKHjXJBupMHU8rWGO%2F9hvCuXaSd2fdqAVzdvUFAkwgS9fjygOQMS1wKIz9QGK5wEYUdV7ltmmjxw9j3xiqmD84X9zrIskSSFtV7KMq92JDBdnl8bL2aEFPTmbjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 789398cae806922b-FRA

OPTIONS
H2 200 track-survey-view
api.funnelcockpit.com/ 0
0 49ms
26ms Preflight 94.130.226.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-survey-view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.226.120 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.120.226.130.94.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gesundheitspaket.community
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
date: Sat, 14 Jan 2023 04:23:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H2 200 track-survey-view Show response
api.funnelcockpit.com/ 0
337 B 49ms
49ms XHR
text/plain 94.130.226.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-survey-view

Requested by

Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/chunk/5204.35703219d0c56810eae8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.226.120 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.120.226.130.94.clients.your-server.de

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesundheitspaket.community/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
x-xss-protection: 1; mode=block

GET
H3 200 kumbh-sans-v5-latin-regular.woff2
static.funnelcockpit.com/assets/fonts/ 17 KB
18 KB 106ms
81ms Font
binary/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/kumbh-sans-v5-latin-regular.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29e56f946e6e39f14f19fcea8f39f64a610d8b51aaf2aa43a5c35ec61d43c0e

Request headers

Referer: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Origin: https://www.gesundheitspaket.community
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTVB8GH1SM9PM3HS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17624
x-amz-id-2: Z5joONJ/vcIDsMuSwuN11ejued4rrPKrRxnucY09aCDXl5gOmAuSRFNY2DJU1ZCJdKqIThUc4Po=
last-modified: Thu, 29 Dec 2022 21:39:33 GMT
server: cloudflare
etag: "e3653cc32513bd8a508d885acef0c7ef"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TM8VRvf1UnJT%2BjZlz3Zbz%2F0kclT9GiENsAuOZR61%2BTvFII%2FeSBptUCj6q%2Fl5BLEv9Er5xeBcdQd36J9pcZc7YS11QG4nLXzUjevn9yjbNu6rzWh6U5uCwhUBdiZofSTJQkgZY%2BFKuy%2FjB%2FJXtmhgmHGaP%2FzDXBY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 789398cb8e85bb7d-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/10990549112/ 42 B
548 B 84ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10990549112/?random=1673670212277&cv=11&fst=1673668800000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tiba=Eintragung%20zur%20Warteliste%20Gesundheitspaket&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=409707190&rmt_tld=0&ipr=y

Requested by

Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:23:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10990549112/ 42 B
548 B 89ms
37ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10990549112/?random=1673670212277&cv=11&fst=1673668800000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tiba=Eintragung%20zur%20Warteliste%20Gesundheitspaket&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=409707190&rmt_tld=1&ipr=y

Requested by

Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:23:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kumbh-sans-v5-latin-700.woff2
static.funnelcockpit.com/assets/fonts/ 17 KB
17 KB 79ms
60ms Font
binary/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/kumbh-sans-v5-latin-700.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2ac91b714c3b2122ecdc9e9bbaedfbec5ed081133a4a367a561e153d05ae53

Request headers

Referer: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Origin: https://www.gesundheitspaket.community
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CTV8XXR7DX1QY3NA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17060
x-amz-id-2: EdILn4safLhSlLOXvJRDW8E6z9AmuBO8Rp8VMVC3uRVnnJvx6MEgSFzwXoQrbggiWN6P/fnzOnw=
last-modified: Thu, 29 Dec 2022 21:39:33 GMT
server: cloudflare
etag: "57062e46d835c8d428e1374f307eea59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zbz3L816hJUyrGzUl1uhkGehQ5s9%2FRdwgXwRD23c%2FRblQ6nmOHTWUpMKNZHaRAE74ZnoodXZZuXgX4Rmw%2BSWfPZBTY27Ybdeo3L652cXYqImM%2FQ18KcvZFU49oIzGsp%2BTkKInxcy5cv7%2BF2GI8VIIU%2Fu9DUtEtQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 789398cb8e82bb7d-FRA

GET
H2 200 koi Show response
koi-3qnq9j78vy.marketingautomation.services/ 148 B
604 B 191ms
191ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qnq9j78vy.marketingautomation.services/koi?rf=&hn=www.gesundheitspaket.community&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1673670212620&ac=KOI-4M4L6AW80Y&ts=1673670213&pt=0&pl=0&loc=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tp=page&ti=Eintragung%20zur%20Warteliste%20Gesundheitspaket

Requested by

Host: koi-3qnq9j78vy.marketingautomation.services
URL: https://koi-3qnq9j78vy.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.21.179 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

179.21.211.130.bc.googleusercontent.com

Software

openresty /

Resource Hash

3f1a14fe7f5be80b8029b869b7675954d5d6ab89fa6265fce3c68120a3e98d2d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:23:32 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Sat, 14 Jan 2023 04:23:32 GMT
server: openresty
via: 1.1 google
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-84855df6cc-tmrll
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 62f0e22d1ed307007c00002d.js Show response
tag.perfectaudience.com/serve/ 13 KB
4 KB 275ms
204ms Script
text/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/62f0e22d1ed307007c00002d.js

Requested by

Host: koi-3qnq9j78vy.marketingautomation.services
URL: https://koi-3qnq9j78vy.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

4360a00ff206a0046f0dc89d380d63c021903a5ae244bddf9bc928ad22f9a7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220047-HHN
date: Sat, 14 Jan 2023 04:23:33 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
server: Cowboy
age: 0
x-timer: S1673670213.893067,VS0,VE184
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4358
x-cache-hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 78ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/62f0e22d1ed307007c00002d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 04:23:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: UwsAfwZ8hSyVkSsprntUEzlOfinaE66mAnmLnCAM9fpWVNFtLKF/eocVQOrlS/m19wv2LWv5M3fSQNYgXzQIZA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=177839&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag

125 B
454 B

46ms
46ms

Script
text/javascript

52.214.203.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag
Protocol: HTTP/1.1
Server: 52.214.203.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-203-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5cb925c08ba850f28828ce7c2fcb1ec419088eeaef9614bcaca9c8532f77bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 1127198331274530 Show response
connect.facebook.net/signals/config/ 149 KB
41 KB 79ms
78ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1127198331274530?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc7787c933a41bfa49fef9555e2b565f4392bfebb22bac223aba78c315fb9f42

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 04:23:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: dzRJjljrAZrWjJ1OzlUeCPInEW68qNjrB5S/idkw3AKXUeVkMiXsCkx8HqeOV4WyrLhA6O1tIGfr7jAgEDkePA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
21 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.92

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 04:23:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: z6jSpmNHXL8r3eJVpFkKuX3rrFoKff5+WlUZxOvlPmGIXmwTRYRsxQfozJcFM7U5ZRj5cVZRQYoglOFPdXRNeA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 67ms
22ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1127198331274530&ev=PageView&dl=https%3A%2F%2Fwww.gesundheitspaket.community%2F&rl=&if=false&ts=1673670213355&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=28&fbp=fb.1.1673670213354.1592930765&it=1673670213197&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:23:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202301|63c22e440cd47f3a5a664f2e&pid=pa_k6ejbb9TmDugEJFDr
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202301%7C63c22e440cd47f3a5a664f2e%26pid%3Dpa_k6ejbb9TmDugEJFDr
https://pixel-geo.prfct.co/usermap/?xid=8305311832801108128&sid=202301|63c22e440cd47f3a5a664f2e&pid=pa_k6ejbb9TmDugEJFDr

43 B
256 B

45ms
44ms

Image
image/gif

52.214.203.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=8305311832801108128&sid=202301|63c22e440cd47f3a5a664f2e&pid=pa_k6ejbb9TmDugEJFDr
Protocol: HTTP/1.1
Server: 52.214.203.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-203-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Sat, 14 Jan 2023 04:23:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ce0d5cfd-d04d-4024-98fe-a594163b0a5d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel-geo.prfct.co/usermap/?xid=8305311832801108128&sid=202301|63c22e440cd47f3a5a664f2e&pid=pa_k6ejbb9TmDugEJFDr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_k6ejbb9TmDugEJFDr

43 B
393 B

199ms
134ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_k6ejbb9TmDugEJFDr

Protocol

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 112
date: Sat, 14 Jan 2023 04:23:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a9c2c2e387d4a012
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fad50011aa86e9e751508f78686412a311680a956715bb560e3994cb3888aadd
content-length: 43

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_k6ejbb9TmDugEJFDr
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_k6ejbb9TmDugEJFDr&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_k6ejbb9TmDugEJFDr&_origin=1&verify=true

0
121 B

26ms
26ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_k6ejbb9TmDugEJFDr&_origin=1&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:23:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_k6ejbb9TmDugEJFDr&_origin=1&verify=true
date: Sat, 14 Jan 2023 04:23:33 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_k6ejbb9TmDugEJFDr

43 B
273 B

135ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_k6ejbb9TmDugEJFDr
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:23:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_k6ejbb9TmDugEJFDr
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_k6ejbb9TmDugEJFDr

0
239 B

127ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_k6ejbb9TmDugEJFDr
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_k6ejbb9TmDugEJFDr
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfazZlamJiOVRtRHVnRUpGRHI
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

47ms
46ms

Image
image/gif

52.214.203.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Server: 52.214.203.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-203-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:23:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel-geo.prfct.co/cb?partnerId=goo
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 219ms
127ms Image
image/gif 52.214.203.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=31305467,31971705,32094921&source=js_tag&a_id=177839
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.203.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-203-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tr
www.facebook.com/ 0
31 B 23ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1127198331274530&ev=ViewContent&cd[rtb_id]=32094921&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:23:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=32094921
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921

43 B
1 KB

30ms
29ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 04:23:33 GMT
AN-X-Request-Uuid: f57b7cd1-fbab-4b28-8735-d2f09b8f9bf4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 04:23:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3cfab318-315d-489c-aa7a-b76e3fd6ae8c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
31 B 23ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1127198331274530&ev=ViewContent&cd[rtb_id]=31971705&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:23:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=31971705
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705

43 B
1 KB

31ms
31ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 04:23:33 GMT
AN-X-Request-Uuid: e2fb56d4-ee1d-41c4-bb00-a621d500a65b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 04:23:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ec08f85c-b75e-4fff-b51b-f328d544b353
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
31 B 23ms
22ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1127198331274530&ev=ViewContent&cd[rtb_id]=31305467&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:23:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=31305467
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467

43 B
1 KB

31ms
30ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 04:23:33 GMT
AN-X-Request-Uuid: 26736160-2334-42d3-8b98-4a1f7545aa9d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 04:23:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ae873a30-1f13-4dee-b738-f4d6ab4032c5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gesundheitspaket.community/	1970-01-20 11:04:06	Name: _gcl_au Value: 1.1.478702905.1673670212
www.gesundheitspaket.community/	1970-01-20 08:55:56	Name: __ss Value: 1673670212620
www.gesundheitspaket.community/	1970-01-20 08:54:33	Name: __ss_referrer Value: https%3A//www.gesundheitspaket.community/
.marketingautomation.services/	1970-01-20 18:30:30	Name: koitk Value: 202301%7C63c22e440cd47f3a5a664f2e
www.gesundheitspaket.community/	1970-01-20 18:30:30	Name: __ss_tk Value: 202301%7C63c22e440cd47f3a5a664f2e
.prfct.co/	1970-01-20 18:30:30	Name: pa_uid Value: pa_k6ejbb9TmDugEJFDr
.gesundheitspaket.community/	1970-01-20 11:04:06	Name: _fbp Value: fb.1.1673670213354.1592930765
.prfct.co/	1970-01-20 18:30:30	Name: pa_twitter_ts Value: 1673670213426
.prfct.co/	1970-01-20 18:30:30	Name: pa_yahoo_ts Value: 1673670213473
.prfct.co/	1970-01-20 18:30:30	Name: pa_openx_ts Value: 1673670213509
.prfct.co/	1970-01-20 18:30:30	Name: pa_rubicon_ts Value: 1673670213509
.prfct.co/	1970-01-20 18:30:30	Name: pa_google_ts Value: 1673670213513
.adnxs.com/	1970-01-20 11:04:06	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hb<J8j8c!@wnf-Te9(>wL5L!!'*M$Rz0k
.adnxs.com/	1970-01-20 11:04:06	Name: uuid2 Value: 6268370086409456506
.yahoo.com/	1970-01-20 17:40:27	Name: A3 Value: d=AQABBEUuwmMCEFFUUiO8_-nuN0o_FgMK8vAFEgEBAQF_w2PMYwAAAAAA_eMAAA&S=AQAAAn2aOwZV_SBnj7nkM-GovAc
.analytics.yahoo.com/	1970-01-20 17:40:06	Name: IDSYNC Value: 18z4~29es
.twitter.com/	1970-01-20 18:30:30	Name: personalization_id Value: "v1_Qp7Bjxqx6qGgC2MxeWLc1w=="
.doubleclick.net/	1970-01-20 18:16:06	Name: IDE Value: AHWqTUlHXtFRQxWVDOAbzb-B1ZNc8XXkgjehTUx-qcD0aZPdrLsGsT-Pm_m54cpJqEU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.funnelcockpit.com
cm.g.doubleclick.net
connect.facebook.net
googleads.g.doubleclick.net
koi-3qnq9j78vy.marketingautomation.services
pixel-geo.prfct.co
pixel.rubiconproject.com
secure.adnxs.com
static.funnelcockpit.com
tag.perfectaudience.com
ups.analytics.yahoo.com
us-u.openx.net
www.digistore24.com
www.facebook.com
www.gesundheitspaket.community
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.131
130.211.21.179
142.250.185.162
151.101.2.217
185.89.210.212
2a00:1450:4001:810::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:830::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
3.126.56.137
31.25.12.20
35.244.159.8
45.138.175.224
52.214.203.9
69.173.144.139
94.130.226.120
066599a23ff885af740c351c59ab9dfadd02b799a66686c0d7c1a1f95997a544
0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3
1029fcd653baa4a0cb240b6c456877aa4ebb39499b767b73b03545df5510bb4f
22ad37448db0a25b83f9ac4673ffb992af2c5b62cd3eedd669b2de0e87355980
27fd80d6a899107f7308f178315800eb2115d29cd669192fe592708e4ef1b678
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3f1a14fe7f5be80b8029b869b7675954d5d6ab89fa6265fce3c68120a3e98d2d
4360a00ff206a0046f0dc89d380d63c021903a5ae244bddf9bc928ad22f9a7c3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341
55d424909a75b330118328e0c0d4dc02bf940a34032f48556babd256203a7a35
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5b975789f62e87ed0e4f6b13fe79566a93ec8bd72de06d15aa69020317eedd81
5cb925c08ba850f28828ce7c2fcb1ec419088eeaef9614bcaca9c8532f77bb86
7194856f584c2055e9c3b96f641b4486f6d8c842914b9d152abffd732b97fc4a
71ecf4b619a6860283409bb385034101e0862a6c190d4ab8a2aa24b1d3733019
7f8fbab1a90fff6548aff9c0254945f2bb72b97914cf79e362be4823419d7f5b
7fc59520963fa16b6d9159d0ec7b9f056d1cf3edd56cfb3ed39b0dfb0cb1a4f0
868a4addc34df2fafd1f564d8896b11169a3a7288a6c17a5a5b8baefbe155c45
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
abb3a9c291145389a1a04fd1adb9383f1541098931cae62b46b914f00d604d5c
ac2ac91b714c3b2122ecdc9e9bbaedfbec5ed081133a4a367a561e153d05ae53
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad51efb57b61ff4ed23dd3a62be3f5f6fc012191306c669bda8c6e63218799fc
c29e56f946e6e39f14f19fcea8f39f64a610d8b51aaf2aa43a5c35ec61d43c0e
d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb
d22d0ddf358369ddb3be5a2d4149f4ac4c44b9587f4b6122da091882e8e767df
d9e64ed398d66c20c5564e91b240512aa41b0d1d5e5b15fefeaea208f70e0a8c
dc7787c933a41bfa49fef9555e2b565f4392bfebb22bac223aba78c315fb9f42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e40ddcdf5ccd999ea0d229df7158bee481db198e293e2779138f90377b5bba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13fc13b9290a05e50e615debe705c343fcc797b921bff3aade7d8650fe9f7f2

www.gesundheitspaket.community Open in urlscan Pro 45.138.175.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

79 %HTTPS

37 %IPv6

17 Domains

19 Subdomains

18 IPs

4 Countries

667 kBTransfer

1654 kBSize

18 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gesundheitspaket.community Open in urlscan Pro
45.138.175.224 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

79 %
HTTPS

37 %
IPv6

17
Domains

19
Subdomains

18
IPs

4
Countries

667 kB
Transfer

1654 kB
Size

18
Cookies

48 HTTP transactions
0 data transactions