www.gesundheitspaket.community Open in urlscan Pro
45.138.175.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gesundheitspaket.community/
Effective URL:
https://www.gesundheitspaket.community/
Submission: On January 14 via automatic, source certstream-suspicious (January 14th 2023, 4:25:39 am UTC) — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 48 HTTP transactions. The main IP is 45.138.175.224, located in Germany and belongs to COMBAHTON combahton GmbH, DE. The main domain is www.gesundheitspaket.community.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 14th 2023. Valid for: 3 months.

This is the only time www.gesundheitspaket.community was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.138.175.224 45.138.175.224	30823 (COMBAHTON...) (COMBAHTON combahton GmbH)
17	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	31.25.12.17 31.25.12.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	130.211.21.179 130.211.21.179	15169 (GOOGLE) (GOOGLE)
4	159.69.147.208 159.69.147.208	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6 10	34.243.222.134 34.243.222.134	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5 8	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
48	18

2 45.138.175.224 (Germany) 1 redirects

ASN30823 (COMBAHTON combahton GmbH, DE)

gesundheitspaket.community	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gesundheitspaket.community	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.funnelcockpit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.25.12.17 (Switzerland)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

www.digistore24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.21.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.21.211.130.bc.googleusercontent.com

koi-3qnq9j78vy.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.147.208 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.147.69.159.clients.your-server.de

api.funnelcockpit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.243.222.134 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-222-134.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.244 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	funnelcockpit.com static.funnelcockpit.com — Cisco Umbrella Rank: 681525 api.funnelcockpit.com — Cisco Umbrella Rank: 919749	497 KB
10	prfct.co 6 redirects pixel-geo.prfct.co — Cisco Umbrella Rank: 14804	4 KB
8	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 413	8 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	278 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	91 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	492 B
2	marketingautomation.services koi-3qnq9j78vy.marketingautomation.services	6 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	2 KB
2	gesundheitspaket.community 1 redirects gesundheitspaket.community www.gesundheitspaket.community	7 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 306	239 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 420	273 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 618	393 B
1	perfectaudience.com tag.perfectaudience.com — Cisco Umbrella Rank: 17638	4 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5983	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	digistore24.com www.digistore24.com — Cisco Umbrella Rank: 197894	836 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	53 KB
48	17

	Domain	Requested by
17	static.funnelcockpit.com	www.gesundheitspaket.community static.funnelcockpit.com
10	pixel-geo.prfct.co	6 redirects
8	secure.adnxs.com	5 redirects
4	www.facebook.com
4	api.funnelcockpit.com	static.funnelcockpit.com
3	connect.facebook.net	tag.perfectaudience.com connect.facebook.net
2	ups.analytics.yahoo.com	1 redirects
2	koi-3qnq9j78vy.marketingautomation.services	www.gesundheitspaket.community koi-3qnq9j78vy.marketingautomation.services
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com
1	us-u.openx.net
1	analytics.twitter.com
1	tag.perfectaudience.com	koi-3qnq9j78vy.marketingautomation.services
1	www.google.de	www.gesundheitspaket.community
1	www.google.com	www.gesundheitspaket.community
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.digistore24.com	www.gesundheitspaket.community
1	www.googletagmanager.com	www.gesundheitspaket.community
1	www.gesundheitspaket.community
1	gesundheitspaket.community	1 redirects
48	20

This site contains no links.

Subject Issuer	Validity	Valid
www.gesundheitspaket.community ZeroSSL ECC Domain Secure Site CA	`2023-01-14` - `2023-04-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
digistore24.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.marketingautomation.services GlobalSign RSA OV SSL CA 2018	`2022-06-03` - `2023-07-05`	a year	crt.sh
*.funnelcockpit.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-21` - `2023-10-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.perfectaudience.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-23` - `2023-01-21`	3 months	crt.sh
*.prfct.co GlobalSign RSA OV SSL CA 2018	`2022-10-28` - `2023-11-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.gesundheitspaket.community/
Frame ID: 6BFBBB7CFF71A75BF8945F61410A66EE
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eintragung zur Warteliste Gesundheitspaket

Page URL History Show full URLs

https://gesundheitspaket.community/ HTTP 301
https://www.gesundheitspaket.community/ Page URL

Detected technologies

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

48
Requests

79 %
HTTPS

37 %
IPv6

17
Domains

20
Subdomains

18
IPs

4
Countries

668 kB
Transfer

1654 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gesundheitspaket.community/ HTTP 301
https://www.gesundheitspaket.community/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://pixel-geo.prfct.co/tagjs?a_id=177839&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag

Request Chain 34

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202301|63c22ebe3e4e421be5673f52&pid=pa_kfNsu9Dlo0fSyFAJk HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202301%7C63c22ebe3e4e421be5673f52%26pid%3Dpa_kfNsu9Dlo0fSyFAJk HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=3728991066452918205&sid=202301|63c22ebe3e4e421be5673f52&pid=pa_kfNsu9Dlo0fSyFAJk

Request Chain 35

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_kfNsu9Dlo0fSyFAJk

Request Chain 36

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_kfNsu9Dlo0fSyFAJk&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_kfNsu9Dlo0fSyFAJk&_origin=1&verify=true

Request Chain 37

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_kfNsu9Dlo0fSyFAJk

Request Chain 38

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_kfNsu9Dlo0fSyFAJk

Request Chain 39

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfa2ZOc3U5RGxvMGZTeUZBSms HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 42

https://secure.adnxs.com/seg?t=2&add=32094921 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921

Request Chain 44

https://secure.adnxs.com/seg?t=2&add=31971705 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705

Request Chain 46

https://secure.adnxs.com/seg?t=2&add=31305467 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gesundheitspaket.community/
Redirect Chain

https://gesundheitspaket.community/
https://www.gesundheitspaket.community/

30 KB
7 KB

188ms
36ms

Document
text/html

45.138.175.224
COMBAHTON combaht...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.138.175.224 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software: Caddy /
Resource Hash: d9e64ed398d66c20c5564e91b240512aa41b0d1d5e5b15fefeaea208f70e0a8c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 04:25:33 GMT
server: Caddy
vary: Accept-Encoding

Redirect headers

date: Sat, 14 Jan 2023 04:25:33 GMT
location: https://www.gesundheitspaket.community/
server: Caddy

GET
H2 200 funnel-page.css
static.funnelcockpit.com/assets/css/ 526 KB
81 KB 84ms
60ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=5f97f633fc4cc424
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb3a9c291145389a1a04fd1adb9383f1541098931cae62b46b914f00d604d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Dec 2022 21:39:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: NE65NGZQKYNKGVBH
etag: W/"066ce9b0881cc4eb88c2e82c3b1a362d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6LNsUIMzmTmVHgKMprNYi7JB8I9bbnRNGwJRR0Cq9XZM3H9wjAxzG6O%2FlIGDqD13Bb4PPkxnf874%2B7DLZnjfXozqgfLwi0yN7a3HF%2F3Yco9w4aDzJjrs1Lb5BInlYvecuQtO3GMeaMcypZXAtpceCbPRuhFVA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 78939bc32bffbbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VmtnMo1tGitTE6rCzxbQYecsF4ZWVAeos+vF/qIUmd2sVX4svnxViLxmb5fNsNaY/Qy+7zWHdak=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
53 KB 51ms
20ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10990549112

Requested by

Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0acde15b5f57482ea56b9cf91be0de2aad264587c79191639e58ad10c367c575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53741
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Jan 2023 04:25:33 GMT

GET
H2 200 fdf16b98352eb0001ae7f28e3dfc02d3.webp
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 90 KB
91 KB 109ms
108ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/fdf16b98352eb0001ae7f28e3dfc02d3.webp
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066599a23ff885af740c351c59ab9dfadd02b799a66686c0d7c1a1f95997a544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8VTFN7GAZ4QZ6FMF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92504
x-amz-id-2: JdBNPSDnQD8dtDjirbef6QE5TUnXXQ1heBkYHE3zOfwzPXcOWW7Bj326KIWmSeYA4KF9UR9CTcI=
last-modified: Wed, 14 Dec 2022 09:27:40 GMT
server: cloudflare
etag: "58d6112f16cfd226e402ecbba7705e65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5eFtV%2B0c4pnXF0FNmT1mMqUCugiuJxNR%2FL8IrmkU9ZX3FKcQwiEQ83NSH8W4jCE1P6YmyCWr1wYqHDo6LJwMuj%2FepoOHhWvgrVXzmd2nboWDgUNSEWeoJKBmZppxltdPgfJgGxZD6Tkmmai5%2FTgbk790KZKql8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78939bc38c6bbbcb-FRA

GET
H2 200 funnel-page.js Show response
static.funnelcockpit.com/assets/js/ 101 KB
34 KB 46ms
45ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1029fcd653baa4a0cb240b6c456877aa4ebb39499b767b73b03545df5510bb4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Dec 2022 21:39:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: NE61TAG4C04YYYZE
etag: W/"d08993b64edf6c1fba287989ccd90b0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGaCdgAmoM3eyCTH3YK%2BrPatv8YfkBbfwMaUvGCRjMEQcJJcXhvo5QjY4lI81Ao2kS8UiENtem3S8bdrfjL4Wb%2BRDnJwVuFrRlIggrq7eoxvPECE61w6xawDlRDYc%2B1%2FsuOLUOelenSyg%2F8AQQtXhnvsOilRazw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 78939bc39c72bbcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WUSD10JJHsjqN/uPQnEKpUaUj+8gWrFakNcp3778Owbdpe0efvIzFP7NthQTUEQz1hali8jhmKI=

GET
H2 200 96efa99e76c624d24c98e924ff775ca4e30f2664ce9202c74a40b2c33dbd89f0.js Show response
www.digistore24.com/track_info/247139/ 1 KB
836 B 118ms
66ms Script
text/javascript 31.25.12.17
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digistore24.com/track_info/247139/96efa99e76c624d24c98e924ff775ca4e30f2664ce9202c74a40b2c33dbd89f0.js?affiliate=digistore24AffiliateId
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.25.12.17 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: envoy /
Resource Hash: 7fc59520963fa16b6d9159d0ec7b9f056d1cf3edd56cfb3ed39b0dfb0cb1a4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: gzip
via: 1.1 google
x-envoy-decorator-operation: null
server: envoy
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
x-envoy-upstream-service-time: 31
x-robots-tag: noindex, nofollow, noarchive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 565

GET
H3 200 272a0a3836513609f167a5c91418403f.jpg
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 81 KB
81 KB 131ms
131ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/272a0a3836513609f167a5c91418403f.jpg
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ecf4b619a6860283409bb385034101e0862a6c190d4ab8a2aa24b1d3733019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8VTDDB0G6C24ZPFT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82697
x-amz-id-2: ZBlQ4U60BETfRA5/zDikOXKQyD5upxfDMTusgGabMDWrf/oNsyX7fjH9PVCnqBrwOhahPnl8yOI=
last-modified: Wed, 14 Dec 2022 09:02:06 GMT
server: cloudflare
etag: "579472757b328488e57f5e9671006445"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbeyyJwU%2F71KBAT%2BoBStR%2Bn%2BmvwYX%2F0PUT2sm5gWBj9XQkV9vIFrFZSBzSeJpKg7a3FDCsBp38FoHzSTq12ZhJHJzJSTDIUzGs7UCSCfJRB7Lg4K%2F%2BOo1Ng6kz5gobq9chnZKYgvU4cNoqFLbmL6bUzjnrQ14bY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78939bc3cac32bdc-FRA

GET
H3 200 9ad41639a09d3d58acedd060f056acd6.jpg
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 31 KB
31 KB 76ms
75ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/9ad41639a09d3d58acedd060f056acd6.jpg
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ad37448db0a25b83f9ac4673ffb992af2c5b62cd3eedd669b2de0e87355980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8VT6XZJTK58ZCHY0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31374
x-amz-id-2: 4OfwYg0vOksky11ee/79lxbJsDCL8xjScW9TUdfO64yPQNzZU8yaqywo3oHEo/LB0TgRUhxt+Lc=
last-modified: Wed, 14 Dec 2022 09:14:05 GMT
server: cloudflare
etag: "6bbbc9d4cbbfe12bfbafdaadb72bd5ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7SPhkRj8XZ0lM3GEoT1dgLuXaaP30a9tknldd5dS%2F3lI5UW8v%2FreETGsqELsYBUcT5MQuJLAI6mgoc9%2FCcECUY92dZIcO2SGiT9PnUySYx8z2Tw2XIQ%2FDZ0K7IarKDp%2F7%2BCNYfJUgKKan4BB1uUKVfcXK1%2B%2BCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78939bc3cac62bdc-FRA

GET
H3 200 e254e5cd16a6656b1ef04f02deefefff.webp
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 38 KB
38 KB 66ms
65ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/e254e5cd16a6656b1ef04f02deefefff.webp
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d22d0ddf358369ddb3be5a2d4149f4ac4c44b9587f4b6122da091882e8e767df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8VT1DWY4BKYYWVX4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38436
x-amz-id-2: 9nPGB0bBGd4FOEMNfW5W+sC2dg6TIe3HEF3TNtbqliVZYDGE0O88pzScWA7FZzPnDF1tpBvVA+Q=
last-modified: Wed, 14 Dec 2022 09:11:58 GMT
server: cloudflare
etag: "20de649e565b564bce050e6060b30e77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVSzSlqBEI65gPFMKRTox4dz4jSyIAzuuo2PcEZTIyI3R1Zh8xmiyVzbK6AaGFd6u9XQ9Od%2BsheK3iCFG9QzkQ1ocDJTYAWejfGUgC2EhnJReqdcK%2F2CYmduhqMjM5m1EentdX%2BGrtHV7gg6kjpyTpwixNtOjlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78939bc3cac72bdc-FRA

GET
H3 200 9f9475a2f1af2063799eb298971cc012.webp
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/ 51 KB
51 KB 72ms
72ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/9f9475a2f1af2063799eb298971cc012.webp
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b975789f62e87ed0e4f6b13fe79566a93ec8bd72de06d15aa69020317eedd81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8VTE20H3PXR5X4FE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52084
x-amz-id-2: 3BSiZ2bZi8YRiwHhi7gan8yTGoq6HYCVQOS+oM/qZsHpNbBZaV512Abd/EDDkAW51edPqLlozVI=
last-modified: Wed, 14 Dec 2022 09:11:42 GMT
server: cloudflare
etag: "49ad037a60054d42f7561bdf902f5c9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDMPpn0k58d13LXJcCnow4HtuBetOniPZPu4Pg06NNq59bPIAyfGodC4csuiiwNJmtf85x2Nv1CZlkUN1O%2FQTFcf7P6h2Kw1JfaXwAegiLYvuJHbbOhYWSN1L%2BkixO74VRpwnV1pWJhAj68elmFgRC4QaE7RFdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78939bc3cac82bdc-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10990549112/ 2 KB
1 KB 102ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10990549112/?random=1673670334066&cv=11&fst=1673670334066&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tiba=Eintragung%20zur%20Warteliste%20Gesundheitspaket&auid=878372681.1673670334&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10990549112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0520faa8aab21b2da4792bff0805d09653db38303e55898e5f4c22a2f3639fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 901
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ss.js Show response
koi-3qnq9j78vy.marketingautomation.services/client/ 12 KB
5 KB 172ms
108ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnq9j78vy.marketingautomation.services/client/ss.js?ver=2.4.0
Requested by: Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.21.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.21.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: 0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 15 Dec 2022 14:32:53 GMT
server: openresty
etag: W/"639b3015-2fe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 21 Jan 2023 04:25:34 GMT

OPTIONS
H2 200 track-page-visit
api.funnelcockpit.com/ 0
0 55ms
12ms Preflight 159.69.147.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-page-visit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.208.147.69.159.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gesundheitspaket.community
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
date: Sat, 14 Jan 2023 04:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H2 200 track-page-visit Show response
api.funnelcockpit.com/ 0
384 B 84ms
62ms XHR
text/plain 159.69.147.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-page-visit

Requested by

Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.208.147.69.159.clients.your-server.de

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesundheitspaket.community/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
cache-control: private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
x-xss-protection: 1; mode=block

GET
H3 200 9657.da09a34149603f1ecd6e.js Show response
static.funnelcockpit.com/assets/js/chunk/ 54 KB
18 KB 18ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/9657.da09a34149603f1ecd6e.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f13fc13b9290a05e50e615debe705c343fcc797b921bff3aade7d8650fe9f7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 353AKC1HCPXCHV6X
age: 4235
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 52Be8fPmdWtmbH9yDHHzPJCNcktWNid6QjxiRUf6Jt2dHYfBmAVVVT+dMlzM/QMgXFv9r0Jnlh0=
last-modified: Thu, 29 Dec 2022 21:39:13 GMT
server: cloudflare
etag: W/"68da351064488be15a21aa017ccdd3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKKxqOlBpcyYppIFjr%2BtQN3uHVNGxTOmlOOgZPsv7uU%2BZqvErdk17T4LSTa3pLZk0KB4aNzUuAC%2BVefYEnT4TcobvES5vtKP8Sm975LCaJnBUdJTcw5MnUTaE8KSxvba4PTbZbC7L9O4kN8gPifAH36St%2FU3EfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 78939bc40afa2bdc-FRA

GET
H3 200 5204.35703219d0c56810eae8.js Show response
static.funnelcockpit.com/assets/js/chunk/ 28 KB
10 KB 37ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/5204.35703219d0c56810eae8.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d424909a75b330118328e0c0d4dc02bf940a34032f48556babd256203a7a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SJ3A1PPDEMBJ190F
age: 7003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FRnmK67dSoJ0mP+6/0phCPZiNijnywfUhFcuURSf/Co1wmrzs4DAnO7gp9WTr6Qie7ZAyPr9gxY=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"ee85110bb30cb1c75c8c26707ae4d693"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4clXUEdIPgs7m5tpJGO5uA%2Bq86aUlEVmYqwDJkQW7CnG85QXqrkODkicxfS1CkCH3X2M6QjLd3SVYr3vTESEIvRj%2BUkT14a9flJRTAwlhzzWEuvmzIzw5HkiTfby9bdOqRZVfNFD2SzMkQHo%2FiQIiHBWKPKj7Yw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 78939bc40afc2bdc-FRA

GET
H3 200 2681.f9ebe191577409e358e3.js Show response
static.funnelcockpit.com/assets/js/chunk/ 4 KB
2 KB 16ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/2681.f9ebe191577409e358e3.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 353AB7DMPKXD0M71
age: 4428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: wyhOAnSFKaHh3vqFpeN9fTfSojaNzn9ONeLpU75xY3c/cxOrp7dusp6HHam3KdINMHtDI+j2cNQ=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"45823df5200104062056ad9fe02fc457"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz7o723xhaOW5RX2QDdOGZzwssQOA%2BR8WPWsNVDG2TG02%2BQx%2Fr5bhflZ%2FX0Jgd9Jpnu0EblLma3Ne8mBjKSDadGoDA7Ws1K2lzfDrVtHvoOfynBcR5Dwv9cKmP5hMiUvrlgx5zVB8QRnepmhbj5SbY1BBGHtMYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 78939bc40afd2bdc-FRA

GET
H3 200 1304.31030298a02161531ca7.js Show response
static.funnelcockpit.com/assets/js/chunk/ 5 KB
2 KB 15ms
14ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/1304.31030298a02161531ca7.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q09HAFPYX8PZAYG5
age: 2369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: I1X/zk/nOhTmnSyFaZzwL+jfSWpmTYKuQbimRc0qq3VCUMdKX09iQ+vD2SjKp5eXV+rhYfn7J7k=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"789b48c7404e9ed9881c4fbd1f97afbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XRKJlxpokorr2OHiNw3WRcpYGJCAkgarqbsKoDldxAyvA3D1riFZeFbLAoG%2BQQtEYvXNJJ79j50sbo0CGUURaqnJHoKS8b3wwh1SoV1Ul9GmXI1EC6mq849z9i4UniAwgaYufyxomF3L1EQL5w6s%2FDCn4bNGh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 78939bc40afe2bdc-FRA

GET
H3 200 3063.1ad011790bded2b097a6.js Show response
static.funnelcockpit.com/assets/js/chunk/ 11 KB
4 KB 16ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/3063.1ad011790bded2b097a6.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad51efb57b61ff4ed23dd3a62be3f5f6fc012191306c669bda8c6e63218799fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q09HFEDZAT872XWQ
age: 154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: eBtTe70xWi1nXzXDeL5VhpZa9KuV9vpolL2A+HyggQ1pJTdG61K/1HVbbS+Xzoc3VbwOW8rmqIY=
last-modified: Thu, 29 Dec 2022 21:39:12 GMT
server: cloudflare
etag: W/"47ad478609b60675d18a8ce35bd89f05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmMXBP9yCz2Q%2BXW0L4Vo8bFbN%2Ffap11KLUZEuuTOCLc7isZ9sEKElO3YRh62i90RJXRe1lxHJ%2BYng97N20w%2F7CYw%2FKuP8nkqHEK0%2BAFOoAr05ZSXRFs55xNW7u9fCSyU72AmkmeYWL%2FBc%2FLshwu9soNbKil3XfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 78939bc40aff2bdc-FRA

GET
H3 200 8505.ad6806a0cdf9696bb9c9.js Show response
static.funnelcockpit.com/assets/js/chunk/ 504 B
886 B 16ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/8505.ad6806a0cdf9696bb9c9.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e40ddcdf5ccd999ea0d229df7158bee481db198e293e2779138f90377b5bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6YQ30FHQ1GJNGXAG
age: 928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: r9QXqcbZVAaMSbiZUtHPIYkuyn6GGwWdbQTIWjhZMGO7JJVMW7r9TQijSjYGm5AZqpa5quZX34Q=
last-modified: Thu, 29 Dec 2022 21:39:13 GMT
server: cloudflare
etag: W/"7bed94deb53e74d53a0fdcc708ab7cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MXACAdh3eRwAjFxtaxYIkKbZZ8xFZQ1VUK%2FX0gGHOIc2PfMz3gH%2FYjc0DZstm0bsCmzrcz%2Bk9KCxEVbQLCkjUmT5vzLB1UDKPD6ZVs6BQIucQfgGQCRkfKUHFv53v2SLEgpNFyU6ktu0Q2X%2FJ9AZaoKzHrZLV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 78939bc40b002bdc-FRA

GET
H3 200 kumbh-sans.css
static.funnelcockpit.com/assets/css/fonts/ 2 KB
880 B 39ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27fd80d6a899107f7308f178315800eb2115d29cd669192fe592708e4ef1b678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Dec 2022 21:39:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 3FVE9JZPX1FPVGDD
etag: W/"8523826d84ca39895a6842b99309e08c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12XZC3rLre%2BjBNpvsupy6dlkoRHGFWrxWhxPobgDBglSOHNa9Bi6qvM1qsykM8zyWuhJWY6zLas%2Fx87DzVB5xkyd7tlseHEtQSHq3sV8uXeazG2We4KEr7Y8MvrrRhRm7AuWTKjK2E7zoZ7evRw0Qpeb6GI7arc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 78939bc40b012bdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6WDxnsPySOGKvhvB1RPubomcNKW3eg1xnBckPsuHMK5vsZYU16b3cCqKSOn/n287b4hsesi8MdY=

GET
H3 200 material.css
static.funnelcockpit.com/assets/css/fonts/ 77 KB
16 KB 17ms
17ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/fonts/material.css?v=5f97f633fc4cc424
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7194856f584c2055e9c3b96f641b4486f6d8c842914b9d152abffd732b97fc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJGZQKYQ8NTFSQCC
age: 4016
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kBfAn9SV0O8fSLVBNdP/IzP3hQVnJ8NUT2zzqcYBoOaM/1bfxU0prybER3qL9yicOyc9t290KHk=
last-modified: Thu, 29 Dec 2022 21:39:17 GMT
server: cloudflare
etag: W/"f355f75488ecba3c8210f6eb832050ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0ogVsB7Gq%2B2Hyg01YUZF4undY15Sk3EXVV7JSJPtucLSsRdmOyzyN240lb7SaUar64m6BacgBrIlm37F2OxATFIEvuySYSszBbWzVI3Um%2FA7wQu4jgsvAekROmy7xmkLe%2Fc2cQlpVYTPC5liX7h4x3clK2N5jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 78939bc40b022bdc-FRA

OPTIONS
H2 200 track-survey-view
api.funnelcockpit.com/ 0
0 11ms
11ms Preflight 159.69.147.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-survey-view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.208.147.69.159.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gesundheitspaket.community
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
date: Sat, 14 Jan 2023 04:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H2 200 track-survey-view Show response
api.funnelcockpit.com/ 0
337 B 35ms
35ms XHR
text/plain 159.69.147.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-survey-view

Requested by

Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/chunk/5204.35703219d0c56810eae8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.208.147.69.159.clients.your-server.de

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gesundheitspaket.community/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://www.gesundheitspaket.community
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
x-xss-protection: 1; mode=block

GET
H3 200 kumbh-sans-v5-latin-regular.woff2
static.funnelcockpit.com/assets/fonts/ 17 KB
18 KB 62ms
52ms Font
binary/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/kumbh-sans-v5-latin-regular.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29e56f946e6e39f14f19fcea8f39f64a610d8b51aaf2aa43a5c35ec61d43c0e

Request headers

Referer: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Origin: https://www.gesundheitspaket.community
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8VTEA2HWHVTEQHX9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17624
x-amz-id-2: hKNJV5XQ6WiCUPe++eyKE6NgbUaN0JATCUX0l0ER+qBIlSRP8Yfk7//uzae34Am3a5lI7YISVwY=
last-modified: Thu, 29 Dec 2022 21:39:33 GMT
server: cloudflare
etag: "e3653cc32513bd8a508d885acef0c7ef"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AYfWb7XH67g2WCn%2Fi7U3sm2w9%2Bv6LeVoI9devick1DQaezM4wQwRH2A71YXhjBkUD%2FR1JJ3DrgqtY9c54VIQsmlsj5YwbiessO89lkhkGHnK8UIRWuwmvF7OlbxY%2BbMGG5WRGXw2rsC3UKFcqaMkyIbRK504ko%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78939bc469049b7d-FRA

GET
H3 200 kumbh-sans-v5-latin-700.woff2
static.funnelcockpit.com/assets/fonts/ 17 KB
17 KB 66ms
59ms Font
binary/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/kumbh-sans-v5-latin-700.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2ac91b714c3b2122ecdc9e9bbaedfbec5ed081133a4a367a561e153d05ae53

Request headers

Referer: https://static.funnelcockpit.com/assets/css/fonts/kumbh-sans.css?v=5f97f633fc4cc424
Origin: https://www.gesundheitspaket.community
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8VTEEGSGECH7M1TT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17060
x-amz-id-2: ZcPMUuUOG1o582gIWtRbItD0hbot+xvepFh1TIfQGLSzOdroFs9KWphWIBkWq3k8/mUMFwzry10=
last-modified: Thu, 29 Dec 2022 21:39:33 GMT
server: cloudflare
etag: "57062e46d835c8d428e1374f307eea59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPjraYpxo7oKIvuytt51x%2FQRT6OXNTsJIsgKHee4Y9pS5WhfKB3KdFeDDEVv%2BmBc34kRAq%2FdXUduJhCOl%2FoztP6hnj%2FxGlmRkaum3pS6oCAqJdj9u5JvzoDXl17DujKzCvZrhGYimfaI%2B%2Fr1vPmEw0wm%2FznbaBQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78939bc469059b7d-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/10990549112/ 42 B
548 B 382ms
68ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10990549112/?random=1673670334066&cv=11&fst=1673668800000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tiba=Eintragung%20zur%20Warteliste%20Gesundheitspaket&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3064063457&rmt_tld=0&ipr=y

Requested by

Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:25:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10990549112/ 42 B
548 B 354ms
48ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10990549112/?random=1673670334066&cv=11&fst=1673668800000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tiba=Eintragung%20zur%20Warteliste%20Gesundheitspaket&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3064063457&rmt_tld=1&ipr=y

Requested by

Host: www.gesundheitspaket.community
URL: https://www.gesundheitspaket.community/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:25:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 koi Show response
koi-3qnq9j78vy.marketingautomation.services/ 148 B
604 B 170ms
168ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qnq9j78vy.marketingautomation.services/koi?rf=&hn=www.gesundheitspaket.community&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1673670334477&ac=KOI-4M4L6AW80Y&ts=1673670334&pt=0&pl=0&loc=https%3A%2F%2Fwww.gesundheitspaket.community%2F&tp=page&ti=Eintragung%20zur%20Warteliste%20Gesundheitspaket

Requested by

Host: koi-3qnq9j78vy.marketingautomation.services
URL: https://koi-3qnq9j78vy.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.21.179 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

179.21.211.130.bc.googleusercontent.com

Software

openresty /

Resource Hash

9679c45c888f1262375b9b646db8b3086d50885e4474a92b4d0305fff20f77e4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:25:34 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Sat, 14 Jan 2023 04:25:34 GMT
server: openresty
via: 1.1 google
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-84855df6cc-444jh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 62f0e22d1ed307007c00002d.js Show response
tag.perfectaudience.com/serve/ 13 KB
4 KB 37ms
7ms Script
text/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/62f0e22d1ed307007c00002d.js

Requested by

Host: koi-3qnq9j78vy.marketingautomation.services
URL: https://koi-3qnq9j78vy.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

4360a00ff206a0046f0dc89d380d63c021903a5ae244bddf9bc928ad22f9a7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220088-HHN
date: Sat, 14 Jan 2023 04:25:34 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
server: Cowboy
age: 122
x-timer: S1673670335.768206,VS0,VE1
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4358
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 40ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/62f0e22d1ed307007c00002d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 04:25:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vD0+x+gtsDwGhcocuDlsq0+ojlkAjxN1X68NsfoDJk11DV8zogFUAXHsAaWKXbdWhI3tcdTd6nWpNulkm2iEEg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=177839&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag

125 B
454 B

32ms
31ms

Script
text/javascript

34.243.222.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag
Protocol: HTTP/1.1
Server: 34.243.222.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-222-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c456ecdc797124af4cdf6cca3397d5f719aa7da3c39b015eba00354332b25c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=177839&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 1127198331274530 Show response
connect.facebook.net/signals/config/ 149 KB
42 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1127198331274530?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc7787c933a41bfa49fef9555e2b565f4392bfebb22bac223aba78c315fb9f42

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 04:25:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ltpEEHqbbTh41xh1wLtdAKalt2hnljGYYazzOdfFmYE70s6rVZkJTLXcnk5Fc7YrzG4OYDg9cHLGa6EiLF6XsQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
21 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.92

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 04:25:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wruv+YAVOetIB4Ge4GoDI9brjseFQO+lSXtvqlML3iB1zMp6nOHpBP99DCricVCHLN2sm03+wFupVnV2zQRgow==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 31ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1127198331274530&ev=PageView&dl=https%3A%2F%2Fwww.gesundheitspaket.community%2F&rl=&if=false&ts=1673670334947&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=28&fbp=fb.1.1673670334946.578150328&it=1673670334830&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:25:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202301|63c22ebe3e4e421be5673f52&pid=pa_kfNsu9Dlo0fSyFAJk
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202301%7C63c22ebe3e4e421be5673f52%26pid%3Dpa_kfNsu9Dlo0fSyFAJk
https://pixel-geo.prfct.co/usermap/?xid=3728991066452918205&sid=202301|63c22ebe3e4e421be5673f52&pid=pa_kfNsu9Dlo0fSyFAJk

43 B
256 B

33ms
31ms

Image
image/gif

34.243.222.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=3728991066452918205&sid=202301|63c22ebe3e4e421be5673f52&pid=pa_kfNsu9Dlo0fSyFAJk
Protocol: HTTP/1.1
Server: 34.243.222.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-222-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Sat, 14 Jan 2023 04:25:35 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 93095d8d-1ac2-4cb4-ac31-16fa8ff3969e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel-geo.prfct.co/usermap/?xid=3728991066452918205&sid=202301|63c22ebe3e4e421be5673f52&pid=pa_kfNsu9Dlo0fSyFAJk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_kfNsu9Dlo0fSyFAJk

43 B
393 B

177ms
115ms

Image
image/gif

104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_kfNsu9Dlo0fSyFAJk

Protocol

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 103
date: Sat, 14 Jan 2023 04:25:35 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 00ef23c74514de6b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e274ba117ec7aa7c281d2e158ea44fd6c0ca489e3f962e06060e480cfe4a2c98
content-length: 43

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_kfNsu9Dlo0fSyFAJk
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_kfNsu9Dlo0fSyFAJk&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_kfNsu9Dlo0fSyFAJk&_origin=1&verify=true

0
121 B

10ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_kfNsu9Dlo0fSyFAJk&_origin=1&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:25:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_kfNsu9Dlo0fSyFAJk&_origin=1&verify=true
date: Sat, 14 Jan 2023 04:25:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_kfNsu9Dlo0fSyFAJk

43 B
273 B

57ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_kfNsu9Dlo0fSyFAJk
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:25:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_kfNsu9Dlo0fSyFAJk
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_kfNsu9Dlo0fSyFAJk

0
239 B

82ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_kfNsu9Dlo0fSyFAJk
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_kfNsu9Dlo0fSyFAJk
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfa2ZOc3U5RGxvMGZTeUZBSms
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

34ms
33ms

Image
image/gif

34.243.222.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Server: 34.243.222.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-222-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 04:25:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel-geo.prfct.co/cb?partnerId=goo
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 179ms
112ms Image
image/gif 34.243.222.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=31305467,31971705,32094921&source=js_tag&a_id=177839
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.222.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-222-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tr
www.facebook.com/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1127198331274530&ev=ViewContent&cd[rtb_id]=32094921&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:25:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=32094921
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 04:25:35 GMT
AN-X-Request-Uuid: 00be069b-d519-459c-b3df-ff539626398a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 04:25:35 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2b8f7a41-3b42-4b34-9e3e-376c6144c0dc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D32094921
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
31 B 9ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1127198331274530&ev=ViewContent&cd[rtb_id]=31971705&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:25:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=31971705
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705

43 B
1 KB

18ms
16ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 04:25:35 GMT
AN-X-Request-Uuid: d9f58be2-43e6-4d5b-bc95-bdef8eb281d2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 04:25:35 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ada6ac7d-683f-4181-860b-553c902320a3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31971705
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1127198331274530&ev=ViewContent&cd[rtb_id]=31305467&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 04:25:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=31305467
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gesundheitspaket.community/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 04:25:35 GMT
AN-X-Request-Uuid: 31c114fa-43de-4340-aedd-640ff3489b25
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 04:25:35 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7ebc1deb-1e5b-47d2-813a-2e7cd06732c0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D31305467
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gesundheitspaket.community/	1970-01-20 11:04:06	Name: _gcl_au Value: 1.1.878372681.1673670334
www.gesundheitspaket.community/	1970-01-20 08:55:56	Name: __ss Value: 1673670334477
www.gesundheitspaket.community/	1970-01-20 08:54:33	Name: __ss_referrer Value: https%3A//www.gesundheitspaket.community/
.marketingautomation.services/	1970-01-20 18:30:30	Name: koitk Value: 202301%7C63c22ebe3e4e421be5673f52
www.gesundheitspaket.community/	1970-01-20 18:30:30	Name: __ss_tk Value: 202301%7C63c22ebe3e4e421be5673f52
.prfct.co/	1970-01-20 18:30:30	Name: pa_uid Value: pa_kfNsu9Dlo0fSyFAJk
.gesundheitspaket.community/	1970-01-20 11:04:06	Name: _fbp Value: fb.1.1673670334946.578150328
.prfct.co/	1970-01-20 18:30:30	Name: pa_twitter_ts Value: 1673670334992
.prfct.co/	1970-01-20 18:30:30	Name: pa_yahoo_ts Value: 1673670335027
.adnxs.com/	1970-01-20 11:04:06	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2IllkBOl:!]tbP6j2F-XstGt!@De:$lwaU
.prfct.co/	1970-01-20 18:30:30	Name: pa_openx_ts Value: 1673670335055
.prfct.co/	1970-01-20 18:30:30	Name: pa_rubicon_ts Value: 1673670335055
.prfct.co/	1970-01-20 18:30:30	Name: pa_google_ts Value: 1673670335059
.yahoo.com/	1970-01-20 17:40:27	Name: A3 Value: d=AQABBL8uwmMCELS5I6aSx2r4dcmZh91Xe5wFEgEBAQGAw2PMYwAAAAAA_eMAAA&S=AQAAAlBM_PDYxJtIsqK9fS9XwXc
.analytics.yahoo.com/	1970-01-20 17:40:06	Name: IDSYNC Value: 18z4~29es
.adnxs.com/	1970-01-20 11:04:06	Name: uuid2 Value: 3498775925704050532
.twitter.com/	1970-01-20 18:30:30	Name: personalization_id Value: "v1_aroGfX8mLE22kgZy98KSww=="
.doubleclick.net/	1970-01-20 18:16:06	Name: IDE Value: AHWqTUlwrd5gdKUkvASu8sRBh1Mz4Bv8w09Qzw0kOqiB-eZjx3OEN7psmgYKT-6_5Gs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.funnelcockpit.com
cm.g.doubleclick.net
connect.facebook.net
gesundheitspaket.community
googleads.g.doubleclick.net
koi-3qnq9j78vy.marketingautomation.services
pixel-geo.prfct.co
pixel.rubiconproject.com
secure.adnxs.com
static.funnelcockpit.com
tag.perfectaudience.com
ups.analytics.yahoo.com
us-u.openx.net
www.digistore24.com
www.facebook.com
www.gesundheitspaket.community
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.67
130.211.21.179
151.101.2.217
159.69.147.208
172.217.18.2
185.89.210.244
2a00:1450:4001:80e::2002
2a00:1450:4001:831::2008
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
3.126.56.137
31.25.12.17
34.243.222.134
35.244.159.8
45.138.175.224
69.173.144.139
0520faa8aab21b2da4792bff0805d09653db38303e55898e5f4c22a2f3639fe7
066599a23ff885af740c351c59ab9dfadd02b799a66686c0d7c1a1f95997a544
0acde15b5f57482ea56b9cf91be0de2aad264587c79191639e58ad10c367c575
0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3
1029fcd653baa4a0cb240b6c456877aa4ebb39499b767b73b03545df5510bb4f
22ad37448db0a25b83f9ac4673ffb992af2c5b62cd3eedd669b2de0e87355980
27fd80d6a899107f7308f178315800eb2115d29cd669192fe592708e4ef1b678
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
4360a00ff206a0046f0dc89d380d63c021903a5ae244bddf9bc928ad22f9a7c3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341
55d424909a75b330118328e0c0d4dc02bf940a34032f48556babd256203a7a35
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5b975789f62e87ed0e4f6b13fe79566a93ec8bd72de06d15aa69020317eedd81
7194856f584c2055e9c3b96f641b4486f6d8c842914b9d152abffd732b97fc4a
71ecf4b619a6860283409bb385034101e0862a6c190d4ab8a2aa24b1d3733019
7fc59520963fa16b6d9159d0ec7b9f056d1cf3edd56cfb3ed39b0dfb0cb1a4f0
9679c45c888f1262375b9b646db8b3086d50885e4474a92b4d0305fff20f77e4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
abb3a9c291145389a1a04fd1adb9383f1541098931cae62b46b914f00d604d5c
ac2ac91b714c3b2122ecdc9e9bbaedfbec5ed081133a4a367a561e153d05ae53
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad51efb57b61ff4ed23dd3a62be3f5f6fc012191306c669bda8c6e63218799fc
c29e56f946e6e39f14f19fcea8f39f64a610d8b51aaf2aa43a5c35ec61d43c0e
c456ecdc797124af4cdf6cca3397d5f719aa7da3c39b015eba00354332b25c00
d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb
d22d0ddf358369ddb3be5a2d4149f4ac4c44b9587f4b6122da091882e8e767df
d9e64ed398d66c20c5564e91b240512aa41b0d1d5e5b15fefeaea208f70e0a8c
dc7787c933a41bfa49fef9555e2b565f4392bfebb22bac223aba78c315fb9f42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e40ddcdf5ccd999ea0d229df7158bee481db198e293e2779138f90377b5bba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13fc13b9290a05e50e615debe705c343fcc797b921bff3aade7d8650fe9f7f2

www.gesundheitspaket.community Open in urlscan Pro 45.138.175.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

79 %HTTPS

37 %IPv6

17 Domains

20 Subdomains

18 IPs

4 Countries

668 kBTransfer

1654 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gesundheitspaket.community Open in urlscan Pro
45.138.175.224 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

79 %
HTTPS

37 %
IPv6

17
Domains

20
Subdomains

18
IPs

4
Countries

668 kB
Transfer

1654 kB
Size

18
Cookies

48 HTTP transactions
0 data transactions