urlscan.io logo urlscan.io
SecurityTrails logo

www.helpcheck.de Open in urlscan Pro
35.152.104.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.helpcheck.de//lebensversicherung
Effective URL: https://www.helpcheck.de//lebensversicherung
Submission: On October 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 18 domains to perform 148 HTTP transactions. The main IP is 35.152.104.113, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is www.helpcheck.de.
TLS certificate: Issued by R11 on September 24th 2024. Valid for: 3 months.
This is the only time www.helpcheck.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.152.104.113 16509 (AMAZON-02)
23 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 2a04:4e42::485 54113 (FASTLY)
38 34.54.43.41 396982 (GOOGLE-CL...)
2 52.222.232.99 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
8 34.96.102.137 396982 (GOOGLE-CL...)
1 35.246.143.79 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
21 52.205.62.94 14618 (AMAZON-AES)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2a03:2880:f17... 32934 (FACEBOOK)
6 44.195.178.24 14618 (AMAZON-AES)
148 21
1    35.152.104.113 (Milan, Italy)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-152-104-113.eu-south-1.compute.amazonaws.com
www.helpcheck.de
23    2606:4700::6812:a175 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
5    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
38    34.54.43.41 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.43.54.34.bc.googleusercontent.com
static.heyflow.app
mini-serve.prd.heyflow.com
assets.prd.heyflow.com
api.prd.heyflow.com
functions.prd.heyflow.com
2    52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
imgsct.cookiebot.com
10    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
8    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    35.246.143.79 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.143.246.35.bc.googleusercontent.com
app.helpcheck.de
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
21    52.205.62.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-62-94.compute-1.amazonaws.com
rep.helpcheck.de
rep.verbraucherzentrum.info
rep.rueckerstattung-lebensversicherung.info
5    2606:4700:20::681a:1f0 (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.heyflow.cloud
12    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    44.195.178.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-178-24.compute-1.amazonaws.com
lg.hyr.so
Apex Domain
Subdomains		 Transfer
37 heyflow.com
mini-serve.prd.heyflow.com — Cisco Umbrella Rank: 554865
assets.prd.heyflow.com — Cisco Umbrella Rank: 331541
api.prd.heyflow.com — Cisco Umbrella Rank: 366897
functions.prd.heyflow.com — Cisco Umbrella Rank: 415388
576 KB
23 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6168
1 MB
12 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
8 KB
10 gstatic.com
fonts.gstatic.com
216 KB
9 helpcheck.de
www.helpcheck.de
app.helpcheck.de
rep.helpcheck.de
116 KB
8 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2896
154 KB
7 rueckerstattung-lebensversicherung.info
rep.rueckerstattung-lebensversicherung.info
80 KB
7 verbraucherzentrum.info
rep.verbraucherzentrum.info
80 KB
6 hyr.so
lg.hyr.so — Cisco Umbrella Rank: 41955
1009 B
5 heyflow.cloud
fonts.heyflow.cloud — Cisco Umbrella Rank: 336620
51 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
14 KB
5 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4618
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5320
imgsct.cookiebot.com — Cisco Umbrella Rank: 5372
141 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
30 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
68 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
68 KB
2 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
7 KB
1 heyflow.app
static.heyflow.app — Cisco Umbrella Rank: 279955
44 KB
148 18
Domain Requested by
23 cdn.prod.website-files.com www.helpcheck.de
cdn.prod.website-files.com
consent.cookiebot.com
18 functions.prd.heyflow.com assets.prd.heyflow.com
15 api.prd.heyflow.com assets.prd.heyflow.com
12 www.facebook.com
10 fonts.gstatic.com fonts.googleapis.com
8 dev.visualwebsiteoptimizer.com www.helpcheck.de
7 rep.rueckerstattung-lebensversicherung.info www.helpcheck.de
rep.rueckerstattung-lebensversicherung.info
7 rep.verbraucherzentrum.info www.helpcheck.de
rep.verbraucherzentrum.info
7 rep.helpcheck.de www.helpcheck.de
rep.helpcheck.de
6 lg.hyr.so rep.rueckerstattung-lebensversicherung.info
rep.helpcheck.de
rep.verbraucherzentrum.info
5 fonts.heyflow.cloud static.heyflow.app
fonts.heyflow.cloud
5 cdn.jsdelivr.net www.helpcheck.de
consent.cookiebot.com
4 cdnjs.cloudflare.com www.helpcheck.de
consent.cookiebot.com
3 assets.prd.heyflow.com static.heyflow.app
2 connect.facebook.net www.helpcheck.de
connect.facebook.net
2 www.googletagmanager.com www.helpcheck.de
static.heyflow.app
2 consentcdn.cookiebot.com consent.cookiebot.com
2 d3e54v103j8qbb.cloudfront.net www.helpcheck.de
consent.cookiebot.com
2 consent.cookiebot.com www.helpcheck.de
consent.cookiebot.com
1 imgsct.cookiebot.com
1 app.helpcheck.de www.helpcheck.de
1 mini-serve.prd.heyflow.com static.heyflow.app
1 fonts.googleapis.com ajax.googleapis.com
1 static.heyflow.app www.helpcheck.de
1 ajax.googleapis.com www.helpcheck.de
1 www.helpcheck.de
148 26
Subject Issuer Validity Valid
www.helpcheck.de
R11		 2024-09-24 -
2024-12-23		 3 months crt.sh
prod.website-files.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
files.heyflow.app
WR3		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
prd.heyflow.com
WR3		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
app.helpcheck.de
R11		 2024-10-01 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-12 -
2024-10-10		 3 months crt.sh
rep.helpcheck.de
E6		 2024-08-20 -
2024-11-18		 3 months crt.sh
rep.verbraucherzentrum.info
E6		 2024-09-25 -
2024-12-24		 3 months crt.sh
rep.rueckerstattung-lebensversicherung.info
E5		 2024-09-25 -
2024-12-24		 3 months crt.sh
heyflow.cloud
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
hyr.so
Amazon RSA 2048 M03		 2024-01-13 -
2025-02-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.helpcheck.de//lebensversicherung
Frame ID: 24B4C11A7966BA299DEC0F3B926865EB
Requests: 130 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 7077751EA6F8672EB54466B2234B2E74
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-K4ZS3FZW
Frame ID: ADC6FDADE1DAB19279AC9DA57165FB24
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

▷Widerruf Lebensversicherung » mehr Geld erhalten!

Page URL History Show full URLs

  1. http://www.helpcheck.de//lebensversicherung HTTP 307
    https://www.helpcheck.de//lebensversicherung Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

148
Requests

99 %
HTTPS

65 %
IPv6

18
Domains

26
Subdomains

21
IPs

3
Countries

3035 kB
Transfer

5711 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.helpcheck.de//lebensversicherung HTTP 307
    https://www.helpcheck.de//lebensversicherung Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

148 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lebensversicherung
www.helpcheck.de//
Redirect Chain
  • http://www.helpcheck.de//lebensversicherung
  • https://www.helpcheck.de//lebensversicherung
115 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.152.104.113 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-152-104-113.eu-south-1.compute.amazonaws.com
Software
/
Resource Hash
1edd45051e5171e7417322485393869b0e94ff00bbe1ecb564deff3bf6e3eac5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
285992
content-encoding
gzip
content-length
35823
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Thu, 03 Oct 2024 00:51:46 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding,x-wf-forwarded-proto
x-cache
HIT, MISS
x-cache-hits
2, 0
x-cluster-name
eu-south-1-prod-hosting-red
x-frame-options
SAMEORIGIN
x-lambda-id
cde8d123-4381-4c17-b39a-abacaf7ee95d
x-served-by
cache-iad-kcgs7200169-IAD, cache-mxp6928-MXP
x-timer
S1727916706.388992,VS0,VE93

Redirect headers

Location
https://www.helpcheck.de//lebensversicherung
Non-Authoritative-Reason
HttpsUpgrades
helpcheck-release.webflow.e7208e8fd.min.css
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/ 		250 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0943976c3b5e1dffb33f4ffaffb5b8501dd63c425eaf4552b8faaa1ccf4f2c0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"81904787075bb20bd2fb1f19217b7b59"
x-amz-version-id
I4xmCjDZm9qBmIeUzTHMFN1fm3i5xsDL
age
183884
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 15:05:42 GMT
vary
Accept-Encoding
x-amz-id-2
GmmeOl2GZ5HPcKSz1vXl4BBI7dt0FHTrP6k9KuafT7R8y8rllnr4JsfpP2XaRe0FWTARG5tI7sA=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
S7H3KQD2TJ1XPS9Y
cf-ray
8cc8f21829fa3a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
45528
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
gzip
age
122580
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 14:48:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 14:48:46 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
uc.js
consent.cookiebot.com/ 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a26de67dcfb8750beb1bd558517521026f407ccfb3c40ba8c3cb839de1bcf5f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=209
content-encoding
gzip
etag
"014b338c314db1:0"
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires
Thu, 03 Oct 2024 00:55:15 GMT
accept-ranges
bytes
content-length
34532
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 12:04:24 GMT
vary
Accept-Encoding
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

access-control-expose-headers
*
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
age
2339477
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220048-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1776
x-jsd-version
1.8.1
webview.js
static.heyflow.app/widget/latest/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.heyflow.app/widget/latest/webview.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8382fa9999ce127b5c24266991b4a3090646a866df6871cd621aad56ef8e6a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=7+Y31w==, md5=GR6v8QZFePriIM7aeFEosg==
etag
"191eaff1064578fae220ceda785128b2"
age
821
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 01:38:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
44411
date
Thu, 03 Oct 2024 00:38:05 GMT
last-modified
Tue, 24 Sep 2024 16:26:44 GMT
content-type
text/javascript
x-guploader-uploadid
AD-8ljtajb_vztRIzg4ufgF-fv7W_QAnGj_Y9qcqOa3O3fyunyJLVeuYKNv-uchjCl10uwwV7pY
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727195204234086
content-length
44411
server
UploadServer
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61aa42d8d160da40fce3f0ec
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://www.helpcheck.de/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
73729
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
69aH83POsRziSXLEVMnaJa7qM-dT3wZGX5gYvc9J5RjLtQHiQudrxA==
date
Wed, 02 Oct 2024 04:22:58 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
Accept-Encoding
cache-control
max-age=84600, must-revalidate
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
AmazonS3
webflow.b772a8ccb.js
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/js/ 		416 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/js/webflow.b772a8ccb.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb614d8b36159855d9b3581e4fa7166b5f1f4c77db442652c436e3784e38e187

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"944ac65413793dad655282aefdd9b82f"
x-amz-version-id
eNayw0nBF3_Joh7F7jmysMw86SpPmONO
age
725235
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
text/javascript
last-modified
Tue, 24 Sep 2024 15:24:26 GMT
vary
Accept-Encoding
x-amz-id-2
WYKycoGfiw7ZyoKZ7JQUkeu0999C2ycwvmS7e8WKG1JgOBHSaaxbF2JI83bCp01t4yLgNd0R8lQ=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
6CT48P453JV0J129
cf-ray
8cc8f21829fd3a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
85584
server
cloudflare
x-amz-server-side-encryption
AES256
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
age
1609130
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220048-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
11325
x-jsd-version
1.8.1
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-14983"
age
1224721
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lkn5GjTo%2BhL1Xc6P3SRdRKCqATJTMdFyY6IKLjw%2BYBD6Yru5GPNjNr7x%2F6EUc3j3cP1HicY60IF%2BSI5IhzdgSJAXmRPI0M1zI1Az4aEzoQ4lpZ27P5XitULCH8MLsRIl5D7vmpOZ%2F%2Bov1iYuWzRLlMF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 00:51:46 GMT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cc8f2185930dbcb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
26660
server
cloudflare
waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb0402f-1f6c"
age
1109581
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7yXBDu%2BHhBMFZ%2B45p3B%2Fw9yA5fN7WXQXXoWAZH%2F1lOu0%2BfX33KI7mMeVfJx8ic3hVrtGoCQDIxFkWKu2zOywdIVzdJFgCZi7zVpYR8MQsQxbnw9%2FAPobhTA5IWe2EkfrvuWU6L6M0w%2FJDrK1x7aPNuN"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 00:51:46 GMT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cc8f218592edbcb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2331
server
cloudflare
jquery.counterup.min.js
cdn.jsdelivr.net/jquery.counterup/1.0/ 		1 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.counterup/1.0/jquery.counterup.min.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
603e3b6061c49f8c02f07e5152c5d7381defba10c8fe73f95090e19a78de0397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"42f-YzteFSlsJJhNsZKJU944+r1/DPU"
age
585655
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220048-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
584
css
fonts.googleapis.com/ 		7 KB
997 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d9740a58f2fee125edf28cea3cb1d2c98971bb6f2bdce19635575b3da4725a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 00:51:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 22:59:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
configuration.js
consentcdn.cookiebot.com/consentconfig/5440f7db-0ed3-4cc3-9d95-131bd21943f3/helpcheck.de/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/5440f7db-0ed3-4cc3-9d95-131bd21943f3/helpcheck.de/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9f98809cb745f70d576602a891b3198a70b8dcbb444b1ed626831c26e1022e3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
max-age=32643
content-encoding
gzip
etag
"5cb6a84b72db044e307547a3ce9a7fdc:1726851123.06634"
cross-origin-resource-policy
cross-origin
expires
Thu, 03 Oct 2024 09:55:50 GMT
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1727916707079_388276619_660751358_23_657_44_42_146";dur=1
content-length
948
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
application/x-javascript
last-modified
Fri, 20 Sep 2024 16:52:03 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
cc.js
consent.cookiebot.com/5440f7db-0ed3-4cc3-9d95-131bd21943f3/ 		383 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/5440f7db-0ed3-4cc3-9d95-131bd21943f3/cc.js?renew=false&referer=www.helpcheck.de&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c9f1625ce90ab676bf5e5bbcdecee6b8c773ed9b397f05819ceaf5a430972c50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
private, max-age=1200
access-control-expose-headers
Request-Context
content-encoding
gzip
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/x-javascript; charset=utf-8
last-modified
Thu, 03 Oct 2024 00:51:46 GMT
vary
Accept-Encoding
lv-gutschein-pruefen
mini-serve.prd.heyflow.com/ 		108 KB
108 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mini-serve.prd.heyflow.com/lv-gutschein-pruefen
Requested by
Host: static.heyflow.app
URL: https://static.heyflow.app/widget/latest/webview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
c040cb9cd6803e7dafe87255c5a629dd6011d9b7dcc174dcb52eb2f80ee26750

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
text/html
x-powered-by
Express
server
Google Frontend
6308cf4526d8daa44bfc17b0_WorkSans-Regular.ttf
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		187 KB
188 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/6308cf4526d8daa44bfc17b0_WorkSans-Regular.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94e0d8ca23cc01c51de5d2d6a9e69704b95848c2143df8ee6cd421ac60decf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"7d761a652f8e716f57f4352b0f4e6280"
x-amz-version-id
92LXv5WLKxaJJdHDveazhzdjKJ9EdziK
age
154707
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 26 Aug 2022 13:48:54 GMT
x-amz-id-2
/HukDwDYm5xt++kNY30aBqISwvuDvQqYLyPsPrx/LMKLufNxyFZRvQIoRZg1vH2O+p8I8DOsY3ubPIlxOWZq67yd3AKwtXWu
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
3QSMFST4B4KW23N1
cf-ray
8cc8f219a8563a79-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
191916
server
cloudflare
x-amz-server-side-encryption
AES256
6308cf6e1301e9b304906b7c_WorkSans-SemiBold.ttf
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		188 KB
189 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/6308cf6e1301e9b304906b7c_WorkSans-SemiBold.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf7ae8d55dd1927fbaafe23f111b73a99202d7109925647facadf76ff1bb7516

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"a66feef293ecb953decfc8aa3fbf12ab"
x-amz-version-id
Hg1ShZMYRoKf2DYXfRToNvcKU1gCAM1m
age
2928070
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 26 Aug 2022 13:49:35 GMT
x-amz-id-2
77MJEkUFaPgKfc/3s8tJnh4WAxcoYeCiMGxw+bX9ej5hUGw3TeSH7U7CNOFehPzY9VCs/AqnXa0atI+mNt3lnUx/e2mFz4RD
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
3QSXXVCPNH5XJWPX
cf-ray
8cc8f219a8553a79-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
192372
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160dadc6ee3f173_Lebensversicherung_zugeschnitten_klein.png
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160dadc6ee3f173_Lebensversicherung_zugeschnitten_klein.png
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1106ce7dbccf0680ccd84459c22469e8b5ea3efa05ae824732e2874f192e3c89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cache-status
HIT
etag
"b59a46e8fc82308f5c003933ef6a3891"
x-amz-version-id
L_ToRdyeiEi7RmwXbdBOWfttcXDm1YZE
age
10777235
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
image/png
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
9iJVAOWaN+jdQElN0jIs9xmcspPRrb0K8BWq/Rd1de55mQp/3RxC4bQ+l4Lm2POlOesDVX+8Gto/MfU7SQOEaQ==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
051HD8EDPATHFCCY
cf-ray
8cc8f2196aa53a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
71048
server
cloudflare
x-amz-server-side-encryption
AES256
6308cf2746e55a11698b6ca3_WorkSans-Light.ttf
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		188 KB
188 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/6308cf2746e55a11698b6ca3_WorkSans-Light.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1eceee39432142a3c5cbc5e103c41895b348ce8463adb2db06515d7131effc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"fac65b7a2b5c287d027e8ab9df15ff58"
x-amz-version-id
Theqf10z26hP3ebPNHrmw5fZZwyEWFre
age
2985532
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 26 Aug 2022 13:48:25 GMT
x-amz-id-2
GD1VPY4cXOCsG3kLdo1j++6V7He0ie6btJMvbj78iUuzUHFUPNnS3xre5SfmE4mm8ZHYIpYGbBhGu9pGsAAnOfxOpkYOQyXy
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
3QSYCBVG76NSKZX0
cf-ray
8cc8f219a8583a79-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
192128
server
cloudflare
x-amz-server-side-encryption
AES256
6308cf5b5aa7a4a82d923371_WorkSans-Medium.ttf
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		188 KB
189 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/6308cf5b5aa7a4a82d923371_WorkSans-Medium.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ca78b693fa3195a3b4a78d1d851d5150cdce603e5289422e033ba5fdb85cc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"800a9cf85712fd7f1b863e3b2b3a1dc5"
x-amz-version-id
0EOmLVRxo.EACTmv7jYGiw41Ex2dhTJZ
age
2985558
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 26 Aug 2022 13:49:16 GMT
x-amz-id-2
Pir34YWiPMe6j1HMXqk3j7auXDcr3Id7LMgi6cJQeOoEeQ31sVJ8lArCGtZ/fetVUw4YMsQwlOIQC6tPyuGvv+8s1iEbMWsj
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
3QSSJX8MPXWBDX3R
cf-ray
8cc8f219a85b3a79-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
192380
server
cloudflare
x-amz-server-side-encryption
AES256
6308d040136b40a489107e55_WorkSans-Italic.ttf
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		171 KB
172 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/6308d040136b40a489107e55_WorkSans-Italic.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50328a713db17a1469d31103d9a5ab7238a3c0a78bd203011fc2ecbde4709bdd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"4fdd230bd503bd5802a9d4793a08a72f"
x-amz-version-id
Scpg0wIctFtYpdbDqG41N6K90Sysrfaw
age
2985106
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 26 Aug 2022 13:53:05 GMT
x-amz-id-2
Fx9OK54SsjFTqSlzT4P2+eA6A83vi0z3HyxFAtXZqasP9WrfFcgq26nn2IDjyw8W7PLfHzTDidk=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
KEQGGRGGYYQPW31S
cf-ray
8cc8f219a8593a79-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
175516
server
cloudflare
x-amz-server-side-encryption
AES256
6308cf800d02e28ceb3936ec_WorkSans-Bold.ttf
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		188 KB
189 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/6308cf800d02e28ceb3936ec_WorkSans-Bold.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40580d429399613827a6f3ad0c14d7193c0de2ea2994113d32cd00d7fbceafbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/css/helpcheck-release.webflow.e7208e8fd.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"f051cc0ed2761378e886727284cf3c05"
x-amz-version-id
M5y8Z9TVhwmRGMp6JxmLQimpgvvCy4nL
age
2985355
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 26 Aug 2022 13:49:54 GMT
x-amz-id-2
HL2gKmKKtPv0HqNaTJjuqU1xmSkgmI9OSD1DabpjdyiUxAzTmhw1YlCbGeA5rhy/zALfmAFLqV1fObBcbrpmSwvJZIyPcWlo
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
3QSV7JAS6J1GJB9X
cf-ray
8cc8f219a85a3a79-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
192304
server
cloudflare
x-amz-server-side-encryption
AES256
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
188484
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 30 Sep 2025 20:30:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 20:30:22 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
145890
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:20:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:20:16 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHh30AXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
146124
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:16:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:16:22 GMT
last-modified
Tue, 02 May 2023 15:29:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21508
x-xss-protection
0
server
sffe
S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v24/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u-w4BMUTPHjxsIPx-oPCI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
145847
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:20:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:20:59 GMT
last-modified
Tue, 02 May 2023 15:10:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17072
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
144946
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:36:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:36:00 GMT
last-modified
Tue, 02 May 2023 15:08:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23236
x-xss-protection
0
server
sffe
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
149771
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 07:15:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 07:15:35 GMT
last-modified
Tue, 02 May 2023 15:08:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17728
x-xss-protection
0
server
sffe
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
146101
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:16:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:16:45 GMT
last-modified
Tue, 02 May 2023 15:14:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24408
x-xss-protection
0
server
sffe
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
146126
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:16:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:16:20 GMT
last-modified
Tue, 02 May 2023 15:30:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24448
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
146463
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:10:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:10:43 GMT
last-modified
Tue, 02 May 2023 15:12:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22504
x-xss-protection
0
server
sffe
S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.googleapis.com/

Response headers

age
145610
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 08:24:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 08:24:56 GMT
last-modified
Tue, 02 May 2023 15:11:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23736
x-xss-protection
0
server
sffe
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 7077 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.helpcheck.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=30975983
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 00:51:47 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Fri, 26 Sep 2025 13:18:10 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1727916706927_388276619_660751324_21_770_44_82_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c67ce89975825c8dc16eaf5a9969120d49cd1a31346485b0ace863022f056e1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
j.php
dev.visualwebsiteoptimizer.com/ 		23 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=964367&u=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&vn=2.1&x=true
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
0dd69199286a07a1488064bb2b431babbe6bbf63c987910aac1b8524ac1a83bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
gfra2
login-form
app.helpcheck.de/integration/ 		940 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.helpcheck.de/integration/login-form
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.246.143.79 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.143.246.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ee8e1a456201e0849a61dd164cf772bf082be0e609000d895259e6aad9be9c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
x-envoy-upstream-service-time
18
access-control-allow-methods
GET
expires
Thu, 03 Oct 2024 00:51:47 GMT
access-control-allow-origin
https://www.helpcheck.de
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
istio-envoy
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61aa42d8d160da40fce3f0ec
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://www.helpcheck.de/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
73729
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
69aH83POsRziSXLEVMnaJa7qM-dT3wZGX5gYvc9J5RjLtQHiQudrxA==
date
Wed, 02 Oct 2024 04:22:58 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
Accept-Encoding
cache-control
max-age=84600, must-revalidate
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
AmazonS3
1.gif
imgsct.cookiebot.com/ 		35 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=5440f7db-0ed3-4cc3-9d95-131bd21943f3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
etag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
35
date
Thu, 03 Oct 2024 00:51:47 GMT
last-modified
Mon, 23 Oct 2023 11:39:32 GMT
content-type
image/gif
x-guploader-uploadid
AD-8ljuDCBq_F1u-V7WCRfGi7N-5L9exhw28pBVaMl5e0TyewX7XqnHKqq91mrEAKB8sH6tsJsw
cache-control
public,max-age=1800
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1698061172769999
content-length
35
server
UploadServer
webflow.b772a8ccb.js
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/js/ 		416 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/js/webflow.b772a8ccb.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb614d8b36159855d9b3581e4fa7166b5f1f4c77db442652c436e3784e38e187

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"944ac65413793dad655282aefdd9b82f"
x-amz-version-id
eNayw0nBF3_Joh7F7jmysMw86SpPmONO
age
725235
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
text/javascript
last-modified
Tue, 24 Sep 2024 15:24:26 GMT
vary
Accept-Encoding
x-amz-id-2
WYKycoGfiw7ZyoKZ7JQUkeu0999C2ycwvmS7e8WKG1JgOBHSaaxbF2JI83bCp01t4yLgNd0R8lQ=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
6CT48P453JV0J129
cf-ray
8cc8f21829fd3a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
85584
server
cloudflare
x-amz-server-side-encryption
AES256
65a55ad308f98b24129e4dfe_logo-txt-dark.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/65a55ad308f98b24129e4dfe_logo-txt-dark.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c525e68160cf7085814e6f993bf76928ddff62940ef8ea87587c475714d55d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"61b975fe5706ee8cf0bdaee81adec9d2"
x-amz-version-id
GLIjWyv92HnbY_1JikjSTI4y.h2S9YlC
age
3185494
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Jan 2024 16:18:29 GMT
vary
Accept-Encoding
x-amz-id-2
B0rCv2w6alcaY+5TiR/nLk6up3XD7VnqAbx3ueE1QAaTge9hegoRA1EAvaFR1oeMz5lEfNcs+jE=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
C3EJBFF5PDAS85C1
cf-ray
8cc8f21bec0d3a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160da926ae3f175_logo-tuevsaarland.webp
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da926ae3f175_logo-tuevsaarland.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e548b36d3dcbc650607da350ded1745cdd703aed8de48137c8430fd17924153

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cache-status
HIT
etag
"f383592b779ccb725e92870ceb47e9a6"
x-amz-version-id
AWRyS8MRJuRhpPH8zDI.49dw8bYZiAY4
age
2207
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/webp
last-modified
Thu, 03 Nov 2022 21:01:31 GMT
vary
Accept-Encoding
x-amz-id-2
qWX61zL8DSrKhcbwbhHgJN/RdP3/LTRrRPfoyOQzFu+fOHLEs5GPGMpSIhu5SETHYO1rfTZvdBE=
cache-control
max-age=84600, must-revalidate
x-amz-request-id
C3EP08G6Z4NFDQSH
cf-ray
8cc8f21bec0e3a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8212
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160da5122e3f15a_logo-handelsblatt-white.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da5122e3f15a_logo-handelsblatt-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda0e0687bdaf19ea4920da43f08d665f6ddaa6fe6ecb9e3881079d8ec4dd12a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e97b2f2edc8ecd83eff916346b3e5253"
x-amz-version-id
H2WgsU0S_F9Idbo.ve4ScvwBZ01_WTYq
age
10778341
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
XyXIYJsmmxIXFEkn8dPriveZzXd7CGjFNmWVLDBYa5gV1qeDLpBz/2t3LM63Mgk/rdkp6pI7yS8=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
C3ETBDSGAH8RHGWT
cf-ray
8cc8f21bec0f3a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160da5c17e3f163_logo-wirtschaftswoche-white.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da5c17e3f163_logo-wirtschaftswoche-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b50136e30685c02cdb191e8c362d5d215ed85a341fc9477887adf493c2060ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f13c3f6879154afcb5869ed3055def4a"
x-amz-version-id
KksliIB9FnlSHdVrJeQOqNrnYJyflZpI
age
3185494
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
IuNUU6AU53mLnDhjXlaUuY6U3YqDqirpUXdxJ4LPZtNiAOZKPnQowKuSQjWke3lS+HXEXtYTbikNrKJmmUFiH/SuYKosYFUr
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
C19CAN7PRR0W9PW9
cf-ray
8cc8f21bec103a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
64a6c9a4523e75aed30e2bd9_Logo_Bild-de_klein.png
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/64a6c9a4523e75aed30e2bd9_Logo_Bild-de_klein.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a18afe59e8186a7cdc6260a16c4b62676c1436fa6905a8313511a513691b968

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cache-status
HIT
etag
"3cd7f690e04303ee2bbc90e45d951d33"
x-amz-version-id
uCiDV.96H8MJfrdbwIww6GsWq9M3Tz5L
age
10778341
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/png
last-modified
Thu, 06 Jul 2023 14:03:18 GMT
vary
Accept-Encoding
x-amz-id-2
jxR9kQ/RG3CPF5FRDBcWlctyDbdR4Z6sfg0D5mJ/r/AYCb2O+Co8x1Vowp9caXMrZIHUpJDRoAI=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
C3EJEQ345ZPGXM8K
cf-ray
8cc8f21bec113a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10520
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160dacae5e3f162_logo-technologyreview-white.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160dacae5e3f162_logo-technologyreview-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eeb7ee8ccf094432e15004111ed084d553b5e54931508b9649d2daffef8dbc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2120651dd8976cf9dbe8a738ed9e0f08"
x-amz-version-id
y7Yx_cdqd3cVfwC.n3mu4ryCvKP_sM61
age
3184689
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
lfUikFhjYIAiQ8igmN0gYl64zpg/ME+2fykRBSRmZEVFeQkmzd5clpGfnEfxtS0YnNEN3Hw58bU=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
C3EZ21QK9Y84G2M9
cf-ray
8cc8f21bec123a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160da2b5ce3f16c_bullet.fec28d98.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		328 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da2b5ce3f16c_bullet.fec28d98.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b87d55b221eba515aba357707082b64497e6bac147a11151f4ec06c18ee6426

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"9f6953b913347d069ac1c21a0447671c"
x-amz-version-id
oANoL226.nrZn84.l8r6XkeCN3jEQwEh
age
10778341
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
7lunwxni+4faTbCVFwTRNbdYFe/LflU2bulqWhOL5ZAlEizB0Ykf1bHnfQT+bnJHtQ67OT4E79s=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
GHPEZD2MA705K4P7
cf-ray
8cc8f21c3c3a3a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160da2c7be3f167_Lupe.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		761 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da2c7be3f167_Lupe.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59b85a97d30513ffcd88bb45a15abafe6703d7164f2e1ac9588d7dbd3fcc557

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"b54822fc30cd3e25245f2a611e52b91a"
x-amz-version-id
fdy3xTLnKRLQS7vbD0TErGXmZxLoHRNf
age
3265591
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
1BaSxxumMpNJ/rIoLSXJA2bIrbPDJnjT/rGKTPtA19NhxoTuSYaNS6k+PVOaYAZzF0gCu+7T3vc=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
C3ES9JB2RTT800QK
cf-ray
8cc8f21c3c3c3a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160da6dd5e3f16a_Ausweis.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		918 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da6dd5e3f16a_Ausweis.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b10f4c52f28d8d9e97080a5bce4429e9a53ad54dd119ca59eda39f4f829df5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e9026e4d0595d6caba3dfb2e83fd4e80"
x-amz-version-id
y.XLoWzxxIR_CtUX1dCikBTW2KL0DFeu
age
3265591
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
Y3pJaxbnmsHU29dfOWxJeS06rH/6ouE5Nttci0UtwyAf7fq47IOP/y7ZrSGVU9+0IPPlWHvxGcU=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
WD8B90BP9DJ2MJFT
cf-ray
8cc8f21c3c3e3a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160dab04ae3f16d_Portemonaie.svg
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160dab04ae3f16d_Portemonaie.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017a314ded9bea496c263ffcea3d6c2b9a368dca0236ebbc651d10772abc6b45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"aa5377fd95100c3808b45ef7efca0b28"
x-amz-version-id
UyXJdeFLnk1WmpYIMRy7SIq56DUyMSyq
age
10778341
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
GBdRJNY1IzoO81kOddo4WWMVn0j1/rN7BvfUYUry4U4vo2qXzlGZTquFxAPUser7RKktR8hnpv0=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
C3ESY1F20MNXPF92
cf-ray
8cc8f21c3c403a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
61aa42d8d160da5de6e3f12a_favicon-32x32%20(2).png
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da5de6e3f12a_favicon-32x32%20(2).png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8cc7930c776ceeb145dbf96a049e008f3abcef1c0ac2cac69d3339361e06678

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cache-status
HIT
etag
"0205ecbbe4b341866d84fb775bf65394"
x-amz-version-id
kU6OsDfhHQHr3JT1Xlmk8va5KBWVqYiN
age
10778341
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/png
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
bF4lwIakT0LOlf8PVRFwk16Y79HUP/K6sz+W9qlm4NubVaXlc2AUONzor/fPwsGpPvR0nrRJoTM=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J0P99G2NFS8NSVCV
cf-ray
8cc8f21bec143a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1203
server
cloudflare
x-amz-server-side-encryption
AES256
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		42 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
age
1609130
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220048-FRA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
11325
x-jsd-version
1.8.1
617985b3abcf8d293a940bcb_left.svg
cdn.prod.website-files.com/61790e812340fa343868711b/ 		302 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61790e812340fa343868711b/617985b3abcf8d293a940bcb_left.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fcd3d435fbb796393c07ffcc0a074d7346ab3caa290eefa806c6c2d6345ffb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6e6b2ec37cb0a3fb35c3a90032ed552c"
x-amz-version-id
3B8LogXbZFPp9dBUxrRNn2KUVZJQkrjt
age
10778338
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Oct 2021 17:00:37 GMT
vary
Accept-Encoding
x-amz-id-2
6gTsLV3zhlZqVwas42Bb6I+n1LPqYTVCNvQ2QCyU6//pnnoiElex2EW0ZYg/jBdmm74zSEit9GA=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
EZFY7EJVXX8DVS5E
cf-ray
8cc8f21c3c463a8e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec4-14983"
age
1224721
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lkn5GjTo%2BhL1Xc6P3SRdRKCqATJTMdFyY6IKLjw%2BYBD6Yru5GPNjNr7x%2F6EUc3j3cP1HicY60IF%2BSI5IhzdgSJAXmRPI0M1zI1Az4aEzoQ4lpZ27P5XitULCH8MLsRIl5D7vmpOZ%2F%2Bov1iYuWzRLlMF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 00:51:46 GMT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:48 GMT
vary
Accept-Encoding
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cc8f2185930dbcb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
26660
server
cloudflare
waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb0402f-1f6c"
age
1109581
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7yXBDu%2BHhBMFZ%2B45p3B%2Fw9yA5fN7WXQXXoWAZH%2F1lOu0%2BfX33KI7mMeVfJx8ic3hVrtGoCQDIxFkWKu2zOywdIVzdJFgCZi7zVpYR8MQsQxbnw9%2FAPobhTA5IWe2EkfrvuWU6L6M0w%2FJDrK1x7aPNuN"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 00:51:46 GMT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:51 GMT
vary
Accept-Encoding
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cc8f218592edbcb-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2331
server
cloudflare
jquery.counterup.min.js
cdn.jsdelivr.net/jquery.counterup/1.0/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.counterup/1.0/jquery.counterup.min.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
603e3b6061c49f8c02f07e5152c5d7381defba10c8fe73f95090e19a78de0397
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"42f-YzteFSlsJJhNsZKJU944+r1/DPU"
age
585655
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 03 Oct 2024 00:51:46 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220048-FRA
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
584
worker-77cb20d7fe5914aec487582c68e5ee25br.js
dev.visualwebsiteoptimizer.com/cdn/edrv/ 		266 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/edrv/worker-77cb20d7fe5914aec487582c68e5ee25br.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6ea3868078290bccb9fb1c1020d4eab6f53cd2cb65b8ce0e6c89cd4fb5c65cdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=UyKaog==, md5=7Pbmy/Qd1QexD3T+u+LR/Q==
etag
"ecf6e6cbf41dd507b10f74febbe2d1fd"
age
476085
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
65960
date
Fri, 27 Sep 2024 12:37:02 GMT
last-modified
Fri, 27 Sep 2024 12:02:10 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AD-8ljsTD28IV38Hz28ikaWCFKCXDw1x0Jl4wZ4XtU-rKlaDVc2N8wViWgT8JhBtxP8OVdck6G0
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727438530099000
content-length
65960
content-language
en
server
UploadServer
va_gq-e7fa93e800dbd345e23dc051ec222f7abr.js
dev.visualwebsiteoptimizer.com/cdn/edrv/ 		278 KB
72 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/edrv/va_gq-e7fa93e800dbd345e23dc051ec222f7abr.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
766d47c5dae060ace22799183d3d74a04e296225ba6a408e6e82cca3a923d7a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=/ufclQ==, md5=tvQw8YHp2MmXTMvgr5Dtdw==
etag
"b6f430f181e9d8c9974ccbe0af90ed77"
age
468706
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
74023
date
Fri, 27 Sep 2024 14:40:01 GMT
last-modified
Fri, 27 Sep 2024 14:20:45 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AD-8ljslsE43eAPehbVhFRM861CoyoMgLJJmEb4cvAL9KYKK4_i3Om-6e9CTS3p3cvbA0QrZe5nHsajETQ
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727446845499273
content-length
74023
content-language
en
server
UploadServer
v.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=964367&d=helpcheck.de&u=DC2E214C5B3DA871B90B492303A70383F&h=c6de8c8eca30225f6927f5524e7ef1d1&t=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel02c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
public, max-age=43200
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/gif
server
gbel02c
15289e09-6d49-4d70-b684-68636c9d18e8
https://www.helpcheck.de/ Frame 		0
0
nc-bced65cf3ce53b1cb96e33d3391e8ef4br.js
dev.visualwebsiteoptimizer.com/cdn/edrv/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/edrv/nc-bced65cf3ce53b1cb96e33d3391e8ef4br.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dc731d27b605c8bfda83754695f4de65206b95681806892e01db3cd374838d18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=7MztHA==, md5=lfGY9pn/XBOvmDUWZrKOfQ==
etag
"95f198f699ff5c13af98351666b28e7d"
age
468706
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3700
date
Fri, 27 Sep 2024 14:40:01 GMT
last-modified
Fri, 27 Sep 2024 14:21:30 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AD-8ljtaZchbd0glwae3dwC4n9gXhnFFwbQV9XkhlYxXR4bicx4PxFU-xe20U7BbDhZnPc8hJonNU2Gjhw
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727446890260286
content-length
3700
content-language
en
server
UploadServer
s.gif
dev.visualwebsiteoptimizer.com/eu01/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/eu01/s.gif?account_id=964367&u=DC2E214C5B3DA871B90B492303A70383F&s=1727916706&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22de-de%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1727916707536%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1727916706537&v=257b305e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel01c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
x-content-type-options
nosniff
via
1.1 google
expires
Mon, 10 Jan 2005 00:00:01 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/gif
server
gbel01c
app-CukW9WMg.css
assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/ 		196 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-CukW9WMg.css?q=lv-gutschein-pruefen-0
Requested by
Host: static.heyflow.app
URL: https://static.heyflow.app/widget/latest/webview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e2a4d61d82f32f4cfea5187f852c29587454e86ee3e4264d6982c513bb15d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=z6m3bA==, md5=Dc/HLrDI3craRRZyHtnF4g==
etag
"0dcfc72eb0c8ddcada4516721ed9c5e2"
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 00:51:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
200264
date
Thu, 03 Oct 2024 00:51:47 GMT
last-modified
Sun, 22 Sep 2024 11:15:48 GMT
content-type
text/css
x-guploader-uploadid
AD-8ljuAh8g46gBQYj2YV8-ho_opDkqAQElk6Ia5xWbVknN8z69hgXJE4tVCNk09QiBth9Zu7lk
cache-control
no-store, max-age=0
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727003748196043
content-length
200264
server
UploadServer
settings.js
dev.visualwebsiteoptimizer.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=964367&settings_type=1&vn=&eventArch=1&uuid=&ec=1470062&exc=1
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
fed6ac309469834d8d7c26b5593f918079cfc5f94eb0097081b7f200a2a5319d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
content-encoding
gzip
etag
W/"1727781308_EA"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
application/javascript; charset=UTF-8
server
gfra2
gtm.js
www.googletagmanager.com/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4ZS3FZW
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21c47f611697b5bc3aafe5a21a1b6a9fc19daab80690a2cd66b43cde72b66ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 03 Oct 2024 00:51:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 03 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
69359
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa9185ab1bfe6ccdf160f859377f2c8ed3b102c7a083bbbfb30d2ea3f26ff31f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4447, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
8s7lIktIeU8A86cYfmcpPoi4AWUucrpX+698X12Y52WKp+6YDP+2vma7AW1MM3FfapySqBc7S+m/s52tAjNTsg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59127
x-xss-protection
0
commonjshelpers.chunk-DMCfYbel.js
assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/ 		781 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/commonjshelpers.chunk-DMCfYbel.js
Requested by
Host: static.heyflow.app
URL: https://static.heyflow.app/widget/latest/webview.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a875c30b4606ced3dcf75f3e1d3b756306dd7f17e273189efe64841c3223c652

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=tTQOhA==, md5=VjQbIp52CzDzGQWr9/8jyg==
etag
"56341b229e760b30f31905abf7ff23ca"
x-goog-stored-content-encoding
gzip
expires
Thu, 03 Oct 2024 00:51:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
431
date
Thu, 03 Oct 2024 00:51:47 GMT
x-goog-custom-time
2024-08-21T12:44:34.215Z
last-modified
Thu, 29 Aug 2024 14:07:28 GMT
vary
Accept-Encoding
content-type
application/javascript
x-guploader-uploadid
AD-8ljuXFvbyxOgwdKV9Lsja-Oy6wLdQ9HrH07fPNhYTcLkyxmx9t4bK_Eae0E2uZzCuJudk6P4
cache-control
no-store, max-age=0
x-goog-storage-class
STANDARD
x-goog-meta-x-goog-reserved-source-generation
1724244274178426
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724940448718123
content-length
431
server
UploadServer
app-DnxyNroG.js
assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/ 		270 KB
270 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Requested by
Host: static.heyflow.app
URL: https://static.heyflow.app/widget/latest/webview.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c13459903556f4fe9c441c12338976bc3bfa96a34ae4c3e725fe639f1303ec85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://www.helpcheck.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=eZig3w==, md5=jS9esKe1YhsYNi7z8TzzDg==
etag
"8d2f5eb0a7b5621b18362ef3f13cf30e"
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 00:51:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
276298
date
Thu, 03 Oct 2024 00:51:47 GMT
last-modified
Sun, 22 Sep 2024 11:15:48 GMT
content-type
application/javascript
x-guploader-uploadid
AD-8ljt4GteF0U-0qDcYUyqC6SMJDS_XTX9Zl2szDiv9JUH8gGUR2duYncFNf03S_23EffDxNqcnftYSgQ
cache-control
no-store, max-age=0
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727003748215340
content-length
276298
server
UploadServer
445649858951807
connect.facebook.net/signals/config/ 		51 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/445649858951807?v=2.9.170&r=stable&domain=www.helpcheck.de&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3360ac38581ce40229e126e50c7b9488b4a4c8e286d94cb444aa74feb2d2544
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=74, mss=1232, tbw=67277, tp=63, tpl=0, uplat=62, ullat=0
pragma
public
x-fb-debug
ejwEe3W8cH74tckCYsoCgPVH20VNaIf26qnteDqN194Z+mtqqRFhiGdUZ+Xfp4vqWPjHbXOu8MESQAvdCZSZFw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
universal-script
rep.helpcheck.de/v1/lst/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rep.helpcheck.de/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
db1eef441018dbf8314a9d0973c9598656410c16f8c2937f9e17b1579a875ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Content-Length
79071
Date
Thu, 03 Oct 2024 00:51:48 GMT
Content-Type
text/javascript;charset=ISO-8859-1
Server
nginx/1.18.0 (Ubuntu)
universal-script
rep.verbraucherzentrum.info/v1/lst/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rep.verbraucherzentrum.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
45b0dfb9bd2b5aa1627033c5f249461d7d2a0e601a266d56cf81979d89f112cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Content-Length
79082
Date
Thu, 03 Oct 2024 00:51:48 GMT
Content-Type
text/javascript;charset=ISO-8859-1
Server
nginx/1.18.0 (Ubuntu)
universal-script
rep.rueckerstattung-lebensversicherung.info/v1/lst/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rep.rueckerstattung-lebensversicherung.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ceb66f0fcbb00da3b450b99fe2a8008945e1afd9b6a5977b01430581cdc99822
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Content-Length
79098
Date
Thu, 03 Oct 2024 00:51:48 GMT
Content-Type
text/javascript;charset=ISO-8859-1
Server
nginx/1.18.0 (Ubuntu)
ns.html
www.googletagmanager.com/ Frame ADC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-K4ZS3FZW
Requested by
Host: static.heyflow.app
URL: https://static.heyflow.app/widget/latest/webview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 00:51:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html
date
Thu, 03 Oct 2024 00:51:48 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
a1ebf5ec9191d80b57faa509b77423a6
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
icon
fonts.heyflow.cloud/ 		472 B
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by
Host: static.heyflow.app
URL: https://static.heyflow.app/widget/latest/webview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
age
571518
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zG%2F8HbbUZWI8RPTZ4MIaIvZMRMBIVfW3V04n%2B8ZudcLhu03lYsSZYV5GgNAsDDruOGSY7fPoeoM3MjrKfNMtG15LgOFMT%2BkzF0GICfO8BwI7crDwlrVfioS0lCV1yUXq%2BTXUYsSABnTC%2F5%2BRVqYyIk%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=571
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 26 Sep 2024 10:06:30 GMT
vary
Accept-Encoding
x-cloud-trace-context
9dcda53f669392e7e202e353bb3b78cd
cache-control
private, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc8f2226efd1cab-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
css
fonts.heyflow.cloud/ 		45 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Noto+Sans:300,400,500,600,700,800&display=swap
Requested by
Host: static.heyflow.app
URL: https://static.heyflow.app/widget/latest/webview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8a1de9f068b8bc7ac4dbf89826044bd32f5d0cdc569c2efc6b72113d09221e0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
age
23241
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSAJPjmOuKsvS7EzYPgv%2BF%2BcxFk0TAPtsVINRVEXr9i6HKn%2FSQnLEytjITR67fSzhUU8ShWj4mvwW4xo%2B%2BTOLtkds83fLQF0kw0DHhXmr2yCV9cozVB0SSc91r9WCG5Lj2mCaZxeP0p5N4WvWD6QVRM%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=53412
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 02 Oct 2024 18:24:27 GMT
vary
Accept-Encoding
x-cloud-trace-context
ce98947f9ad59146f274d3b09b0537a3
cache-control
private, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc8f2226efe1cab-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
03370cef082b9e5c41c53543b4831578
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html
date
Thu, 03 Oct 2024 00:51:48 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
ae8416ae6c002781bae53d96b08df8a5
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
52d4730d39e07e561f03ec016fb568c7
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gnikcart
functions.prd.heyflow.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 03 Oct 2024 00:51:48 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
35fd85cdd77ef806b862b0fbd0ed742b
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
be0f52fd3035d99a2567aef8a168a110
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
09ecdcc75c63553e96af5b962622f7a1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
settings.js
dev.visualwebsiteoptimizer.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=964367&settings_type=2&vn=&eventArch=1&uuid=&u=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&ec=1470062&exc=1
Requested by
Host: www.helpcheck.de
URL: https://www.helpcheck.de//lebensversicherung
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
4ea8e7ec3f250cf20eb9853adb03696883f4e58191d54d0ddbb63ad7ce129f3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
content-encoding
gzip
etag
W/"1727781308_EA"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
application/javascript; charset=UTF-8
server
gfra2
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
34063a5f04766b10ed39204dd69edb28
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.heyflow.cloud/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Noto+Sans:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Noto+Sans:300,400,500,600,700,800&display=swap

Response headers

cf-cache-status
HIT
age
195551
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qky0wzJb%2BzuX3hS696nfCZ%2BlYruerWULgV9Y7VVut8xoDZ5v%2F5EepDPGhzj1Z0Kj8QXXVLXWRc4gnXT%2BYwk8e0oR9FLDdx5jm3L8p1BDn11BvJ8guEqBgtcGLs9Nq418SQcTbRR%2FIXJ5J8WuQ3Jrbnw%3D"}],"group":"cf-nel","max_age":604800}
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
font/woff2
last-modified
Mon, 30 Sep 2024 18:32:37 GMT
vary
Accept-Encoding
x-cloud-trace-context
c160a4cedf8ec1cd27376333c9eda797
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc8f223394c1d8a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-powered-by
Express
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.heyflow.cloud/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Noto+Sans:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Noto+Sans:300,400,500,600,700,800&display=swap

Response headers

cf-cache-status
HIT
age
195551
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qky0wzJb%2BzuX3hS696nfCZ%2BlYruerWULgV9Y7VVut8xoDZ5v%2F5EepDPGhzj1Z0Kj8QXXVLXWRc4gnXT%2BYwk8e0oR9FLDdx5jm3L8p1BDn11BvJ8guEqBgtcGLs9Nq418SQcTbRR%2FIXJ5J8WuQ3Jrbnw%3D"}],"group":"cf-nel","max_age":604800}
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
font/woff2
last-modified
Mon, 30 Sep 2024 18:32:37 GMT
vary
Accept-Encoding
x-cloud-trace-context
c160a4cedf8ec1cd27376333c9eda797
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc8f223394c1d8a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-powered-by
Express
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.heyflow.cloud/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Noto+Sans:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.helpcheck.de
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Noto+Sans:300,400,500,600,700,800&display=swap

Response headers

cf-cache-status
HIT
age
195551
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qky0wzJb%2BzuX3hS696nfCZ%2BlYruerWULgV9Y7VVut8xoDZ5v%2F5EepDPGhzj1Z0Kj8QXXVLXWRc4gnXT%2BYwk8e0oR9FLDdx5jm3L8p1BDn11BvJ8guEqBgtcGLs9Nq418SQcTbRR%2FIXJ5J8WuQ3Jrbnw%3D"}],"group":"cf-nel","max_age":604800}
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
font/woff2
last-modified
Mon, 30 Sep 2024 18:32:37 GMT
vary
Accept-Encoding
x-cloud-trace-context
c160a4cedf8ec1cd27376333c9eda797
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cc8f223394c1d8a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-powered-by
Express
server
cloudflare
61aa42d8d160da5de6e3f12a_favicon-32x32%20(2).png
cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61aa42d8d160da40fce3f0ec/61aa42d8d160da5de6e3f12a_favicon-32x32%20(2).png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8cc7930c776ceeb145dbf96a049e008f3abcef1c0ac2cac69d3339361e06678

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

cf-cache-status
HIT
etag
"0205ecbbe4b341866d84fb775bf65394"
x-amz-version-id
kU6OsDfhHQHr3JT1Xlmk8va5KBWVqYiN
age
10778341
date
Thu, 03 Oct 2024 00:51:47 GMT
content-type
image/png
last-modified
Fri, 03 Dec 2021 16:16:26 GMT
vary
Accept-Encoding
x-amz-id-2
bF4lwIakT0LOlf8PVRFwk16Y79HUP/K6sz+W9qlm4NubVaXlc2AUONzor/fPwsGpPvR0nrRJoTM=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J0P99G2NFS8NSVCV
cf-ray
8cc8f21bec143a8e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1203
server
cloudflare
x-amz-server-side-encryption
AES256
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
f29015af2623b964703ab7789138fdeb
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
b9804e9cfe47f20f823de3d5daf742e7
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
19ab964cbd62bdc959477b88bf81e9e6
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
639679094ba4bae908059bb4e4633510
metacapi
functions.prd.heyflow.com/ 		101 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0d0c113caf4e14666325ed7da0339447e2fbb2e4391d19e47db1643e24a58d56

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
5ebe5fdbe3b0b386f2af756ae04eed7b
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
9984eee0b650be44ff0cf8c7073ec86e
metacapi
functions.prd.heyflow.com/ 		101 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2e4b2bf6da31e2cd39faefef3425706a9e976c1c0e6962a6c439ce89a6311920

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
2a15ad574ecf8a4aa99d55ea8fba46b7
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708420&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=dtg8deqhllce&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1328, tbw=2977, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708420&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=dtg8deqhllce&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421345751685651286"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
YJXl4bowGL9SMSlSkkDYNbgXy6MWfJ5R4xCnIRhW+uLTZJ5MecCGbRh/cWALhi3PwrI2kFqz6IWA80dVxoqvdA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421345751685651286", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=18, mss=1328, tbw=10331, tp=-1, tpl=-1, uplat=193, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708422&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=k9h1cfik1q8d&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1328, tbw=3264, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708422&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=k9h1cfik1q8d&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421345751594062585"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ngsmWqaIMlZNcnf4Q/Auo6YcezUGv0rc53rMJSMhE7E3OkmHgtOXgwsgyy9Rh7IMUMCPwxJTLRSXtTWJOCAQeg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421345751594062585", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=18, mss=1328, tbw=4060, tp=-1, tpl=-1, uplat=148, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
3ecbb76f49030f138c2e82d80835c9a8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
4cdcc611c9b811455d89465f989fa2d7
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
metacapi
functions.prd.heyflow.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 03 Oct 2024 00:51:48 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
ad6eae39379ea04ad74df23167765d7a;o=1
metacapi
functions.prd.heyflow.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 03 Oct 2024 00:51:48 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
a5f6c03f53c54c2df25603a9a648e3d1
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
1510d5c390efc05b60e350703f4478bc
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
a141199b7e39996d13851dc7850b5632
metacapi
functions.prd.heyflow.com/ 		101 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a9b2cbc47d3b0f07da33062e55fee79254b0c4e864553dec450ccfd59e0179b2

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
72a7ccddcc1168b357b9db4508d54d09
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
11f8e1db247059767c75e639de85993c
metacapi
functions.prd.heyflow.com/ 		101 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
02eb0da93289cf09fa19bafab309b233102c6977d58bd0ff6d44f14f1027822c

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
abbd6431832f836e685e98075a4deb49
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708615&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=cahzv9v3lmcx&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=14, mss=1328, tbw=3516, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708615&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=cahzv9v3lmcx&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421345751438205418"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
JSuC1XNvuY3I2eJsVaIQ4x3EKPmhtq4XaIeW30gBOfnWlj+E5v8t2A3OJdF8R9mXtln/XxQ8rT2SahlDVAzQYA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421345751438205418", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=18, mss=1328, tbw=7726, tp=-1, tpl=-1, uplat=42, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708617&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=3&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=8tcim8lftpam&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=14, mss=1328, tbw=3631, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708617&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=3&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=8tcim8lftpam&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421345752504880144"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
5/42vgt2QZr0qtJ/awLYmIYcE6AjlEwAQTkP+MIJVugHvJsTnjVS/6JuB7BXmZPtcRzeyQtO5GnM4uKzanDSQg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421345752504880144", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=18, mss=1328, tbw=6857, tp=-1, tpl=-1, uplat=38, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
0b95aa7f0a4049cd9a44eed1cdfe30d4
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
2e4e0ce12632588491e45b4c6314f625
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
cf3108d367f4f857623eece21f23952e
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
64fbcb15ba45d8e79564ab5a1b2872bc
metacapi
functions.prd.heyflow.com/ 		101 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
90d027922c28964e7ce454157a46d66796e4df84d49487af6e232282abb57668

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
915da1fc282204bc4023be447d2224a6
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
fb83ed63c0b170b0e6a0384f5f7ab289
metacapi
functions.prd.heyflow.com/ 		101 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
87069d1e78f1c136aa5b45843a28ccce4e0f204b3b47a27f180a191a2061d188

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://www.helpcheck.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
792af52ccdf51d3a2caa9136fb0e9d15
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708624&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=4&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=2c9s4hgkhghv&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=14, mss=1328, tbw=3882, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708624&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=4&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=2c9s4hgkhghv&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421345751925403002"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
q7r03j2dPzFjgIQWY8LE2JSD04y6HO3McZYJpILG4fdabrpBsdEUg2Cto12ZWwyVNXp/ulCdscPQmudDU0HOmA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421345751925403002", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=18, mss=1328, tbw=9464, tp=-1, tpl=-1, uplat=41, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708626&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=5&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=g3zg75y6svhm&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=14, mss=1328, tbw=3882, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=445649858951807&ev=PageView&dl=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung%23astart&rl=&if=false&ts=1727916708626&cd[event]=PageView&cd[flow_id]=lv-gutschein-pruefen&cd[host]=www.helpcheck.de&cd[path]=%2F%2Flebensversicherung&cd[origin]=https%3A%2F%2Fwww.helpcheck.de&cd[title]=%E2%96%B7Widerruf%20Lebensversicherung%20%C2%BB%20mehr%20Geld%20erhalten!&cd[hash]=%23astart&cd[referrer]=&cd[screen_width]=414&cd[screen_height]=440&cd[screen_id]=id-cbf0b05b&cd[session_id]=n6exfr&cd[ab_variant_id]=yEHLL1X1aYhEf1NTIKGk&cd[is_embedded]=true&cd[widget_version]=4.6.0&sw=1600&sh=1200&v=2.9.170&r=stable&ec=5&o=12316&fbp=fb.1.1727916708419.389719574717987823&ler=empty&cdl=API_unavailable&it=1727916707972&coo=false&eid=g3zg75y6svhm&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.helpcheck.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421345752313928118"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
XBlL/1EicmWpOILmrxTmLGwsnFQ53ESjuhNLkY1TmrXnRORI3+Fx/shY6f6NjAqxERs2GrRjOhDkg3DS7WCzHQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421345752313928118", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=18, mss=1328, tbw=8594, tp=-1, tpl=-1, uplat=39, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
59f75e6bddb10724f2c8418d73901ddc
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
logs
api.prd.heyflow.com/flow/lv-gutschein-pruefen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/lv-gutschein-pruefen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/lv-gutschein-pruefen/www/dist/app-DnxyNroG.js?q=lv-gutschein-pruefen-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 00:51:48 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
01ea4220f4425615bea1900cc3344e9a
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gusid
rep.verbraucherzentrum.info/v1/lst/ 		0
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.verbraucherzentrum.info/v1/lst/gusid
Requested by
Host: rep.verbraucherzentrum.info
URL: https://rep.verbraucherzentrum.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Ref-Url
https://www.helpcheck.de//lebensversicherung#astart
Referer
https://www.helpcheck.de/
Product-ID
191462
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
fp
9aff2aa514e195533fa96db916347214

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
ETag
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:49 GMT
Server
nginx/1.18.0 (Ubuntu)
Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
gusid
rep.verbraucherzentrum.info/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.verbraucherzentrum.info/v1/lst/gusid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
fp,product-id,ref-url
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
fp,product-id,ref-url
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:49 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
gusid
rep.rueckerstattung-lebensversicherung.info/v1/lst/ 		0
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.rueckerstattung-lebensversicherung.info/v1/lst/gusid
Requested by
Host: rep.rueckerstattung-lebensversicherung.info
URL: https://rep.rueckerstattung-lebensversicherung.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Ref-Url
https://www.helpcheck.de//lebensversicherung#astart
Referer
https://www.helpcheck.de/
Product-ID
191462
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
fp
9aff2aa514e195533fa96db916347214

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
ETag
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:49 GMT
Server
nginx/1.18.0 (Ubuntu)
Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
gusid
rep.rueckerstattung-lebensversicherung.info/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.rueckerstattung-lebensversicherung.info/v1/lst/gusid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
fp,product-id,ref-url
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
fp,product-id,ref-url
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:49 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
gusid
rep.helpcheck.de/v1/lst/ 		0
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.helpcheck.de/v1/lst/gusid
Requested by
Host: rep.helpcheck.de
URL: https://rep.helpcheck.de/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Ref-Url
https://www.helpcheck.de//lebensversicherung#astart
Referer
https://www.helpcheck.de/
Product-ID
191462
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
fp
9aff2aa514e195533fa96db916347214

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
ETag
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:49 GMT
Server
nginx/1.18.0 (Ubuntu)
Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
gusid
rep.helpcheck.de/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.helpcheck.de/v1/lst/gusid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
fp,product-id,ref-url
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
fp,product-id,ref-url
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:49 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
session
lg.hyr.so/v1/lst/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lg.hyr.so/v1/lst/session
Requested by
Host: rep.rueckerstattung-lebensversicherung.info
URL: https://rep.rueckerstattung-lebensversicherung.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Headers
*

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-expose-headers
Session-ID, L-Gen-ID
etag
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.helpcheck.de
content-length
0
date
Thu, 03 Oct 2024 00:51:50 GMT
l-gen-id
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
session
lg.hyr.so/v1/lst/ 		0
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lg.hyr.so/v1/lst/session
Requested by
Host: rep.helpcheck.de
URL: https://rep.helpcheck.de/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Headers
*

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-expose-headers
Session-ID, L-Gen-ID
etag
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.helpcheck.de
content-length
0
date
Thu, 03 Oct 2024 00:51:50 GMT
l-gen-id
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
session
lg.hyr.so/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lg.hyr.so/v1/lst/session
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-24.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.helpcheck.de
access-control-expose-headers
Session-ID, L-Gen-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 03 Oct 2024 00:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
session
lg.hyr.so/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lg.hyr.so/v1/lst/session
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-24.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.helpcheck.de
access-control-expose-headers
Session-ID, L-Gen-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 03 Oct 2024 00:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
session
lg.hyr.so/v1/lst/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lg.hyr.so/v1/lst/session
Requested by
Host: rep.verbraucherzentrum.info
URL: https://rep.verbraucherzentrum.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.helpcheck.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Headers
*

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-expose-headers
Session-ID, L-Gen-ID
etag
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.helpcheck.de
content-length
0
date
Thu, 03 Oct 2024 00:51:50 GMT
l-gen-id
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
session
lg.hyr.so/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lg.hyr.so/v1/lst/session
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.178.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-178-24.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://www.helpcheck.de
access-control-expose-headers
Session-ID, L-Gen-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 03 Oct 2024 00:51:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pc
rep.helpcheck.de/v1/lst/ 		117 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.helpcheck.de/v1/lst/pc?ref_url=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=9aff2aa514e195533fa96db916347214
Requested by
Host: rep.helpcheck.de
URL: https://rep.helpcheck.de/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
14290bfc017e6863bae0f5eca6765a1e5d9e2c026b313ac2b87593cb1fc5845e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Referer
https://www.helpcheck.de/
Product-ID
191462
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
L-Gen-ID
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
Access-Control-Allow-Headers
*

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
117
Date
Thu, 03 Oct 2024 00:51:50 GMT
Content-Type
application/json;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
pc
rep.rueckerstattung-lebensversicherung.info/v1/lst/ 		117 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.rueckerstattung-lebensversicherung.info/v1/lst/pc?ref_url=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=9aff2aa514e195533fa96db916347214
Requested by
Host: rep.rueckerstattung-lebensversicherung.info
URL: https://rep.rueckerstattung-lebensversicherung.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9c103eb75d47c8799a92a8918dcd112ff9f49f08764e8e8b43d3c3339f078ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Referer
https://www.helpcheck.de/
Product-ID
191462
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
L-Gen-ID
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
Access-Control-Allow-Headers
*

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
117
Date
Thu, 03 Oct 2024 00:51:50 GMT
Content-Type
application/json;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
pc
rep.verbraucherzentrum.info/v1/lst/ 		117 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.verbraucherzentrum.info/v1/lst/pc?ref_url=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=9aff2aa514e195533fa96db916347214
Requested by
Host: rep.verbraucherzentrum.info
URL: https://rep.verbraucherzentrum.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd0718be214b648f0b76b74fb7f1f5eebc87a3384b4e93683b6a8415162bcbb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Referer
https://www.helpcheck.de/
Product-ID
191462
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
L-Gen-ID
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
Access-Control-Allow-Headers
*

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
117
Date
Thu, 03 Oct 2024 00:51:50 GMT
Content-Type
application/json;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
pc
rep.helpcheck.de/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.helpcheck.de/v1/lst/pc?ref_url=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=9aff2aa514e195533fa96db916347214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:50 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pc
rep.rueckerstattung-lebensversicherung.info/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.rueckerstattung-lebensversicherung.info/v1/lst/pc?ref_url=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=9aff2aa514e195533fa96db916347214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:50 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pc
rep.verbraucherzentrum.info/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.verbraucherzentrum.info/v1/lst/pc?ref_url=https%3A%2F%2Fwww.helpcheck.de%2F%2Flebensversicherung&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=9aff2aa514e195533fa96db916347214
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Request-Method
GET
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:50 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pcu
rep.helpcheck.de/v1/lst/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.helpcheck.de/v1/lst/pcu
Requested by
Host: rep.helpcheck.de
URL: https://rep.helpcheck.de/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Referer
https://www.helpcheck.de/
Product-ID
191462
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8
L-Gen-ID
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
Access-Control-Allow-Headers
*

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:53 GMT
Content-Type
application/json;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
pcu
rep.helpcheck.de/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.helpcheck.de/v1/lst/pcu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Request-Method
PUT
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:53 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pcu
rep.rueckerstattung-lebensversicherung.info/v1/lst/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.rueckerstattung-lebensversicherung.info/v1/lst/pcu
Requested by
Host: rep.rueckerstattung-lebensversicherung.info
URL: https://rep.rueckerstattung-lebensversicherung.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Referer
https://www.helpcheck.de/
Product-ID
191462
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8
L-Gen-ID
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
Access-Control-Allow-Headers
*

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:54 GMT
Content-Type
application/json;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
pcu
rep.rueckerstattung-lebensversicherung.info/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.rueckerstattung-lebensversicherung.info/v1/lst/pcu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Request-Method
PUT
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:53 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pcu
rep.verbraucherzentrum.info/v1/lst/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rep.verbraucherzentrum.info/v1/lst/pcu
Requested by
Host: rep.verbraucherzentrum.info
URL: https://rep.verbraucherzentrum.info/v1/lst/universal-script?ph=6dbf47b8e5ed2a0a5379b8515bdcabcafa5a7d96cb06b0cf70df4a391d212ffc&tag=!clicked&ref_url=https://www.helpcheck.de//lebensversicherung
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Session-ID
HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
Referer
https://www.helpcheck.de/
Product-ID
191462
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8
L-Gen-ID
LS_e4f1f51991bf9726a6c33927d6f94af5c53e1023dacc75981126573ff79a0096
Access-Control-Allow-Headers
*

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Front-End-Https
off
Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:54 GMT
Content-Type
application/json;charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
pcu
rep.verbraucherzentrum.info/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rep.verbraucherzentrum.info/v1/lst/pcu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Request-Method
PUT
Origin
https://www.helpcheck.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.helpcheck.de
Access-Control-Expose-Headers
Session-ID, L-Gen-ID
Access-Control-Max-Age
86400
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Thu, 03 Oct 2024 00:51:54 GMT
Front-End-Https
off
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.helpcheck.de
URL
blob:https://www.helpcheck.de/15289e09-6d49-4d70-b684-68636c9d18e8

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| WebFont object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| dataLayer object| CookieConsent object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| embeds object| CookiebotDialog object| CookieConsentDialog object| code object| _vwo_code number| _vwo_settings_timer object| lvs function| getParameterByName string| typeReplacement function| $ function| jQuery number| CB_jQueryHoldReadyStarted function| tram object| Webflow function| addUtmParamToForm function| appendVariables number| CB_OnTagsExecuted_Processed number| _VWO_Jphp_StartTime object| _VWO string| _vwo_mt string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue object| VWOOmni string| _vwo_cdn number| _vwo_library_timer object| mainThread object| vwoChannelFW object| vwoChannelToW number| _VWO_VaGQ_StartTime function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_api_section_callback object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s object| _vwo_exp string| _vwo_uuid function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| _vwo_exp_ids object| _vwo_pa boolean| vwo_libExecuted object| heyflow function| onImageLoadError function| fbq function| _fbq object| integration object| windowConstants object| google_tag_manager object| google_tag_data object| head object| script function| Cleave function| filterCSS function| filterXSS object| Client object| hrs object| FPJS string| documentUrl function| mcAsyncInit function| addEventListenerBase

11 Cookies

Domain/Path Name / Value
rep.rueckerstattung-lebensversicherung.info/v1/lst Name: __mh_tt_s
Value: HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
rep.helpcheck.de/v1/lst Name: __mh_tt_s
Value: HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
rep.verbraucherzentrum.info/v1/lst Name: __mh_tt_s
Value: HB-ET_7c9b72aa47d00670f27ddb421201c52705a722e3451ac9aa74207238eb8cc11d
.prod.website-files.com/ Name: __cf_bm
Value: PonNDKMbigr9B4bwhWwcYFcLlBSZLnR8Cnh.X981jJg-1727916706-1.0.1.1-9S9WN3maQsqnxkC_gYPo_MioGGbdEdL4F7lfjBtzitA.yLeRfAN82eK3K7mnU9IlAKqFksP_s7wzZN3K45dBKA
.helpcheck.de/ Name: _vwo_uuid_v2
Value: DC2E214C5B3DA871B90B492303A70383F|c6de8c8eca30225f6927f5524e7ef1d1
.helpcheck.de/ Name: _vwo_uuid
Value: DC2E214C5B3DA871B90B492303A70383F
.helpcheck.de/ Name: _vwo_ds
Value: 3%241727916706%3A75.05533142%3A%3A
.helpcheck.de/ Name: _vis_opt_s
Value: 1%7C
.helpcheck.de/ Name: _vis_opt_test_cookie
Value: 1
.helpcheck.de/ Name: _vwo_sn
Value: 0%3A2%3A%3A%3A1
.helpcheck.de/ Name: _fbp
Value: fb.1.1727916708419.389719574717987823

6 Console Messages

Source Level URL
Text
recommendation warning URL: https://www.helpcheck.de//lebensversicherung
Message:
[DOM] Found 2 elements with non-unique id #login-form: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://www.helpcheck.de//lebensversicherung
Message:
[DOM] Found 2 elements with non-unique id #login-form-submit: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://www.helpcheck.de//lebensversicherung
Message:
[DOM] Found 2 elements with non-unique id #password: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://www.helpcheck.de//lebensversicherung
Message:
[DOM] Found 2 elements with non-unique id #username: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://www.helpcheck.de//lebensversicherung
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://www.helpcheck.de//lebensversicherung
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.prd.heyflow.com
app.helpcheck.de
assets.prd.heyflow.com
cdn.jsdelivr.net
cdn.prod.website-files.com
cdnjs.cloudflare.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d3e54v103j8qbb.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
fonts.heyflow.cloud
functions.prd.heyflow.com
imgsct.cookiebot.com
lg.hyr.so
mini-serve.prd.heyflow.com
rep.helpcheck.de
rep.rueckerstattung-lebensversicherung.info
rep.verbraucherzentrum.info
static.heyflow.app
www.facebook.com
www.googletagmanager.com
www.helpcheck.de
www.helpcheck.de
2606:4700:20::681a:1f0
2606:4700::6811:180e
2606:4700::6812:a175
2a00:1450:4001:806::200a
2a00:1450:4001:808::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a02:26f0:3500:18::1724:a29a
2a02:26f0:3500:886::f09
2a02:26f0:3500:887::f09
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::485
34.54.43.41
34.96.102.137
35.152.104.113
35.246.143.79
44.195.178.24
52.205.62.94
52.222.232.99
017a314ded9bea496c263ffcea3d6c2b9a368dca0236ebbc651d10772abc6b45
02eb0da93289cf09fa19bafab309b233102c6977d58bd0ff6d44f14f1027822c
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0943976c3b5e1dffb33f4ffaffb5b8501dd63c425eaf4552b8faaa1ccf4f2c0b
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d0c113caf4e14666325ed7da0339447e2fbb2e4391d19e47db1643e24a58d56
0d9740a58f2fee125edf28cea3cb1d2c98971bb6f2bdce19635575b3da4725a0
0dd69199286a07a1488064bb2b431babbe6bbf63c987910aac1b8524ac1a83bb
1106ce7dbccf0680ccd84459c22469e8b5ea3efa05ae824732e2874f192e3c89
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14290bfc017e6863bae0f5eca6765a1e5d9e2c026b313ac2b87593cb1fc5845e
1a18afe59e8186a7cdc6260a16c4b62676c1436fa6905a8313511a513691b968
1b94e0d8ca23cc01c51de5d2d6a9e69704b95848c2143df8ee6cd421ac60decf
1edd45051e5171e7417322485393869b0e94ff00bbe1ecb564deff3bf6e3eac5
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
21c47f611697b5bc3aafe5a21a1b6a9fc19daab80690a2cd66b43cde72b66ffe
2e4b2bf6da31e2cd39faefef3425706a9e976c1c0e6962a6c439ce89a6311920
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40580d429399613827a6f3ad0c14d7193c0de2ea2994113d32cd00d7fbceafbc
45b0dfb9bd2b5aa1627033c5f249461d7d2a0e601a266d56cf81979d89f112cb
4b50136e30685c02cdb191e8c362d5d215ed85a341fc9477887adf493c2060ca
4ea8e7ec3f250cf20eb9853adb03696883f4e58191d54d0ddbb63ad7ce129f3b
4eeb7ee8ccf094432e15004111ed084d553b5e54931508b9649d2daffef8dbc1
50328a713db17a1469d31103d9a5ab7238a3c0a78bd203011fc2ecbde4709bdd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
603e3b6061c49f8c02f07e5152c5d7381defba10c8fe73f95090e19a78de0397
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b87d55b221eba515aba357707082b64497e6bac147a11151f4ec06c18ee6426
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6ea3868078290bccb9fb1c1020d4eab6f53cd2cb65b8ce0e6c89cd4fb5c65cdf
766d47c5dae060ace22799183d3d74a04e296225ba6a408e6e82cca3a923d7a2
7c525e68160cf7085814e6f993bf76928ddff62940ef8ea87587c475714d55d8
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b10f4c52f28d8d9e97080a5bce4429e9a53ad54dd119ca59eda39f4f829df5
87069d1e78f1c136aa5b45843a28ccce4e0f204b3b47a27f180a191a2061d188
8a1de9f068b8bc7ac4dbf89826044bd32f5d0cdc569c2efc6b72113d09221e0c
8fcd3d435fbb796393c07ffcc0a074d7346ab3caa290eefa806c6c2d6345ffb7
90d027922c28964e7ce454157a46d66796e4df84d49487af6e232282abb57668
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
9e548b36d3dcbc650607da350ded1745cdd703aed8de48137c8430fd17924153
9f98809cb745f70d576602a891b3198a70b8dcbb444b1ed626831c26e1022e3f
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a26de67dcfb8750beb1bd558517521026f407ccfb3c40ba8c3cb839de1bcf5f0
a59b85a97d30513ffcd88bb45a15abafe6703d7164f2e1ac9588d7dbd3fcc557
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a8382fa9999ce127b5c24266991b4a3090646a866df6871cd621aad56ef8e6a2
a875c30b4606ced3dcf75f3e1d3b756306dd7f17e273189efe64841c3223c652
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
a9b2cbc47d3b0f07da33062e55fee79254b0c4e864553dec450ccfd59e0179b2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa9185ab1bfe6ccdf160f859377f2c8ed3b102c7a083bbbfb30d2ea3f26ff31f
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c040cb9cd6803e7dafe87255c5a629dd6011d9b7dcc174dcb52eb2f80ee26750
c13459903556f4fe9c441c12338976bc3bfa96a34ae4c3e725fe639f1303ec85
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c67ce89975825c8dc16eaf5a9969120d49cd1a31346485b0ace863022f056e1a
c8cc7930c776ceeb145dbf96a049e008f3abcef1c0ac2cac69d3339361e06678
c9f1625ce90ab676bf5e5bbcdecee6b8c773ed9b397f05819ceaf5a430972c50
ceb66f0fcbb00da3b450b99fe2a8008945e1afd9b6a5977b01430581cdc99822
cf7ae8d55dd1927fbaafe23f111b73a99202d7109925647facadf76ff1bb7516
d1eceee39432142a3c5cbc5e103c41895b348ce8463adb2db06515d7131effc0
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
db1eef441018dbf8314a9d0973c9598656410c16f8c2937f9e17b1579a875ea4
dc731d27b605c8bfda83754695f4de65206b95681806892e01db3cd374838d18
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e2a4d61d82f32f4cfea5187f852c29587454e86ee3e4264d6982c513bb15d9f2
e3360ac38581ce40229e126e50c7b9488b4a4c8e286d94cb444aa74feb2d2544
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c103eb75d47c8799a92a8918dcd112ff9f49f08764e8e8b43d3c3339f078ef
ee8e1a456201e0849a61dd164cf772bf082be0e609000d895259e6aad9be9c05
f1ca78b693fa3195a3b4a78d1d851d5150cdce603e5289422e033ba5fdb85cc0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb614d8b36159855d9b3581e4fa7166b5f1f4c77db442652c436e3784e38e187
fd0718be214b648f0b76b74fb7f1f5eebc87a3384b4e93683b6a8415162bcbb5
fda0e0687bdaf19ea4920da43f08d665f6ddaa6fe6ecb9e3881079d8ec4dd12a
fed6ac309469834d8d7c26b5593f918079cfc5f94eb0097081b7f200a2a5319d