URL: https://www.www.geldhelden.ai/
Submission: On January 26 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 45.138.175.224, located in Germany and belongs to AUROLOGIC aurologic GmbH, DE. The main domain is www.www.geldhelden.ai.
TLS certificate: Issued by R3 on January 26th 2024. Valid for: 3 months.
This is the only time www.www.geldhelden.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.138.175.224 30823 (AUROLOGIC...)
17 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 159.69.147.208 24940 (HETZNER-AS)
20 3
Apex Domain
Subdomains
Transfer
19 funnelcockpit.com
static.funnelcockpit.com — Cisco Umbrella Rank: 524528
api.funnelcockpit.com — Cisco Umbrella Rank: 605458
1 MB
1 geldhelden.ai
www.www.geldhelden.ai
7 KB
20 2
Domain Requested by
17 static.funnelcockpit.com www.www.geldhelden.ai
static.funnelcockpit.com
2 api.funnelcockpit.com static.funnelcockpit.com
1 www.www.geldhelden.ai
20 3

This site contains links to these domains. Also see Links.

Domain
www.digistore24.com
geldhelden.org
Subject Issuer Validity Valid
www.www.geldhelden.ai
R3
2024-01-26 -
2024-04-25
3 months crt.sh
static.funnelcockpit.com
E1
2023-12-25 -
2024-03-24
3 months crt.sh
*.funnelcockpit.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-01 -
2024-10-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.www.geldhelden.ai/
Frame ID: B12D967B2BC85EBAB850E9066E09A048
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Anmeldung Webinar KI und Finanzen

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

1109 kB
Transfer

1664 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.www.geldhelden.ai/
24 KB
7 KB
Document
General
Full URL
https://www.www.geldhelden.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.138.175.224 , Germany, ASN30823 (AUROLOGIC aurologic GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
02349b8d06a1ca23605eef101af79e6ae984b92fd51bcc18078a79b626f1c944

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 26 Jan 2024 10:24:26 GMT
server
Caddy
vary
Accept-Encoding
funnel-page.css
static.funnelcockpit.com/assets/css/
535 KB
82 KB
Stylesheet
General
Full URL
https://static.funnelcockpit.com/assets/css/funnel-page.css?v=61659c0039c38d5c
Requested by
Host: www.www.geldhelden.ai
URL: https://www.www.geldhelden.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209ec8ece3adb13e7608adda22570b91b3c6e7b4b2c4df887dda03c86f9f0040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1990
etag
W/"4a654fd9cf3397a4c9211e5b57aa4375"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZoE7Dl7HiCiT0xk4ObU7SJnkIicFL34YAeR7Lhti%2BUfk58tjuL5zh8D5RkDm9YP0A0VAhDBXZxsSfE4mBtkAVfhRHmBNFcj6OMaAOmpM7NG%2BHxDeEriJm6i9b2GW6XFy5KB97P%2FnadJ5CcHLx521cbPyV8Iyws%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84b80bd6feef5d9c-FRA
alt-svc
h3=":443"; ma=86400
d722c2f0b7457bb11dc716d4de53f0ba.png
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/
64 KB
65 KB
Image
General
Full URL
https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/d722c2f0b7457bb11dc716d4de53f0ba.png
Requested by
Host: www.www.geldhelden.ai
URL: https://www.www.geldhelden.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c2ed9b177a83f9258b77d317e2b72daaeec2ff31e2260073ab29357a719e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
cf-cache-status
MISS
last-modified
Mon, 25 Dec 2023 01:39:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9e80bb1d0cf55042f19bb5422f74d54f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9X05MMgGeKtYfa2Kzd45Fo3Wmx7dNwlXwyBU5mXr%2Bab6vZoaFvjvDbAvxzaCcd03qXLeZw1z%2B1%2FwoGh1n9qNP7g8bVz901bEsts8UCxo8ldcMEpSV9lZsNMwJ%2F2xbcK9BQwZYIE01G6B6WXCmdFL1jnGGDLg7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd6fef15d9c-FRA
alt-svc
h3=":443"; ma=86400
content-length
65775
cd6ada5979bcea3dff3f214a87bc01ba.png
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/
447 KB
448 KB
Image
General
Full URL
https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/cd6ada5979bcea3dff3f214a87bc01ba.png
Requested by
Host: www.www.geldhelden.ai
URL: https://www.www.geldhelden.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd01057749c011b059063aef25b2bd68334bd8387d3f0117f7ec0f3b0d6af8d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
cf-cache-status
MISS
last-modified
Mon, 25 Dec 2023 01:39:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4379b398f27970f3c8cec8a6901d755c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV%2F%2FDlE5nJ9ZHmLSU%2FConh2V4bEoyJrhmK8IS%2BGvYnk%2Fx1U1bR%2BfjneT0%2FBk4yMFxtw4cMslP3zcErJXiOC043K88wCDavapR7JXosmJqJTDTLgKdelhDE1tu4HnseWvh1f7qY2LrwAU95myzNUBPuuWSBRRxt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd6fef05d9c-FRA
alt-svc
h3=":443"; ma=86400
content-length
457490
0ce058c49f13fc0e6c58d65eaed4e5a3.webp
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/
112 KB
113 KB
Image
General
Full URL
https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/0ce058c49f13fc0e6c58d65eaed4e5a3.webp
Requested by
Host: www.www.geldhelden.ai
URL: https://www.www.geldhelden.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77c160747d5babeb540033a0a1cfc5cfe8423a235994aaed8c4b858d35f5893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:27 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0Q2X9ZN9CKMPAZX6
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
115096
x-amz-id-2
YGBlb4tpJ5x2t31G0B9BxxrWJ7XxvMtzmcABJc7J6/5z6ZQZL1X0FnEOVzdLdvf0VuhCq0uZ5ZM=
last-modified
Tue, 16 May 2023 00:26:34 GMT
server
cloudflare
etag
"41124b6cc9424c8ef950d628e2ae4608"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoVb0b9Q5y4sbHnJAg2i7jrfv2NdQsHT5FbHO5Tsta%2F%2B22Wf0jBlZ8l3h8UR5XH7bBQfCIlj0MZeBWGoAe1o23OcLK87jVgg9zxM6UcO9mgKIl%2FefBwKQa3Ro2JKw6TQlMMmMxPf7UNrHGBltPuO%2BSRF8wXKWVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd7af835d9c-FRA
bc06660443e0653623eee9029e9741aa.jpg
static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/
224 KB
224 KB
Image
General
Full URL
https://static.funnelcockpit.com/upload/rqqFSYdMxeCTDTi8d/bc06660443e0653623eee9029e9741aa.jpg
Requested by
Host: www.www.geldhelden.ai
URL: https://www.www.geldhelden.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45311fa286f31cd40083161d4abaadb5c97f7bc9c8aca43d0974bfa4cf565b83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5QWMPVHYNRFCJ2E8
alt-svc
h3=":443"; ma=86400
content-length
228962
x-amz-id-2
I64ppt+6f1OPICyF2pP5PTxXJy9w7LW1YgdHUloPD/djs+wJWczOk09ltXiGJRmUoeOFzvg3Hnc=
last-modified
Wed, 06 Jul 2022 04:23:45 GMT
server
cloudflare
etag
"5ea2ad6adfd7387d93187e454744c462"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVIHirDLrm3YgWFw1cTNX%2F4mQ5cj%2BwdXnCwbcWc5lBlgzZqbVipxPIBXhMzWhEfJxfZxIPrDcCK790W9Ms1ijwDagGINI0EYaj02JkrutqpieYJXQds5aqCVFfFg06J6ZbEQmLgdUn4QhBEYyiIYz2JDt8b8gTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd7af855d9c-FRA
funnel-page.js
static.funnelcockpit.com/assets/js/
104 KB
34 KB
Script
General
Full URL
https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Requested by
Host: www.www.geldhelden.ai
URL: https://www.www.geldhelden.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28563d02b40b529b4abd2a5368cee6de43bb396f0607599d3f2be1a7967e248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1335
etag
W/"24193ecfb0b3a134ee41f7f921f5d229"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCRgKkJPe67itU%2FjovkCmNH6nst43HayqmQusiEYvqrDAtALJQ1Ay3mnq3PMnClFj7l8oeXYdMZjcte4l5fuQbfkaaBsz%2Fe8C%2Bj0EUFN9CEfyzIg6r8R%2F%2B%2B4Bj2xEQgTEYop3qDM9QbiLfLBKgaNO3kj%2BnQz7Ns%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=43200
cf-ray
84b80bd7af875d9c-FRA
alt-svc
h3=":443"; ma=86400
fa-solid-900.woff2
static.funnelcockpit.com/assets/fonts/
76 KB
77 KB
Font
General
Full URL
https://static.funnelcockpit.com/assets/fonts/fa-solid-900.woff2
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://static.funnelcockpit.com/assets/css/funnel-page.css?v=61659c0039c38d5c
Origin
https://www.www.geldhelden.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:27 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Jan 2024 20:24:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d824df7eb2e268626a2dd9a6a741ac4e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssZj2guCBbHbKWuq2KXnN5Pm0d0pgha6nRABUGM1fQCy24ANGZaySG7Cg8ZmjQXHZbLkuT%2Fj5RGKCZx6L8Z%2BXb2zetEbKRcBVYZwfiJcA8Hn1x2S3gFteSobMERrDzp3%2FJVmmAqVwP4abEDeOk42dCYfTvM7dUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd99dce59d9-IAD
alt-svc
h3=":443"; ma=86400
content-length
78268
track-page-visit
api.funnelcockpit.com/
0
0
Preflight
General
Full URL
https://api.funnelcockpit.com/track-page-visit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.147.69.159.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.www.geldhelden.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, cookie
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
https://www.www.geldhelden.ai
date
Fri, 26 Jan 2024 10:24:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-download-options
noopen
x-xss-protection
1; mode=block
track-page-visit
api.funnelcockpit.com/
0
378 B
XHR
General
Full URL
https://api.funnelcockpit.com/track-page-visit
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.147.208 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.147.69.159.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.www.geldhelden.ai/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 26 Jan 2024 10:24:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-download-options
noopen
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
https://www.www.geldhelden.ai
cache-control
private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, cookie
x-xss-protection
1; mode=block
2819.d6d84bb98dbe0ff84b29.js
static.funnelcockpit.com/assets/js/chunk/
877 B
784 B
Script
General
Full URL
https://static.funnelcockpit.com/assets/js/chunk/2819.d6d84bb98dbe0ff84b29.js
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd5e9abcc2c222a80aee31ada49755ea918b6245e35d1367c107eb00d52bfd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56
etag
W/"900e8d6cebeba595cd4d9d397c936a97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4k3DOjqVLF%2F5mZHnQuFQewvAByEwVTh8kalmkWWKzpSUmURcUqDajtJmE35OzKLp3VR71zk4WlmgxgwbNl%2BANmVMgV4maO3%2BOK2hJqlbDWe8e7%2B7ImbtmHZ2ogLlMqTy3UcaGuHzvcB2wW01DpvM3fPuQ0um20%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=43200
cf-ray
84b80bd81ff65d9c-FRA
alt-svc
h3=":443"; ma=86400
8795.b9a7fadd13c5c415ed57.js
static.funnelcockpit.com/assets/js/chunk/
7 KB
3 KB
Script
General
Full URL
https://static.funnelcockpit.com/assets/js/chunk/8795.b9a7fadd13c5c415ed57.js
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0306f40ff8a075f6afc19e54911ecb0c8dcd174aa3d0291a7b159635ec536d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5239
etag
W/"30423b8f34315bdd3dd0ebc67d2c9756"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzHSuf3wXuTlSSi7hakAwn10rDk0xqz%2F%2BoHtb3UrWWFZDQo0NIWIPkzBznSgPLsmT6EGuizpX4JOG5ZYU5p82UiD07u3agsoijh0DFTsF0BsAqxWLww0ARQS9c4lAhDED%2FyGLZ%2BVe%2B%2Bu7zT2mg4fhKC5WHcmIoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=43200
cf-ray
84b80bd81ff75d9c-FRA
alt-svc
h3=":443"; ma=86400
2681.f9ebe191577409e358e3.js
static.funnelcockpit.com/assets/js/chunk/
4 KB
2 KB
Script
General
Full URL
https://static.funnelcockpit.com/assets/js/chunk/2681.f9ebe191577409e358e3.js
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5176
etag
W/"45823df5200104062056ad9fe02fc457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCngH4jJtwZ0ABQi0YpQBRRyB8QGYwDjjy8IIZyGjcwuBwt89xz5gEXLSaybbNJdnu4tJmeKWkBUuChQFCU0zTYTrmQqwPTbyv9bpyd%2FZtpMk2mGZTituyRXSfsL%2FLhUMmN0kcTpq4vEGi0gtQf%2BzWiGToxqbaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=43200
cf-ray
84b80bd81ff85d9c-FRA
alt-svc
h3=":443"; ma=86400
1304.31030298a02161531ca7.js
static.funnelcockpit.com/assets/js/chunk/
5 KB
2 KB
Script
General
Full URL
https://static.funnelcockpit.com/assets/js/chunk/1304.31030298a02161531ca7.js
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5652
etag
W/"789b48c7404e9ed9881c4fbd1f97afbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ck2OAU8mK4DY3PovZSiI3qRkX1eUeCMa3xDE%2Fs%2FlBm2%2FK0aH4OjFkgzB8ewzH6eRuTDzZtjJyrTR808%2BX5pWx2zkkCbpXDS%2B8l9Ij6rJQgAZxgB349fhrS3Z0T9WGGp0MJqokQ52FY49aoobojr8o%2FMu8x1iDgY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=43200
cf-ray
84b80bd81ffa5d9c-FRA
alt-svc
h3=":443"; ma=86400
3063.26fbf89730552c8f1fa0.js
static.funnelcockpit.com/assets/js/chunk/
11 KB
4 KB
Script
General
Full URL
https://static.funnelcockpit.com/assets/js/chunk/3063.26fbf89730552c8f1fa0.js
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad18f015d84887da0ca413e01dc5883c042702e382ceadc4c986992f49d567c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5482
etag
W/"f1d4d6df1576763107054d2ffa7e02de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utiHTUVt65B3Gfe1pLDL%2FvE9OMkznlL9bR2J7M%2BGKFEM6e40f6Iv%2Fb%2BHaMQLknYXTOhEwD8AL0GxcXTSC4T%2Buv2usB0QTrm8phsfMMZ%2BuXY5hM%2BBgi41LNxJZ76WksZVQHkJmYodfjvgUtuC%2BRtw%2BFPv8cqevaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=43200
cf-ray
84b80bd81ffb5d9c-FRA
alt-svc
h3=":443"; ma=86400
spartan.css
static.funnelcockpit.com/assets/css/fonts/
6 KB
850 B
Stylesheet
General
Full URL
https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15f198badbdbce2000b85cd2641d3c6c842f38e921fee1378c50a019d273d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.www.geldhelden.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 20:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4291
etag
W/"bd6320f3c3e889d5c53c7940bace3e43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aB%2Bt8JwZGUUBvOoOzFY2%2BZqNUeQMyX%2F2TUgXjVN18aDskdav4ce2QUW2Pmsyiy24qd2kOPN%2B3RJmx3X1j%2BKRSbZo5d%2FOmcfCaBGn6v%2ByY1yCFyhdEfLaEWt7COkKfXjMvu8CXpE3vecjqltCPoR4SFma7J0xgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
84b80bd81ffd5d9c-FRA
alt-svc
h3=":443"; ma=86400
spartan-v3-latin-regular.woff2
static.funnelcockpit.com/assets/fonts/
11 KB
12 KB
Font
General
Full URL
https://static.funnelcockpit.com/assets/fonts/spartan-v3-latin-regular.woff2
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba7cdc08ad550ca8a04711fc24a2c3946960e49d21729a309574b224625fbd0a

Request headers

Referer
https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Origin
https://www.www.geldhelden.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:27 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Jan 2024 20:26:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d11b864742289dbf21c9646464581ed"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7JAvvS1Re2n3BMeAkSOZVAB%2B1DIVcS2s62vMUFQJhiK%2Bxj1aakDU36OlOq8CJbPlXRxA0AkgHlz4iVQJpDjlXQwT5YMqIK97PKqhVDR9kS%2FBRJMw8t5PykWpN%2BTaBgLErBuhuq56v7trv4KoXr6doB5TnPXmYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd99dd459d9-IAD
alt-svc
h3=":443"; ma=86400
content-length
11316
spartan-v3-latin-600.woff2
static.funnelcockpit.com/assets/fonts/
11 KB
11 KB
Font
General
Full URL
https://static.funnelcockpit.com/assets/fonts/spartan-v3-latin-600.woff2
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f675ffe243d9486eeb44378a7f0d84772931e8b91d83d8165cece276114329

Request headers

Referer
https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Origin
https://www.www.geldhelden.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:27 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Jan 2024 20:26:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cc82f67cd68d0f1fa1d98c1eaf8e3239"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCd3vIRGIQIxOMN3SMYPn9KojSmwtzpKuqtulxg0dbsWp%2Fsr%2FiDpWQ5b%2BXSBXCnGDaTQajOcQAHS%2BDOZOcDHkHh0mzku93PXkRZTNUvvsGC8nGM9Cgo5pINV%2FAEZ6W9i8yQ0xSkrqFAEge0AnV52YJgLj%2Bb6YoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd99dd159d9-IAD
alt-svc
h3=":443"; ma=86400
content-length
11340
spartan-v3-latin-500.woff2
static.funnelcockpit.com/assets/fonts/
11 KB
11 KB
Font
General
Full URL
https://static.funnelcockpit.com/assets/fonts/spartan-v3-latin-500.woff2
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9ae21a86b90cbcc2f2b958ff912d3db1ec97a01cfe33475ffb941878bd994d

Request headers

Referer
https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Origin
https://www.www.geldhelden.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:27 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Jan 2024 20:26:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0baa0b736769c131122a824e594766a1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhaQTD1YvTA2FzwtQi%2Fobxw2AJxzv0VBUfZumYn4Bzy7kc6JPjfWkTNz%2BcVj4HvJvSt4jLiwUvBty8KagfXdmcbOoce%2FauOb0SphTucG%2FFsH0a%2BMruPFIDBjCaJHJ0THrK%2BHuRPjM4XjQr1dIFZo7rfafBtCjFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd99dd659d9-IAD
alt-svc
h3=":443"; ma=86400
content-length
11236
spartan-v3-latin-700.woff2
static.funnelcockpit.com/assets/fonts/
11 KB
11 KB
Font
General
Full URL
https://static.funnelcockpit.com/assets/fonts/spartan-v3-latin-700.woff2
Requested by
Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebc8ac8ae795872a4331466cf4ca30736686010cc9b2552192c2788c9f9dd66b

Request headers

Referer
https://static.funnelcockpit.com/assets/css/fonts/spartan.css?v=61659c0039c38d5c
Origin
https://www.www.geldhelden.ai
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:24:27 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Jan 2024 20:26:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fafca805a12253ffa9f550d349d0b6ec"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FYZwbQhEkcJP35U2eCy72Kp%2FU3oLbwRRxpOxABKijaTLAi3u6linbfBjZusbEmlLMm4w5m7BR5z9E1Nzq0421tibdxHSSXDxa6SOFWrjJJIAQMlcCy0QNTYb2uDGJiUxo81vJjdqCvO2fDeRi2CNyoc3D7UQ1c%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
84b80bd99dd359d9-IAD
alt-svc
h3=":443"; ma=86400
content-length
11312

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| apiEndpoint object| trackingConfig function| getParam function| getExpiryRecord function| addGclid object| WebFontConfig object| webpackChunkfunnelcockpit_page_assets object| urlParameters object| tempPausedVideoPlayers object| overlays function| cleverPushInitCallback object| regeneratorRuntime object| gdpr-cookie-notice-templates object| timerIntervals

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.funnelcockpit.com
static.funnelcockpit.com
www.www.geldhelden.ai
159.69.147.208
2a06:98c1:3121::3
45.138.175.224
02349b8d06a1ca23605eef101af79e6ae984b92fd51bcc18078a79b626f1c944
0306f40ff8a075f6afc19e54911ecb0c8dcd174aa3d0291a7b159635ec536d07
0b9ae21a86b90cbcc2f2b958ff912d3db1ec97a01cfe33475ffb941878bd994d
209ec8ece3adb13e7608adda22570b91b3c6e7b4b2c4df887dda03c86f9f0040
30f675ffe243d9486eeb44378a7f0d84772931e8b91d83d8165cece276114329
45311fa286f31cd40083161d4abaadb5c97f7bc9c8aca43d0974bfa4cf565b83
549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341
8ad18f015d84887da0ca413e01dc5883c042702e382ceadc4c986992f49d567c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a28563d02b40b529b4abd2a5368cee6de43bb396f0607599d3f2be1a7967e248
ba7cdc08ad550ca8a04711fc24a2c3946960e49d21729a309574b224625fbd0a
c15f198badbdbce2000b85cd2641d3c6c842f38e921fee1378c50a019d273d55
c1c2ed9b177a83f9258b77d317e2b72daaeec2ff31e2260073ab29357a719e8a
c77c160747d5babeb540033a0a1cfc5cfe8423a235994aaed8c4b858d35f5893
d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc8ac8ae795872a4331466cf4ca30736686010cc9b2552192c2788c9f9dd66b
fbd5e9abcc2c222a80aee31ada49755ea918b6245e35d1367c107eb00d52bfd7
fd01057749c011b059063aef25b2bd68334bd8387d3f0117f7ec0f3b0d6af8d7