urlscan.io logo urlscan.io
SecurityTrails logo

hinrichs.anfrage-digital.de Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://hinrichs.anfrage-digital.de/
Submission: On November 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is hinrichs.anfrage-digital.de.
TLS certificate: Issued by WR1 on October 25th 2024. Valid for: 3 months.
This is the only time hinrichs.anfrage-digital.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
17 34.54.43.41 396982 (GOOGLE-CL...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
27 5
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
hinrichs.anfrage-digital.de
3    2606:4700:20::ac43:4aa7 (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.heyflow.cloud
17    34.54.43.41 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.43.54.34.bc.googleusercontent.com
assets.prd.heyflow.com
api.prd.heyflow.com
functions.prd.heyflow.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 heyflow.com
assets.prd.heyflow.com — Cisco Umbrella Rank: 284021
api.prd.heyflow.com — Cisco Umbrella Rank: 358644
functions.prd.heyflow.com — Cisco Umbrella Rank: 434807
940 KB
4 anfrage-digital.de
hinrichs.anfrage-digital.de
13 KB
3 heyflow.cloud
fonts.heyflow.cloud — Cisco Umbrella Rank: 329651
31 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
27 5
Domain Requested by
7 assets.prd.heyflow.com hinrichs.anfrage-digital.de
assets.prd.heyflow.com
5 functions.prd.heyflow.com assets.prd.heyflow.com
5 api.prd.heyflow.com assets.prd.heyflow.com
4 hinrichs.anfrage-digital.de 1 redirects hinrichs.anfrage-digital.de
3 fonts.heyflow.cloud hinrichs.anfrage-digital.de
fonts.heyflow.cloud
2 www.facebook.com hinrichs.anfrage-digital.de
2 connect.facebook.net hinrichs.anfrage-digital.de
connect.facebook.net
27 7

This site contains links to these domains. Also see Links.

Domain
hinrichs-pflanzen.de
www.hinrichs-pflanzen.de
Subject Issuer Validity Valid
hinrichs.anfrage-digital.de
WR1		 2024-10-25 -
2025-01-23		 3 months crt.sh
heyflow.cloud
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
prd.heyflow.com
WR3		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-01 -
2024-11-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://hinrichs.anfrage-digital.de/
Frame ID: 3BB8AF0ED0EBA0F93BE1D0A6E56995CF
Requests: 22 HTTP requests in this frame

Frame: https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: 78F5042D56E5AFBE941DCB241D27F246
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Groundbreaker | Hinrichs Pflanzen

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

27
Requests

96 %
HTTPS

80 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

1058 kB
Transfer

1692 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hinrichs.anfrage-digital.de/ 		31 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hinrichs.anfrage-digital.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1797ba993bfef0c0a628411f4ccb7ba69cb5e58559f6d2bebd51228edc38579b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e6462f42a33f957-SJC
content-encoding
zstd
content-type
text/html
date
Thu, 21 Nov 2024 23:16:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clvG1J8QLnSz6CAkbsQI6Cx9b5rQR6UGCP8YXqyaTuBKKZhYOYm2q6HqvsNeFzKb7WWO50uQz2%2Bfa6PiEboNG02gQSb9%2Bq8njwONGJgJFZghUSKIlhOv%2Bo2nB03AaJ60B4AHX7WQIr78WPrEVEyUmgcezaq%2B6sYF0aM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=161557&sent=11&recv=15&lost=0&retrans=0&sent_bytes=5912&recv_bytes=2369&delivery_rate=40775&cwnd=256&unsent_bytes=0&cid=0e07ca0e8f0d80df&ts=1065&x=0"
vary
Accept-Encoding
via
1.1 google
x-powered-by
Express
icon
fonts.heyflow.cloud/ 		571 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
576c1351daf92605ba75c2a792fef1d3f7be38d582e885597a49a67086202d94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

content-encoding
br
cf-cache-status
HIT
age
209598
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yK2cpaaX2R75JGZbL8Ux3ouKwDPkjnfBAyMRoDl1s%2FqsWI79jfYXTSmZyO1O9kaVXz1XA1hV794ALluB1aM63SIIJr4K5niXt9wxoUo4jub2U4T6dwuok7abuxwDujR2Fgs7pIw%2B4264G1k0ybgscXw%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=8179&sent=13&recv=13&lost=0&retrans=0&sent_bytes=6806&recv_bytes=2430&delivery_rate=657425&cwnd=254&unsent_bytes=0&cid=b558a3208558f1e0&ts=508&x=0"
date
Thu, 21 Nov 2024 23:16:17 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 19 Nov 2024 13:02:59 GMT
vary
Accept-Encoding
x-cloud-trace-context
f1c964569f9e93dc50b50ce071a96c74
cache-control
private, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e6462fadabcd382-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
css
fonts.heyflow.cloud/ 		41 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Cabin:300,400,500,600,700,800&display=swap
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
012aaf04d45e86efc50bebe30273df65db547483cb0823c545655c2e11058e35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

content-encoding
br
cf-cache-status
HIT
age
21546
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9eGaqSsYsNj6pHN0D1%2FJ5xmlDgrP9cI8pXKO7O3HWbF%2FUTe1zMbOPyHDvD94dkDYstCQi78jHs7RKyvBZF809IGOCrV7lk6tHP04NXKawWEJAqfH6ObLwj3dP3KrqgcHckrOVpA4kcaN3rDPiXc93iA%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=8179&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2430&delivery_rate=657425&cwnd=254&unsent_bytes=0&cid=b558a3208558f1e0&ts=507&x=0"
date
Thu, 21 Nov 2024 23:16:17 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 21 Nov 2024 17:17:11 GMT
vary
Accept-Encoding
x-cloud-trace-context
f4a08570c0a124dae3c4d911c8e4c616
cache-control
private, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e6462fadac1d382-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
flow-C8iZRnrr.css
assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/ 		184 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/flow-C8iZRnrr.css
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8698d0fa4fc3bb066cc4d5b557f950ba730f3762d79c78cf1b1c19cf59288cd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=aWv9tg==, md5=kbAbnkE/M2ePgldCcpnLaw==
etag
"91b01b9e413f33678f8257427299cb6b"
x-goog-stored-content-encoding
gzip
expires
Sun, 16 Nov 2025 23:16:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
27762
date
Thu, 21 Nov 2024 23:16:17 GMT
last-modified
Thu, 24 Oct 2024 10:42:27 GMT
vary
Accept-Encoding
content-type
text/css
x-guploader-uploadid
AFiumC5HEq7jhtN8nhCeW-NJmxo15EyaiKG5Y2swDmFp5mSVK2MglgWizqvwkg1ZVbxFENIKhDtqeoeO
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729766547649149
content-length
27762
server
UploadServer
commonjshelpers.chunk-DMCfYbel.js
assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/ 		781 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/commonjshelpers.chunk-DMCfYbel.js
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a875c30b4606ced3dcf75f3e1d3b756306dd7f17e273189efe64841c3223c652

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hinrichs.anfrage-digital.de
Referer
https://hinrichs.anfrage-digital.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=tTQOhA==, md5=VjQbIp52CzDzGQWr9/8jyg==
etag
"56341b229e760b30f31905abf7ff23ca"
x-goog-stored-content-encoding
gzip
expires
Sun, 16 Nov 2025 23:16:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
431
date
Thu, 21 Nov 2024 23:16:17 GMT
last-modified
Thu, 24 Oct 2024 10:42:27 GMT
vary
Accept-Encoding
content-type
application/javascript
x-guploader-uploadid
AFiumC6G7wjzBWEd-2t-9duHMkLocc8C2fiylePvPFBc7b5H9CJ1OuQ578eg8ZBNOfk3CnLUD64
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729766547619659
content-length
431
server
UploadServer
app-BiC8UtmM.js
assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/ 		278 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a97e08c5445a2268ffdf9a4540d213bbc2883fa2fcb457a30631f1195884719a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hinrichs.anfrage-digital.de
Referer
https://hinrichs.anfrage-digital.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=WkuXCg==, md5=xg5tuv7jvj4oxS5DKx79gg==
etag
"c60e6dbafee3be3e28c52e432b1efd82"
x-goog-stored-content-encoding
gzip
expires
Sun, 16 Nov 2025 23:16:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
96274
date
Thu, 21 Nov 2024 23:16:17 GMT
last-modified
Thu, 24 Oct 2024 10:42:27 GMT
vary
Accept-Encoding
content-type
application/javascript
x-guploader-uploadid
AFiumC5bZ3w_OeY-uB1AA56oEzxkCA7tZAtHzOhS0waq7sVCbcYUIrl_V9LWpFg91oBFYbEAEv4
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729766547681830
content-length
96274
server
UploadServer
desktop.avif
assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/13bc4691-2596-4da7-9872-ca4266d8b54d/ 		797 KB
798 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/13bc4691-2596-4da7-9872-ca4266d8b54d/desktop.avif
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6a1aa3cf3294b65a5f1cd0381c1bf864022d4763b34c0e7d4e872e4b49b12d85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=uPCHEQ==, md5=p2Z8nqXwhgl69XfS7qxS8Q==
etag
"a7667c9ea5f086097af577d2eeac52f1"
x-goog-stored-content-encoding
gzip
expires
Sun, 16 Nov 2025 23:16:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
816492
date
Thu, 21 Nov 2024 23:16:17 GMT
last-modified
Thu, 24 Oct 2024 09:15:07 GMT
content-type
image/avif
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6_VeIKTS-xnvEJuVse8y-WO5a3RVievkQCtI7fR2fxJ_V-d5e8EYKrF589qPjtQ3FBgAZQieJw
x-goog-meta-originalfilename
Groundbreaker-Visual.png
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
access-control-allow-origin
*
x-goog-generation
1729761307279398
content-length
816492
server
UploadServer
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-UZlarfmZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 23:16:18 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-UZlarfmZ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4668, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
1mdjAHeQ9RV/xoxLyT7KpRqoZZZ08kkusMwCONu2MZfOZJXExne57PUrNY1U1pSLr2SN2bHwPRJtHN898b8f9A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
main.js
hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame 78F5
Redirect Chain
  • https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc73998807a0d3317b6d54885178f550c26ec187755d1f523499c2123902308
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGe9edTo7odQNxG76h9E%2B%2BmhUd0bRuOCrpeBhHrzpkg40OBq8OUuItt81qiDNr36wUrccC81FLaOholUWZK3Nt1%2Fw19HNBobOmv5TC3su5fCn0x2S7tz2KqJT1Vgqv7XYHhtejW869Saq3zw9vvjNxobGfix7tJrw6s%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e6462ff8fb9f957-SJC
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=169222&sent=23&recv=20&lost=0&retrans=0&sent_bytes=14126&recv_bytes=2573&delivery_rate=73026&cwnd=256&unsent_bytes=0&cid=0e07ca0e8f0d80df&ts=2487&x=0"
date
Thu, 21 Nov 2024 23:16:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uU7qC85aDfma7deUzPXuMjQ6TFJAiPvpBs97hBSJ8ZEpvVl8tB6a8tNAbLJ0Z2RJAk5IfEHSKvFcmnU%2BB4glqvk%2FMdK8MgggZVkkH3kqOP3Qtq0FoNT%2FuGYd3G4PkzuKnRRTPYn%2BVZbozDbpZ6KgRiiBLAFbZlkMo0g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e6462fe3dd2f957-SJC
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=TCP&rtt=163608&sent=22&recv=18&lost=0&retrans=0&sent_bytes=13565&recv_bytes=2478&delivery_rate=73026&cwnd=256&unsent_bytes=0&cid=0e07ca0e8f0d80df&ts=2269&x=0"
date
Thu, 21 Nov 2024 23:16:18 GMT
vary
Accept-Encoding
server
cloudflare
desktop.avif
assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/48d650f6-0d80-4f15-9200-526f4e4994cb/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/48d650f6-0d80-4f15-9200-526f4e4994cb/desktop.avif
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a0532de1a5e1ff7e4ccdf5359c6f5c6c2e1b22be6808c00c5ea417c4ef3dab70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=mDzdsg==, md5=Ytmh1GdmmDaIuxb1v59k0g==
etag
"62d9a1d46766983688bb16f5bf9f64d2"
x-goog-stored-content-encoding
gzip
expires
Sun, 16 Nov 2025 23:16:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
17134
date
Thu, 21 Nov 2024 23:16:18 GMT
last-modified
Thu, 24 Oct 2024 09:31:46 GMT
content-type
image/avif
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4VxGBmrqyAP88uflyS25C0mFX0j2b_W7z_I92XL9nRSWBqx7APTIs0gxmG-DMpp-Ey5UyyGEJY
x-goog-meta-originalfilename
Element 1.png
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
via
1.1 google
access-control-allow-origin
*
x-goog-generation
1729762306056258
content-length
17134
server
UploadServer
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.heyflow.cloud/s/cabin/v27/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Cabin:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hinrichs.anfrage-digital.de
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Cabin:300,400,500,600,700,800&display=swap

Response headers

cf-cache-status
HIT
age
170484
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2Fv0DXqTv9E6H6a4lfJ1fF1oD1H%2FVnteUyvhPF4sZuwc%2BpaoEBUTIxFTDI7CQSohrAkZCQqJ6nNzJMA%2FMOwyu6hdpAUuDPQ3%2Ff9%2BhRNLHkzefJxziTqdweCMOwhmXX%2FOJCxs7OAlvaviy5OVchS%2B7dY%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=7110&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4006&recv_bytes=2414&delivery_rate=453551&cwnd=253&unsent_bytes=0&cid=4f876253f127436f&ts=142&x=0"
date
Thu, 21 Nov 2024 23:16:18 GMT
content-type
font/woff2
last-modified
Tue, 19 Nov 2024 23:54:54 GMT
vary
Accept-Encoding
x-cloud-trace-context
46c30e28f976a190297fcd5e32f7197f
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e6462febdcad2e7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
28076
x-powered-by
Express
server
cloudflare
logs
api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/ 		26 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hinrichs.anfrage-digital.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 23:16:18 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
3cca591fd5150e45d8bceb2535bf59bc
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
logs
api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/logs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hinrichs.anfrage-digital.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html
date
Thu, 21 Nov 2024 23:16:18 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
c39441bb656800480981fe6e1ad0aefc
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://hinrichs.anfrage-digital.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://hinrichs.anfrage-digital.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 21 Nov 2024 23:16:19 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
3971fcaa3e4650a22e5e94da447e6156
gnikcart
functions.prd.heyflow.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hinrichs.anfrage-digital.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://hinrichs.anfrage-digital.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 21 Nov 2024 23:16:18 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
90ab24f7ed045868f04e330ddd9a4b13
8e6462f42a33f957
hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 78F5 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/h/g/jsd/r/8e6462f42a33f957
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asZXJKL1nAPdSRkjscmxEm8%2Br5RQ9h2gq05vetGplSvQOaiJcbNqip1%2Bh0OkrtyeZYEjzpnW0Gohue8l460Q%2BnXijV99QfT4ZRXxabUdGWNVi2P3UWRpfhnKQZVUwkKKTfL8aRSYqtoZ97V8MeRGWO%2FaQVY6wjG5awU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e6463088d279b46-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15620&sent=27&recv=27&lost=1&retrans=0&sent_bytes=6358&recv_bytes=21376&delivery_rate=188&cwnd=8400&unsent_bytes=0&cid=d34d4bf027890a1b&ts=1767&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Thu, 21 Nov 2024 23:16:19 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
logs
api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hinrichs.anfrage-digital.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 23:16:19 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
01b671f3a804078a302dee7422b7d729
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
gnikcart
functions.prd.heyflow.com/ 		2 B
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/gnikcart
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://hinrichs.anfrage-digital.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://hinrichs.anfrage-digital.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Thu, 21 Nov 2024 23:16:20 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
64c3c09450cefcfce22609a3c7c92e79
metacapi
functions.prd.heyflow.com/ 		102 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ba675460d0f47ca9d06ef20e79c10515c0a04c362e2372db4ad59d733ccb4b85

Request headers

Referer
https://hinrichs.anfrage-digital.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
https://hinrichs.anfrage-digital.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102
date
Thu, 21 Nov 2024 23:16:20 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
df7f2180f230c84d062d3f12727d1c1e
logs
api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hinrichs.anfrage-digital.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 23:16:19 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
c385929fa0223d71353c4e7b5682fb79
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
1223703758769391
connect.facebook.net/signals/config/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1223703758769391?v=2.9.176&r=stable&domain=hinrichs.anfrage-digital.de&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d1358bb2eeec8a509968078d18d5faec43bc735f1eb8b03ee3a99f305f3411c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-zTBxAsZb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 23:16:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-zTBxAsZb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=38, mss=1232, tbw=70524, tp=69, tpl=0, uplat=225, ullat=1
pragma
public
x-fb-debug
DYAoxHuGgJ3hZGHNnhp08NrczmGV07Y1ZOrE10AVEL4OCGdcPe84vN8KBWejhAhFp033hASg17WNVCLaZENXHQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
metacapi
functions.prd.heyflow.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://functions.prd.heyflow.com/metacapi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hinrichs.anfrage-digital.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://hinrichs.anfrage-digital.de
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 21 Nov 2024 23:16:19 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
e5b13dc0a68c2160006736b423893ef9
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1223703758769391&ev=PageView&dl=https%3A%2F%2Fhinrichs.anfrage-digital.de%2F%23start&rl=&if=false&ts=1732230980929&cd[event]=PageView&cd[flow_id]=groundbreaker-hinrichs-pflanzen&cd[host]=hinrichs.anfrage-digital.de&cd[path]=%2F&cd[origin]=https%3A%2F%2Fhinrichs.anfrage-digital.de&cd[title]=Groundbreaker%20%7C%20Hinrichs%20Pflanzen&cd[hash]=%23start&cd[referrer]=&cd[screen_width]=1600&cd[screen_height]=1200&cd[screen_id]=id-dc829bc0&cd[session_id]=82bmkf&cd[ab_variant_id]=C65qCJNFLY2XIRK0pOQ6&cd[is_embedded]=false&cd[widget_version]=5.4.2&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732230980922.708406887376780171&ler=empty&cdl=API_unavailable&it=1732230979948&coo=false&eid=iubmqv34w9nw&rqm=GET
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4711, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 21 Nov 2024 23:16:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1223703758769391&ev=PageView&dl=https%3A%2F%2Fhinrichs.anfrage-digital.de%2F%23start&rl=&if=false&ts=1732230980929&cd[event]=PageView&cd[flow_id]=groundbreaker-hinrichs-pflanzen&cd[host]=hinrichs.anfrage-digital.de&cd[path]=%2F&cd[origin]=https%3A%2F%2Fhinrichs.anfrage-digital.de&cd[title]=Groundbreaker%20%7C%20Hinrichs%20Pflanzen&cd[hash]=%23start&cd[referrer]=&cd[screen_width]=1600&cd[screen_height]=1200&cd[screen_id]=id-dc829bc0&cd[session_id]=82bmkf&cd[ab_variant_id]=C65qCJNFLY2XIRK0pOQ6&cd[is_embedded]=false&cd[widget_version]=5.4.2&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732230980922.708406887376780171&ler=empty&cdl=API_unavailable&it=1732230979948&coo=false&eid=iubmqv34w9nw&rqm=FGET
Requested by
Host: hinrichs.anfrage-digital.de
URL: https://hinrichs.anfrage-digital.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439875412678124431"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 21 Nov 2024 23:16:21 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
IAATLSqqA7tpR1o1b2ygF3RzQ0cMK97g3PQ4nX96hj+vyZagmfz9ArRBObSeWS2L45cUnVEU6fRTNdnkVZi9iw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439875412678124431", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=5079, tp=17, tpl=0, uplat=178, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
logs
api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/ 		26 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prd.heyflow.com/flow/groundbreaker-hinrichs-pflanzen/logs
Requested by
Host: assets.prd.heyflow.com
URL: https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/dist/app-BiC8UtmM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hinrichs.anfrage-digital.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
expect-ct
max-age=0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 23:16:21 GMT
content-type
application/json; charset=utf-8
x-cloud-trace-context
72966a214fc507d40a88b2ff658c022d
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
via
1.1 google
access-control-allow-origin
*
content-length
26
x-xss-protection
0
server
Google Frontend
favicon.png
assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9c69f464d493d913ba742f1e83084fd525a2564373da86fb2edb3e17416551bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=bMiN5w==, md5=ypxyXp6sbAQgEAMwIecpNQ==
etag
"ca9c725e9eac6c042010033021e72935"
x-goog-stored-content-encoding
identity
expires
Sun, 16 Nov 2025 23:16:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1292
date
Thu, 21 Nov 2024 23:16:22 GMT
x-goog-custom-time
2022-02-14T07:19:22.047Z
last-modified
Thu, 24 Oct 2024 08:58:31 GMT
content-type
image/png
x-guploader-uploadid
AFiumC6IYTgkMfId8fLB8AmQeQ2VRt4G1Qr6b5CuQhsTEZqQj0aeBPs9TDj1dlP9BEBir7MxsQlkK9pxUw
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
x-goog-meta-x-goog-reserved-source-generation
1644823162009489
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729760311593763
content-length
1292
server
UploadServer
favicon.png
assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/ 		1 KB
11 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.prd.heyflow.com/flows/groundbreaker-hinrichs-pflanzen/www/assets/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.54.43.41 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.43.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9c69f464d493d913ba742f1e83084fd525a2564373da86fb2edb3e17416551bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hinrichs.anfrage-digital.de/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=bMiN5w==, md5=ypxyXp6sbAQgEAMwIecpNQ==
etag
"ca9c725e9eac6c042010033021e72935"
age
0
x-goog-stored-content-encoding
identity
expires
Sun, 16 Nov 2025 23:16:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1292
date
Thu, 21 Nov 2024 23:16:22 GMT
x-goog-custom-time
2022-02-14T07:19:22.047Z
last-modified
Thu, 24 Oct 2024 08:58:31 GMT
content-type
image/png
x-guploader-uploadid
AFiumC6IYTgkMfId8fLB8AmQeQ2VRt4G1Qr6b5CuQhsTEZqQj0aeBPs9TDj1dlP9BEBir7MxsQlkK9pxUw
cache-control
public, max-age=0, s-maxage=31104000
x-goog-storage-class
STANDARD
x-goog-meta-x-goog-reserved-source-generation
1644823162009489
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729760311593763
content-length
1292
server
UploadServer

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| currentlyMounting object| heyflow function| onImageLoadError function| fbq function| _fbq object| integration object| windowConstants function| Cleave function| filterCSS function| filterXSS object| Client object| dataLayer

2 Cookies

Domain/Path Name / Value
.hinrichs.anfrage-digital.de/ Name: cf_clearance
Value: bm9JQurPORMR2DS4SSOxVgkkcBJ4k7ShiTHhNUR8Y98-1732230979-1.2.1.1-RM9rYYllZ_udsPqy3VG.fW7zlO25PuK4UEAy0ELiyRYQcxPRZI9UcK5xrZqFvoc4pbd08z89.g7vMmyI0OK58Ipt9rkM7TTbLsOw7LEPwvq6bKd883rrLAlxhz59OdT49fPm1qIm6q4ofy4NLP0O.K5qg.z035_sBdPaKNNiBFg3qoc8KQhmv6xTAxVRkwwpss_Am15NHATuZ2dp_Xcns5RKuQmxl.JyC6D5owyWPchXp2ZmqT.oh_UQckPZwzEmKLZdXqRS1SsmWiqPq9zHhw2kcSEulZbXuS6uHDyDjrwgZ9_zZkPKt.0K8iEORXVYokqEngMtoK0pTGO8wmGZT6WCzXaAMAo4FG2BLi0AioVilqVafYvJfIFd66untc_c
.anfrage-digital.de/ Name: _fbp
Value: fb.1.1732230980922.708406887376780171

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.prd.heyflow.com
assets.prd.heyflow.com
connect.facebook.net
fonts.heyflow.cloud
functions.prd.heyflow.com
hinrichs.anfrage-digital.de
www.facebook.com
2606:4700:20::ac43:4aa7
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
34.54.43.41
012aaf04d45e86efc50bebe30273df65db547483cb0823c545655c2e11058e35
1797ba993bfef0c0a628411f4ccb7ba69cb5e58559f6d2bebd51228edc38579b
1cc73998807a0d3317b6d54885178f550c26ec187755d1f523499c2123902308
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
576c1351daf92605ba75c2a792fef1d3f7be38d582e885597a49a67086202d94
6a1aa3cf3294b65a5f1cd0381c1bf864022d4763b34c0e7d4e872e4b49b12d85
8698d0fa4fc3bb066cc4d5b557f950ba730f3762d79c78cf1b1c19cf59288cd6
8d1358bb2eeec8a509968078d18d5faec43bc735f1eb8b03ee3a99f305f3411c
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
9c69f464d493d913ba742f1e83084fd525a2564373da86fb2edb3e17416551bd
a0532de1a5e1ff7e4ccdf5359c6f5c6c2e1b22be6808c00c5ea417c4ef3dab70
a875c30b4606ced3dcf75f3e1d3b756306dd7f17e273189efe64841c3223c652
a97e08c5445a2268ffdf9a4540d213bbc2883fa2fcb457a30631f1195884719a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ba675460d0f47ca9d06ef20e79c10515c0a04c362e2372db4ad59d733ccb4b85
dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855