settings.facelift-cloud.com Open in urlscan Pro
77.220.242.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://publisher.facelift-cloud.com/#/postPlan/10463396
Effective URL:
https://settings.facelift-cloud.com/
Submission: On August 17 via manual (August 17th 2022, 10:21:49 am UTC) from IE — Scanned from DE

Summary HTTP 48 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 48 HTTP transactions. The main IP is 77.220.242.6, located in Germany and belongs to MANAGEDHOSTING-AS, DE. The main domain is settings.facelift-cloud.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 14th 2022. Valid for: a year.

This is the only time settings.facelift-cloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	77.220.242.6 77.220.242.6	42699 (MANAGEDHO...) (MANAGEDHOSTING-AS)
1	2a02:26f0:dc:... 2a02:26f0:dc::6853:521	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	80.83.122.111 80.83.122.111	29141 (BKVG-AS) (BKVG-AS)
18	2606:2c40::c7... 2606:2c40::c73c:671d	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
48	20

7 77.220.242.6 (Germany) 1 redirects

ASN42699 (MANAGEDHOSTING-AS, DE)

publisher.facelift-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
settings.facelift-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc::6853:521 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn-assets.facelift-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.83.122.111 (Düsseldorf, Germany) 1 redirects

ASN29141 (BKVG-AS, DE)
PTR: unidot01.virtualhosts.de

marketingarea.facelift-success.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

cloud.facelift-bbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
get.facelift-bbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	facelift-bbt.com cloud.facelift-bbt.com get.facelift-bbt.com	2 MB
8	facelift-cloud.com 1 redirects publisher.facelift-cloud.com settings.facelift-cloud.com cdn-assets.facelift-cloud.com	603 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	2 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9	707 B
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2112	1 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2009	18 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 868	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	141 KB
2	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3079	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	88 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6076	548 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4077	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1988	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4583	21 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	3 KB
1	facelift-success.com 1 redirects marketingarea.facelift-success.com	139 B
48	19

	Domain	Requested by
14	cloud.facelift-bbt.com	settings.facelift-cloud.com cloud.facelift-bbt.com js.usemessages.com
6	settings.facelift-cloud.com	settings.facelift-cloud.com
4	get.facelift-bbt.com	cloud.facelift-bbt.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.google.com	1 redirects
2	track.hubspot.com	settings.facelift-cloud.com
2	js.hs-banner.com	cloud.facelift-bbt.com js.hs-banner.com
2	unpkg.com	cloud.facelift-bbt.com
2	www.googletagmanager.com	cloud.facelift-bbt.com
2	fast.fonts.net	cloud.facelift-bbt.com fast.fonts.net
2	connect.facebook.net	settings.facelift-cloud.com connect.facebook.net
1	www.google.de
1	www.google-analytics.com	cloud.facelift-bbt.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsleadflows.net	cloud.facelift-bbt.com
1	js.hs-analytics.net	cloud.facelift-bbt.com
1	js.usemessages.com	cloud.facelift-bbt.com
1	cdn.jsdelivr.net	cloud.facelift-bbt.com
1	marketingarea.facelift-success.com	1 redirects
1	cdn-assets.facelift-cloud.com	settings.facelift-cloud.com
1	publisher.facelift-cloud.com	1 redirects
48	22

This site contains links to these domains. Also see Links.

Domain
login.facelift-cloud.com
www.facelift-bbt.com

Subject Issuer	Validity	Valid
*.facelift-cloud.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-14`	a year	crt.sh
cert00090-azurecdn.akamaized.net R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-26` - `2022-08-24`	3 months	crt.sh
cloud.facelift-bbt.com Cloudflare Inc ECC CA-3	`2022-05-22` - `2023-05-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
get.facelift-bbt.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://settings.facelift-cloud.com/
Frame ID: A33644C69A7AD41FE90F5375C427C0A0
Requests: 10 HTTP requests in this frame

Frame: https://cloud.facelift-bbt.com/de/marketing-area-live
Frame ID: D67F3F42125AD96815DD4F23D8FAC6A8
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facelift Cloud

Page URL History Show full URLs

https://publisher.facelift-cloud.com/ HTTP 302
https://settings.facelift-cloud.com/ Page URL

Detected technologies

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

98 %
HTTPS

85 %
IPv6

19
Domains

22
Subdomains

20
IPs

3
Countries

3037 kB
Transfer

4758 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://login.facelift-cloud.com/forgotpassword
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: https://www.facelift-bbt.com/de/trial
Title: Starte einen Trial

Search URL Search Domain Scan URL

URL: https://www.facelift-bbt.com/de
Title: Über uns

Search URL Search Domain Scan URL

URL: https://www.facelift-bbt.com/contact
Title: Kontakt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://publisher.facelift-cloud.com/ HTTP 302
https://settings.facelift-cloud.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://marketingarea.facelift-success.com/?lang=de HTTP 302
https://cloud.facelift-bbt.com/de/marketing-area-live

Request Chain 44

https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=G100&rnd=377628474.1660731708&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&gtm=2oa8f0&did=dZTQ1Zm&gdid=dZTQ1Zm HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=G100&rnd=377628474.1660731708&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&gtm=2oa8f0&did=dZTQ1Zm&gdid=dZTQ1Zm

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

401
Unauthorized

Primary Request / Show response
settings.facelift-cloud.com/
Redirect Chain

https://publisher.facelift-cloud.com/
https://settings.facelift-cloud.com/

6 KB
7 KB

203ms
78ms

Document
text/html

77.220.242.6
MANAGEDHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.facelift-cloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.220.242.6 , Germany, ASN42699 (MANAGEDHOSTING-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

b9cb3beb36f4b5099ab96e99a402d9ebba4c94c93096f6f744c29ca57579c8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, must-revalidate, private
Content-Length: 6277
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Aug 2022 10:21:45 GMT
Expires: Wed, 17 Aug 2022 10:21:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-fcld-trace-id: YvzBOY7aWVw1BMrMUCiiBQAAAA0

Redirect headers

Access-Control-Allow-Headers: content-type, content-range, content-disposition, x-client-referrer, accept, x-fcld-csrf, x-client-outdated
Access-Control-Allow-Methods: GET,OPTIONS
Access-Control-Allow-Origin: https://publisher.facelift-cloud.com
Cache-Control: max-age=0
Content-Length: 25
Content-Security-Policy: frame-ancestors 'self' https://*.facelift-cloud.com;
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Aug 2022 10:21:44 GMT
Expires: Wed, 17 Aug 2022 10:21:44 GMT
Location: https://settings.facelift-cloud.com
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=15768000
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin

GET
H/1.1 200
OK login.7a6f3a5f.css
settings.facelift-cloud.com/assets/ 205 KB
206 KB 48ms
46ms Stylesheet
text/css 77.220.242.6
MANAGEDHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.facelift-cloud.com/assets/login.7a6f3a5f.css

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.220.242.6 , Germany, ASN42699 (MANAGEDHOSTING-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

911da47a93376e3173c13e2c10f3041234c76083262e02b850d07490aa39b115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://settings.facelift-cloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 10:21:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 09:21:35 GMT
Server: Apache
ETag: "335f0-5e66c642bc5c0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=604800
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 210416
X-Content-Type-Options: nosniff
Expires: Wed, 24 Aug 2022 10:21:45 GMT

GET
H2 200 iconfont.css
cdn-assets.facelift-cloud.com/styleguide/ 626 KB
269 KB 311ms
50ms Stylesheet
text/css 2a02:26f0:dc::6853:521
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-assets.facelift-cloud.com/styleguide/iconfont.css

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:521 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ecc3b925f3d073723aaabd994d37a2de88a40ed37056f907cad35e4421d4a353

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.facelift-cloud.com;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://settings.facelift-cloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.facelift-cloud.com;
content-encoding: gzip
etag: "9c8bc-5d5eb6b03df40"
strict-transport-security: max-age=15768000
content-length: 273915
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Jan 2022 08:46:13 GMT
server: Apache
x-frame-options: sameorigin
date: Wed, 17 Aug 2022 10:21:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: https://settings.facelift-cloud.com
cache-control: max-age=9433
accept-ranges: bytes
access-control-allow-headers: content-type, content-range, content-disposition, x-client-referrer, accept, x-fcld-csrf, x-client-outdated
x-content-type-options: nosniff
expires: Wed, 17 Aug 2022 12:58:58 GMT

GET
H/1.1 200
OK 69e1f5d4_facelift_logo_default.svg
settings.facelift-cloud.com/assets/images/ 14 KB
14 KB 194ms
95ms Image
image/svg+xml 77.220.242.6
MANAGEDHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://settings.facelift-cloud.com/assets/images/69e1f5d4_facelift_logo_default.svg

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.220.242.6 , Germany, ASN42699 (MANAGEDHOSTING-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

4be3a9619501571ee39bea466112a260fc97d89259e9acde01adbd1c4de8d01e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://settings.facelift-cloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 10:21:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 09:21:35 GMT
Server: Apache
ETag: "3773-5e66c642bc5c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 14195
X-Content-Type-Options: nosniff
Expires: Wed, 24 Aug 2022 10:21:45 GMT

GET
H/1.1 200
OK runtime.5b7a9943.js Show response
settings.facelift-cloud.com/assets/ 1 KB
2 KB 145ms
47ms Script
application/javascript 77.220.242.6
MANAGEDHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.facelift-cloud.com/assets/runtime.5b7a9943.js

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.220.242.6 , Germany, ASN42699 (MANAGEDHOSTING-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

ba017e236c64471ea25d5039c658b2e596e366b6f569357f01de8ba582e43937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://settings.facelift-cloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 10:21:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 09:21:35 GMT
Server: Apache
ETag: "5e2-5e66c642bc5c0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 1506
X-Content-Type-Options: nosniff
Expires: Wed, 17 Aug 2022 10:21:45 GMT

GET
H/1.1 200
OK 0.01fae393.js Show response
settings.facelift-cloud.com/assets/ 88 KB
88 KB 147ms
49ms Script
application/javascript 77.220.242.6
MANAGEDHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.facelift-cloud.com/assets/0.01fae393.js

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.220.242.6 , Germany, ASN42699 (MANAGEDHOSTING-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

c689104a14bad8dc84ddc18b433414a9b853dd4131280e3613a5e7dbecf5b119

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://settings.facelift-cloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 10:21:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 09:21:34 GMT
Server: Apache
ETag: "15fde-5e66c641c8380"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 90078
X-Content-Type-Options: nosniff
Expires: Wed, 17 Aug 2022 10:21:45 GMT

GET
H/1.1 200
OK login.192677f9.js Show response
settings.facelift-cloud.com/assets/ 16 KB
17 KB 195ms
96ms Script
application/javascript 77.220.242.6
MANAGEDHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.facelift-cloud.com/assets/login.192677f9.js

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

77.220.242.6 , Germany, ASN42699 (MANAGEDHOSTING-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

faec720e8b12d5224ee8c0e17cf7013f3486cc76cb8d0b245e2b6d60970137b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://settings.facelift-cloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 10:21:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 09:21:35 GMT
Server: Apache
ETag: "407f-5e66c642bc5c0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
Content-Length: 16511
X-Content-Type-Options: nosniff
Expires: Wed, 17 Aug 2022 10:21:45 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 124ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/assets/login.192677f9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23bbf2714a342c18b7460716ad6219c136f4dba21730e193cd02c372fe49c7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://settings.facelift-cloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ILLfBdqflvj5uAjvqdGKrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: Ek6mDiuV40RLwGFdC813nZxIix5/qm9XzANpF6AgnNGWZap4/6AmvasDgzA3famLFoG46D1wWhPPYMO3phcoiA==
x-fb-trip-id: 686109401
x-fb-content-md5: 857a96112d1f7795681f565832342fc9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 10:21:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e92fe2daac2b3dd4e7f425816cd08000"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 17 Aug 2022 10:22:07 GMT

GET
H2

200

marketing-area-live Show response
cloud.facelift-bbt.com/de/ Frame D67F
Redirect Chain

https://marketingarea.facelift-success.com/?lang=de
https://cloud.facelift-bbt.com/de/marketing-area-live

20 KB
7 KB

1124ms
970ms

Document
text/html

2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/de/marketing-area-live

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/assets/0.01fae393.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

711efaa37c841ef4f0f578d1d70a78eb3c452bdd5cb2ae1cf3764e8071ab7200

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://settings.facelift-cloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=14400, max-age=0
cf-h2-pushed: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>
cf-ray: 73c1af4bdd636903-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 17 Aug 2022 10:21:47 GMT
edge-cache-tag: CT-55128927615,CT-55128927655,CT-55818935411,P-3482881,CW-47923578698,E-35011398016,E-35011404265,E-35020605337,E-35021083376,E-35713229187,E-36745285713,E-43546558264,E-47082801312,E-48418662327,E-5517792769,E-5856056980,PGS-ALL,SW-3,TS-35011897210
etag: W/"205ec02fb20652399f4b185077800d60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 15 Aug 2022 08:40:34 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmJv0BUya92o%2F75NLbJoqE7aRMyFQtXX9dXLpvSQHQTcazHcO1odTtbG4YE%2BDZnAEaLQ4PLIVTrXLnpPCSlrPcW1TTyKS63N4kHxX%2Bk%2Bmnc5v7Ov4wumnYmh2JrATnnWnYh%2BdgLUuwZIphRivakAT5vbD3c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=14400, max-age=0
x-hs-cf-cache-status: MISS
x-hs-combine-css: Disabled
x-hs-content-id: 55128927655
x-hs-hub-id: 3482881
x-hs-prerendered: Mon, 15 Aug 2022 08:40:34 GMT
x-powered-by: HubSpot

Redirect headers

content-encoding: gzip
content-length: 69
content-type: text/html; charset=UTF-8
date: Wed, 17 Aug 2022 10:21:45 GMT
location: https://cloud.facelift-bbt.com/de/marketing-area-live
server: Apache
vary: Accept-Encoding,User-Agent

GET
DATA 200
OK truncated
/ 84 KB
84 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd93dacbd9d8d985cb0d9467490ae4d5ef11e0f5a6361ca0524c39164f40d13c

Request headers

Referer
Origin: https://settings.facelift-cloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
86 KB 81ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3e2e9c4ae5af50e13a3862fb804b0d31

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e74295e75d9f64349618d7b1645d202e7e37e868c5029b96488b3ea11c80837d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://settings.facelift-cloud.com/
Origin: https://settings.facelift-cloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GSmovittPprZs0/pcQz5iA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87959
x-fb-rlafr: 0
x-fb-debug: +J612Hgqoql7qFp9cH+/2RV9kMmhfpYJvwxpvxELt5ILzHdUWJR+tnHLDR/OUvLvUJdoqWXqsXrGy46DDKaaoA==
x-fb-content-md5: 237665bdb1de0b0ce4f02fe81223083c
x-frame-options: DENY
date: Wed, 17 Aug 2022 10:21:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3c07c21c43f30066f1e6bf545620962e"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 17 Aug 2023 09:56:01 GMT

GET
H2 200 project.js Show response
cloud.facelift-bbt.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ Frame D67F 1 KB
1 KB 26ms
0ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13135894
x-amz-server-side-encryption: AES256
cf-ray: 73c1af51add06903-FRA
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
content-encoding: br
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERrZN%2FTR5j%2FufVnih2ocns1c7%2BaNbDIIgBr0J9NR7lIUULbiXGccqAV6QHWNVdlQe7noOddz%2FaaZo8eWEy7Isgpuddz3AT56aDXZG%2FvMOCdEJvGmHPIn9hjM2LyqY8b6TcVch%2BHuGjoJkmxszDDSlDSi4m4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: QGpm7pNuMeHHjdOSQvVabr4yyJkQjvNfrf7wMr7R3QfV9nZTL386XA==
expires: Thu, 17 Aug 2023 10:21:47 GMT

GET
H2 200 index.js Show response
cloud.facelift-bbt.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/ Frame D67F 10 KB
4 KB 23ms
0ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 d9a3650110a8e2b78edd73b33e0fa948.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1710227
x-amz-server-side-encryption: AES256
cf-ray: 73c1af51add26903-FRA
x-cache: Hit from cloudfront
x-hs-https-only: worker
content-encoding: br
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
server: cloudflare
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4z6L4i4vsE3zuaZ35rfX3LJLou8967wqaay375zs66Q%2BdnKd%2Bl0s0QpX6zDzAlJ3krDWrIjPaMAbZe12cMDotxLpXxFoc%2FHJoNmmX%2FBYHQYhBP2GRC77wvTsnvRuz4NUa9uH7G0xKCvKeJ%2FwRBhro43syM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL50-P4
content-type: application/javascript
x-amz-cf-id: PPDaPEJ4broVvhcU2DHzI71eTQIfYmm8ZzgjIeNn1DVu28vGdS661g==
expires: Thu, 17 Aug 2023 10:21:47 GMT

GET
H2 200 jquery-1.7.1.js Show response
cloud.facelift-bbt.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ Frame D67F 92 KB
34 KB 79ms
76ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17634859
cf-ray: 73c1af523e8e6903-FRA
x-cache: Hit from cloudfront
x-hs-https-only: worker
content-encoding: br
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o%2FUV4RuUvCOdjowtj5LXQFKDetBf3t9SfgAp9QhDi3z1u8Fptbj4vvGIk%2FPn3d5qCuJWuAeEO%2Fvuk3r0Xa9IQH48g5rWbhojzfConv1kINfyAfwDBlVDGG01WT%2FktT%2F%2FIp9HLPWQLleB84VwQnKpylAWq8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: fm5oEyshHguW5eyTWJujGExVMJHQq6j4KXVELLj8_f20U-gCmo27Iw==
expires: Thu, 17 Aug 2023 10:21:47 GMT

GET
H2 200 main.min.css
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35011398016/1633680301041/website/css/ Frame D67F 34 KB
9 KB 89ms
86ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35011398016/1633680301041/website/css/main.min.css

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

80dff532ed604b61421087e93d5265c054405d915bb94f41d5dbb2d85f37aa00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1633680301126
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 1b6db55df4d0459558669f7d008cda9c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 418
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: NYNQP7KTRGMAJ9MX
x-amz-id-2: +ATYvhiPRWjEVK4udlZtUITy96qqcYP3t6jHb9nAcjtVLAGiLpzbhyo8SdpylsqGqzhE1JZCCuA=
x-amz-replication-status: COMPLETED
last-modified: Fri, 08 Oct 2021 08:05:02 GMT
server: cloudflare
etag: W/"b1cb4e0ec0017e8ab490d5ad5859b004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAKnCKRyWMs7VrIc371R%2Fj9FHI7KnAXQiESaBqhpiJvw5pcLquAHSa1eatGLh3gjRcckiX7DNt9H4RwNfvSrjTnOOBOgFKJDW9L1fVCBMCpZ5rm4sGiwLDCBEppbx1B7K0pbZ14G1KU3LCVlkdT6d2UiyVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: AYZRk3FQpQxlw6QkKuyI20w3veQDTdFg
x-amz-cf-pop: IAD89-P1
cf-ray: 73c1af523e906903-FRA
x-amz-cf-id: klTE0VMvgjvMF5kCFgITMCnB2FTljrW6kLxP2yTB8tuJXuMqOa2hpg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 base.min.css
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35713229187/1623088254861/website/templates/layouts/ Frame D67F 30 B
753 B 96ms
92ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35713229187/1623088254861/website/templates/layouts/base.min.css

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7964ee39d060ecb7867f4f8f6fea57560d48086e54eac9c91e59562c5688cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1623088254893
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 366
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 73c1af523e926903-FRA
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 30
x-amz-id-2: O7Ki2RSCCfkCx1AEn7QJXFdKbUon5WEVUZVC/6n9+Ao1VthntRJCPI3QChfb1tCI97/FVDjiaEs=
x-amz-replication-status: COMPLETED
last-modified: Mon, 07 Jun 2021 17:50:55 GMT
server: cloudflare
etag: "36ec7961bff501339e94be885173a543"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klABCx7NBaARwted%2FxfBsda%2B1qjPaLVraYFZlX1%2B1%2FsDBOZhhAbXTkI69njMu0wICrwj28IIK%2F03QWIBaBpZFKKHuTPX50mZ3EvU1IOh%2BBaH0KRCQJNDwABz4cRcQWKRBAIreWOuj%2BUnT5aeVI%2BkfQoL02s%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: ACE0KJ9QE7MHKPXK
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: YP7ybaiH7H411wVJHV_qHOvJ.4ZtSg0L
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: N2y1l2thZGVZ3X_nYXheC7DadWAgTPTpLSYQxZuQZxUWFpik1HcKWQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 theme-overrides.min.css
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35021083376/1618159480040/website/css/ Frame D67F 7 KB
2 KB 83ms
80ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35021083376/1618159480040/website/css/theme-overrides.min.css

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cdba574d9c55a027cd8e02086cba3e62a1939e4eb17321fa7b1f6c653445da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1618159480159
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 418
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: 63W9ZZS5PM9NEA7A
x-amz-id-2: QHXd8tgQ0DPyY2mqrCpXkVicV4FVrCWqpTc2nLNNwMx1FJiuHqyjaLN55wGn0zYFGqMlCJkh/+s=
x-amz-replication-status: COMPLETED
last-modified: Sun, 11 Apr 2021 16:44:41 GMT
server: cloudflare
etag: W/"1ffa4af384b0451b40edf914ef8c8cdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5v4l5yWPn1Qvnswkjiyh%2Bv3hSFcXso9089xr9wxf84bmsg2%2BOSddr%2F2VvhtmET9CnpBXrlpWHA9oNSc%2BbdMloemmuiN0D6Qj8n6oAk8IFGtmh0Z66b55Lw8Kwnw5qUsbkWS1ZdH3YJi7GlNeinIjmHFYsrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: rb9zJAYnPoyQegQJ0Hksh19v.3IFW3gn
x-amz-cf-pop: IAD89-P1
cf-ray: 73c1af523e956903-FRA
x-amz-cf-id: 73aBcFVxWYa7rEUYLx-9C9TshMOIExlrZuZpEqLU7NCL5Mseun3Y7A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_47923578698_Full_Page_Header.min.css
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/module_assets/47923578698/1643723123501/ Frame D67F 5 KB
2 KB 80ms
78ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/module_assets/47923578698/1643723123501/module_47923578698_Full_Page_Header.min.css

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf997cbcd06d12ced5229efcb7f5c039e25f7fca27d9433dc01787336f33f109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1643723123501
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 366
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: NYNS8N2YCXCFC0CE
x-amz-id-2: G44rIjzsQ26tc8EhJhbKuwmJyAi/D33RsDNml9ur0lmw+v/MGfhKeActU97tq9CJvdG79Wlc4y0=
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Feb 2022 13:45:24 GMT
server: cloudflare
etag: W/"4f1bec1226a47edb154ee092e7cacc30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYnR9%2B6vBPuxFPMnkoBkOPJKKwJkoPV5MeA9wSQgv%2BRMGUAfRYW8SZsWBWhRks7ToMfeRx4u%2FYUFEGaEKS7gQWVj3ibDBVmRxmRteLMqM7NRN5PRhJXS2X83R8cGrsPIkTw96HLDO8ZlzRO4%2F0jJV%2BGhlzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 8To4yhQPO90l4OeexiJbJaNVojEyX17i
x-amz-cf-pop: IAD89-P1
cf-ray: 73c1af523e966903-FRA
x-amz-cf-id: GshzY_NKOvKl_5pUyK1JnWAankUiDNyyOeJxnP28iKpPBN1VAjx0_Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module.min.css
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/47082801312/1623088256446/website/modules/common/Image/ Frame D67F 50 B
919 B 117ms
115ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/47082801312/1623088256446/website/modules/common/Image/module.min.css

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

adaa93871f0ccce44dee8cf9fc0dc7444031cc5999577a692ac7b89eae6de6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1623088256476
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 2ca1a2664d288773b443dc5e52a8b5b8.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 418
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: SFN13H9ST5C8448N
x-amz-id-2: mLgjuWecIHnoRmoKub+Ff7/xS7ywDCwdVpotKeMdoIhKIjPWjK3c9khRNTVGp53sa0PuzYOE+Uc=
x-amz-replication-status: COMPLETED
last-modified: Mon, 07 Jun 2021 17:50:57 GMT
server: cloudflare
etag: W/"1442f549767d815d8d6558013216dbb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Y2kDojcc71WkacCuGVFwjpw6BW%2FLTSecJz1klbzIgxFZSlD5q%2BYA6zpjOkW3SM%2BYluhw7miZMZSOp%2FRb8K1iOMrQ5YHzcUhzr0MFogKQV50b1xKfCzNFO%2BoGP3GGHXLSeRBfPTFWbHcPJ7ChQZvXpC%2Fe24%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: QsubVWb0q5v8GdJSkgk8IU8oDZ6W48aA
x-amz-cf-pop: IAD89-P1
cf-ray: 73c1af523e986903-FRA
x-amz-cf-id: IYoVIdFxFhxWBaWbcsv3bbAYUBDKoFeqPa_Bl7d4PkuVeX9M6k4ouA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 8a823835-e7dd-4d86-8d36-4c4c922099d6.css
fast.fonts.net/cssapi/ Frame D67F 14 KB
2 KB 159ms
49ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/8a823835-e7dd-4d86-8d36-4c4c922099d6.css
Requested by: Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4788f20b521475c376c605eb95e6b2b12ff10b6864d1c68e059ca1b775c3c2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2238
x-amz-request-id: 5KCWKMRMDVG0MVD2
x-amz-id-2: bbiwKU+nrTq0WEIiTJ6arCU+KlLOj6nkAIJVccfXptQqzAdk3mpY8A2Y7b8G+Ws4uVBlaFgKQp0=
last-modified: Wed, 17 Feb 2021 11:03:56 GMT
server: cloudflare
etag: W/"7695481b140bc8e15d93da5714e24e33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
expires: Wed, 17 Aug 2022 10:26:47 GMT
cache-control: public, max-age=300
x-amz-version-id: null
cf-ray: 73c1af52e8609c04-FRA
x-amz-meta-mtime: 1496907275

GET
H2 200 hubspot-global.min.css
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/5517792769/1569765141555/Coded_files/Custom/page/css/ Frame D67F 14 KB
4 KB 85ms
82ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/5517792769/1569765141555/Coded_files/Custom/page/css/hubspot-global.min.css

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae17b7ac4e2573d3c332b6753574329dea250c863b5b2a0b45a666bf6defca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 418
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: 63W07773CB19NGEQ
x-amz-id-2: lISLMfeTQlSTjGxVZeBGgn6sHM6PkABIaW1WUqcrV5mHIL48e7+qj9eR6AEdmqC7M1wYc+0DTZY=
last-modified: Sun, 29 Sep 2019 13:52:22 GMT
server: cloudflare
etag: W/"0f65322241df9db20231d2f315ea9f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYIQ%2F4nP5l05iAex3kJB5fjAyT6iXeBP3LYFBsHs3jILKMLaY87K2Bmkt7GoXZ33pBbQTsyK85bdjXypKOJzh3fyXQ%2BhLgRh4qvcHe3VX99DjxNxG%2B5PktSU%2Bz3bkM1pioabju6UTanIRigQf1Fp1uOTarU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: cHafh_owPETh1GK0w1E9FwjOkF_svyOS
x-amz-cf-pop: IAD89-P1
cf-ray: 73c1af523e9a6903-FRA
x-amz-cf-id: V_czSPKctTrC9etylH3aBP6wYHC2MsIXG5i9p8Ccq-iy_4c8tnzIcQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D67F 167 KB
61 KB 139ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-819187043

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac6214c108697a6d0d1c3962a5c599d63870a54fc493411422ae1422fdb050c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62325
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 10:21:47 GMT

GET
H2 200 scripts.min.js Show response
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/5856056980/1659511821320/Coded_files/Custom/page/Facelift_new_2018_theme/static/ Frame D67F 136 KB
47 KB 86ms
84ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/5856056980/1659511821320/Coded_files/Custom/page/Facelift_new_2018_theme/static/scripts.min.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9121515bce665fdbb449d308a568711cc793fd3b0a86928712ac8752b4f3e222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1659511822738
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 366
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: 6J69ZBM2ZJMV09MH
x-amz-id-2: T8u8WqLzYdLjXZ5p3z1RYR7Z5PpwDj4SsvDx+SHmJl72bSTz06yxgUtVqk5Ijw3hWZKeQaFCWVU=
x-amz-replication-status: PENDING
last-modified: Wed, 03 Aug 2022 07:30:23 GMT
server: cloudflare
etag: W/"d035239d5cdfe50c776ef21e33704549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vltt%2BZcahIDH7FwPuq0U4hmmGOYZCo%2Bm9LyykVPQrFjdNrLDXc4Zw1ldGljhpSMqqE5TP8yhe6ArbPySjpZ5uQKbe4l9yYrpS7z7i6B37ySAt3YwNNVNIWjDWVyY7gcmec01iiOELX4XQyMn%2B%2FYlgKeRvBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: guB2rRg_TdB1oS.Qj53lzTmwoWBplwpT
x-amz-cf-pop: IAD89-P1
cf-ray: 73c1af523e9b6903-FRA
x-amz-cf-id: PFiLvB5cNAkmjVYQpQ7f5_aSN50YzVhcRTvCigQ5SjRtCHtnwyk5RA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 main.min.js Show response
cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35020605337/1638183770200/website/js/ Frame D67F 1020 B
1 KB 117ms
115ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs-fs/hub/3482881/hub_generated/template_assets/35020605337/1638183770200/website/js/main.min.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6b47c84251d8bdc2f5024572328f7e08cf7322890e5f5e6be97d623072ecf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1638183770500
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 366
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-encoding: br
x-amz-request-id: KXXDCSGHHVWS7CBR
x-amz-id-2: Aaq1jcBQ+aHEL0b2w/Quop+ygwBOxIPJs55UEMqhFIf68cqoy7HF9KE5lmfv/aIugaFs6xXbLQA=
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Nov 2021 11:02:51 GMT
server: cloudflare
etag: W/"415255d50c7b182ef887f7e121d72c6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jr7qsZ6qEp792paAtIYR%2BQl7iLpYYx7E3AepLmFYk6FYHyKoBE0KMkDsuLszQ%2BEEmKyyUcjsurY1iK90AqKu57Sn6KKGq5imFbpNafTeiQeiJxgNuLURE3mZvk%2Bf0KpQ1bcRuIQUq%2BNkIqD5xj3ulYJqn30%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: ZQjZh7j9R9c_D0eTvQH8Wrv8BI63sO_G
x-amz-cf-pop: IAD89-P1
cf-ray: 73c1af523e9d6903-FRA
x-amz-cf-id: 1Pfr0J9jDBf2xY8-fYbH-c0kOx8ETiw2gLXx4NHXp3Zz5QuFA_A0HA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 mustache.js Show response
unpkg.com/mustache@4.1.0/ Frame D67F 25 KB
8 KB 159ms
50ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/mustache@4.1.0/mustache.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5c3416ac58f00b08a3f49877820e51ff3fef14b2fd14f7dbeeca38d3b4b8312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17634405
fly-request-id: 01FT83P86A7MG58A7K3VZA6G34
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"6256-2udJE5BXiPtM70OUBaRceJASv4o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73c1af52ebf390a8-FRA

GET
H2 200 scroll-out.min.js Show response
unpkg.com/scroll-out@2.2.12/dist/ Frame D67F 3 KB
2 KB 173ms
65ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/scroll-out@2.2.12/dist/scroll-out.min.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7c9a53c0897113117a83a59eab061568726d7a8a067dee3cee16f836457874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14671567
fly-request-id: 01FX0D8VXJFAZAMGS8B7G4ZDXF-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"c39-dubgxxxxtNLI56K1ediP9PMvcfY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73c1af52ebf790a8-FRA

GET
H2 200 3482881.js Show response
cloud.facelift-bbt.com/hs/scriptloader/ Frame D67F 2 KB
1 KB 81ms
80ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/hs/scriptloader/3482881.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bf34c34b0b0a305cc57c22f5d18a9d2105a21d5c7e1c0fafbfe361415f1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 55
cf-polished: origSize=1978
x-hs-https-only: worker
strict-transport-security: max-age=31536000
x-hubspot-correlation-id: 12fed03a-f72a-4035-890f-ecbb3952fe2b
last-modified: Wed, 17 Aug 2022 10:20:52 GMT
server: cloudflare
x-trace: 2B93B8A85682067D3C144D6E3E768E403AA3495857000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OP0OnOTMwPzLALlvtwpY9Iy7mhf%2FKibUu8CkhNdGJViarv22Nn2ddvFHv4NYMzBhf5VMq%2FpSk%2FqNtXoA9IraM7kR6CzTvjm3UGbECHenQQMwfBkRlZlqU%2BcA2N2e2QBIsom8z40OZAxPOoXjuVDgXUPrX50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://cloud.facelift-bbt.com
cf-bgj: minify
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 73c1af5388896903-FRA
expires: Wed, 17 Aug 2022 10:22:47 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/ Frame D67F 7 KB
3 KB 147ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/lazyload.min.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 12878061
x-jsd-version: 17.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2683
etag: W/"1d61-wcBCP//7m5LJeuNOb3Rtiff9UGo"
x-served-by: cache-fra19141-FRA, cache-ams21047-AMS
x-jsd-version-type: version
date: Wed, 17 Aug 2022 10:21:47 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame D67F 236 KB
79 KB 145ms
107ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K9LGRZT

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

204320052a6ccb27e293878447f89a3e813af7a98e4cf5cd23d10674b2469bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80960
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 10:21:47 GMT

GET
H2 200 1.css
fast.fonts.net/t/ Frame D67F 0
219 B 53ms
53ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=8a823835-e7dd-4d86-8d36-4c4c922099d6
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/8a823835-e7dd-4d86-8d36-4c4c922099d6.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.fonts.net/cssapi/8a823835-e7dd-4d86-8d36-4c4c922099d6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
cf-cache-status: HIT
age: 357479
cf-ray: 73c1af5338e89c04-FRA
content-length: 0
x-amz-id-2: zyfPOl5v2Axu7yxBiqaIf3/gbYji5lxr2TBI/3p8Mmt/amwlWLWPn5WE8dScLa8tuygf95dnIMg=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 5YZ5NNRJ99ZTQVWT
cache-control: public, max-age=0, s-maxage=604800
x-amz-version-id: null
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H2 200 instagram-post-performance-loginarea-illustration.jpg
get.facelift-bbt.com/hs-fs/hubfs/ Frame D67F 49 KB
50 KB 201ms
74ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.facelift-bbt.com/hs-fs/hubfs/instagram-post-performance-loginarea-illustration.jpg?width=1665&quality=low

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

528d79259a8da97104e69a285b2a266026953c5fc7d13a1bca2e8d4cff1f984a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 178861
cf-polished: qual=85, origFmt=jpeg, origSize=119030
edge-cache-tag: F-73968639312,P-3482881,FLS-ALL
cache-tag: F-73968639312,P-3482881,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-https-only: worker
content-disposition: inline; filename="instagram-post-performance-loginarea-illustration.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 50010
x-amz-server-side-encryption: AES256
last-modified: Mon, 15 Aug 2022 05:21:44 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "e87b51d811cc684eb935bb0243b5637e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9M%2FNvUVPXkDuTVP7v562FGP0BjXcj7Q2PSqDTwl072kcXv9IEQmEXmL4k5k8ppzu4xC2CeBkpaeYxVTHR%2FeSSW6LOnwa5lPpJs7KSr3rYmYttLNgvTxzz49PK5K6kvB6VtgWyy9dfKDGgz9wWr4Gs5u"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 73c1af5498ba9bbe-FRA
x-amz-cf-id: KbGD63MzB_qSQ9nihkgXXWqaX7oa4tyyO21XQvJhDGcbD-KF7VMmmw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 product-update-instagram-carousel-animation.gif
get.facelift-bbt.com/hubfs/product-marketing/product-updates/ Frame D67F 1 MB
1 MB 239ms
113ms Image
image/gif 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.facelift-bbt.com/hubfs/product-marketing/product-updates/product-update-instagram-carousel-animation.gif

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

920041cb49b8ec23bd44e35a8d83d3672e6b30b76350f71f22899719f53a1b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-72142399587,FD-42378844957,P-3482881,FLS-ALL
age: 178848
x-amz-server-side-encryption: AES256
edge-cache-tag: F-72142399587,FD-42378844957,P-3482881,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: 62G6RYP16M2JX5SS
cf-bgj: imgq:85,h2pri
etag: "9434870c861069a5f356f0fb8620194f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
x-amz-meta-created-unix-time-millis: 1651131412565
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
cf-polished: origSize=2521323
x-cache: RefreshHit from cloudfront
cache-tag: F-72142399587,FD-42378844957,P-3482881,FLS-ALL
x-amz-meta-index-tag: all
content-length: 1463493
x-amz-id-2: btvmfuJHbH/F91HbGEDz3MvlsAKV1yc79X5iYEIkwrxQXxJ7fMMOfYMLhvdVhVsxzqe6uS6Gfp0=
last-modified: Thu, 28 Apr 2022 07:48:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhBJScJ4OMlkyHMwitstXfu8jrO95HhbYYLnRRHD4K0BVNBbOH5oGJb5ffReDLMcq8Utsskyz1mm64U41FwWhQymzac4c2CYgHWAFhB4ZTrnKA0g7HmxPH77ygruon6iOJdbUaqf%2B1e8BZHbC9Tmt3so"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6AIkrMQbWfObyIAOIYHEbDAzrtfCnVEz
accept-ranges: bytes
cf-ray: 73c1af5498bc9bbe-FRA
x-amz-cf-id: W6x8KS2j9NbradKNiypQJp9eRSMmY5eliiu9lEL9h5szqO10wLxRPA==

GET
H2 200 facelift-cloud-loginhighlight-instagram-reels.jpg
get.facelift-bbt.com/hubfs/product-marketing/fcld-login/ Frame D67F 109 KB
110 KB 198ms
78ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.facelift-bbt.com/hubfs/product-marketing/fcld-login/facelift-cloud-loginhighlight-instagram-reels.jpg

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa1157321b23246f469a7471a2026171070a93a1d3d141b3d7535d0798e4281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-78424730411,FD-49334214802,P-3482881,FLS-ALL
age: 178560
x-amz-server-side-encryption: AES256
edge-cache-tag: F-78424730411,FD-49334214802,P-3482881,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="facelift-cloud-loginhighlight-instagram-reels.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: TPD8MHJAXNAE5Y5D
cf-bgj: imgq:85,h2pri
etag: "3a673e95e0917a3d295d475d0ffeb5b9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
x-amz-meta-created-unix-time-millis: 1657096454478
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=208461
x-cache: RefreshHit from cloudfront
cache-tag: F-78424730411,FD-49334214802,P-3482881,FLS-ALL
x-amz-meta-index-tag: all
content-length: 111580
x-amz-id-2: zqqtH7yr2xeoe86aiLFavVGKHfve6vMtcp0wQhUrWrqvOsZuetvByaNc9nD22b4MaxmhpZr2B/4=
last-modified: Wed, 06 Jul 2022 08:34:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U%2FkvAYC2JgQ%2FDQ5BnHdSGyZqAfNmWwHSvvkZ%2BFEo5bVxH%2BFUAgrnm5PhLTSiAOC4Q7pKC94EblNKr3iigLPzju4zaoQ2sDnKD7E%2Fhex8ARFNj5PbsUDGF%2F6lI%2BX1%2FWPZ386NL9XDl3Y%2F7dpXZD4eHNc"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: Fg8rQN9zlFRNO2kL8GW8M22T1w.VEpw2
accept-ranges: bytes
cf-ray: 73c1af5498c09bbe-FRA
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-id: m4U2g1STHLai6qiPbrx3mbgpBULHFZ15gp8Uh9Fvt3WFRX2hUqES_Q==

GET
H2 200 fc-highlight-screenshot-space-outfitters-gmb-sale-smartphone-maps.png
get.facelift-bbt.com/hs-fs/hubfs/product-marketing/fcld-login/ Frame D67F 211 KB
212 KB 234ms
114ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.facelift-bbt.com/hs-fs/hubfs/product-marketing/fcld-login/fc-highlight-screenshot-space-outfitters-gmb-sale-smartphone-maps.png?width=1665&quality=low

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee391834395c979e4c1f0999b3dfc8358d1ba25ddd8f0cf8a915fb49fed4ba7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-64083061805,FD-49334214802,P-3482881,FLS-ALL
age: 178560
x-amz-server-side-encryption: AES256
edge-cache-tag: F-64083061805,FD-49334214802,P-3482881,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="fc-highlight-screenshot-space-outfitters-gmb-sale-smartphone-maps.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: Q8HKHWC5G00NK4DC
cf-bgj: imgq:85,h2pri
etag: "682ad197a1df0b03384be56f5f1dbf4e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-hs-https-only: worker
x-amz-meta-created-unix-time-millis: 1642434227503
date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=364094
x-cache: RefreshHit from cloudfront
cache-tag: F-64083061805,FD-49334214802,P-3482881,FLS-ALL
x-amz-meta-index-tag: all
content-length: 215786
x-amz-id-2: 7KFZL//g+aTxOtr0heU14T/OEUW4ZwIClOW/EqNnrFn/8LAEZBvoSE1Ac5kgBEFcUqqXIWkSiIg=
last-modified: Mon, 17 Jan 2022 15:43:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCiW55rFJH2bFBHfTc7IkrSJ61cBueVwBLRnRdtXCsolW5wpAhi7UzjYZ5YknLf%2FU8qGfUYqPmHYZpwZhdieDFnOSB7AV1wBBvXdJS2wYwTlIiZP6usSP07l%2BKo5kZu15y3fcCAwjVyA0OY3x2peaYsi"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: claHTq.UkQWI2gDN5KEXMnJPIrwnMHx5
accept-ranges: bytes
cf-ray: 73c1af5498c39bbe-FRA
x-amz-cf-id: CxpmW4g4PNkMa1u0XsvOaHyIBsI78cijay_EsodR3_FKW0g10_IdzA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ Frame D67F 73 KB
21 KB 146ms
49ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/hs/scriptloader/3482881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 289
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10527/bundles/project.js&cfRay=73c1a8431b84698f-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 10 Aug 2022 02:50:06 UTC
server: cloudflare
etag: W/"a2bf181c4425a795ee88f3f230bb1967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: c5qrTiV6vDUhLMyUOB33g.CfXJNifE8r
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P2
cf-ray: 73c1af54b9d45c1a-FRA
x-amz-cf-id: iT2GuseftOjL5t51bc3idZipgwzEHrsEgA1mtJ7fY41yyF1_uNm5Rg==
x-hs-target-asset: conversations-embed/static-1.10527/bundles/project.js

GET
H2 200 3482881.js Show response
js.hs-analytics.net/analytics/1660731600000/ Frame D67F 63 KB
20 KB 135ms
49ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1660731600000/3482881.js
Requested by: Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/hs/scriptloader/3482881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5d16ad44d710e22a40d662319a9de4a997f0c70a4db9c0d66bf37b6ad4e7fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 31
x-amz-server-side-encryption: AES256
x-amz-request-id: TBHWFYXYS91GBMVG
x-amz-id-2: dI6g5HbEaqIcUQ+ZCKKeblA+S2Jo5vKvr21QOjEG3BJHLo8203hmftAMMgit/SdjZSDRWIYL9EQ=
last-modified: Wed, 27 Jul 2022 16:46:45 GMT
server: cloudflare
etag: W/"778cb93d32a77261f99cd09529f0f032"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 73c1af54a9949bef-FRA
expires: Wed, 17 Aug 2022 10:26:16 GMT

GET
H2 200 3482881.js Show response
js.hs-banner.com/ Frame D67F 63 KB
17 KB 136ms
47ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3482881.js
Requested by: Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/hs/scriptloader/3482881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a21ce71ea56d3dd7bbab1d67533c311ef216252f81b85d710084dadbd49420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 148
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: WVG4R9ETWJ36D1R1
x-amz-id-2: BDHioFBZaVETMhwDM4udE4KV1sB/0C+4yICyFwqRzeWhugaNQ6XFBGqWBKiyHDW9me71TQ0OVhA=
timing-allow-origin: *
last-modified: Tue, 16 Aug 2022 21:06:47 GMT
server: cloudflare
etag: W/"ccd79c3dd20cd48e479dc92ea89272e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: uomIEbyYRe8.znbpihxBG2.R2aVz_C27
access-control-allow-origin: https://cloud.facelift-bbt.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 73c1af54a8749158-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 17 Aug 2022 10:24:19 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ Frame D67F 547 KB
88 KB 146ms
56ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/hs/scriptloader/3482881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8598f014db2cb1ee468796657129c4d2319715d818ad6a0ea1049b7873b19fe

Request headers

Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
Origin: https://cloud.facelift-bbt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
via: 1.1 76cd2de9f0213e8c76093c6b346e8118.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 71572
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1101/bundle/main/lead-flows-release.js&cfRay=73badbf869179951-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 73c1af54ab0e5b50-FRA
last-modified: Mon, 18 Jul 2022 01:14:17 UTC
server: cloudflare
etag: W/"46823b230a10099f9c99f5d6e551b1de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: yT2X7qjRd3nfD17wwjIyU26GMxKILzTr
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Bq88IPpszV0bET_ptgmi1ssizldLVPqybSZSbIidjoUD35bLDXTjPw==
x-hs-target-asset: lead-flows-js/static-1.1101/bundle/main/lead-flows-release.js

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame D67F 40 KB
16 KB 177ms
80ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-819187043

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15380
x-xss-protection: 0
server: cafe
etag: 14955335288317425560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Aug 2022 10:21:47 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ Frame D67F 42 B
548 B 129ms
45ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=377628474.1660731708&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&gtm=2oa8f0&did=dZTQ1Zm&gdid=dZTQ1Zm

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-819187043

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 10:21:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ Frame D67F 2 B
1 KB 275ms
198ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/3482881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 759fce50-9f1c-41e4-9395-da080dc4c0d3
content-length: 2
timing-allow-origin: *
server: cloudflare
x-trace: 2B06C6DF5CFC8A84D6DF4A85D6435657EEE9C2A525000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://cloud.facelift-bbt.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 73c1af5579a06927-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

GET
H2 200 widget Show response
cloud.facelift-bbt.com/_hcms/livechat/ Frame D67F 287 B
1 KB 201ms
201ms XHR
application/json 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.facelift-bbt.com/_hcms/livechat/widget?portalId=3482881&conversations-embed=static-1.10527&mobile=false&messagesUtk=1a3c3a667be84cc8b591f908b0aad711&traceId=1a3c3a667be84cc8b591f908b0aad711&referrer=https%3A%2F%2Fsettings.facelift-cloud.com%2F

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

050102d7e90f30e07c59cadd02161120084ffab6a3153747b7192bbd2c40b423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://cloud.facelift-bbt.com/de/marketing-area-live

Response headers

date: Wed, 17 Aug 2022 10:21:47 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a83581e6-4959-4980-b3be-b880a1fc98c7
x-hs-https-only: worker
server: cloudflare
x-trace: 2BF4AB7B7542E54A45B07BF911EFE53E8A2BFBE3CD000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KutKDrCBK9X1ddARsaQrXscppcycNxViOjEfIGrjcm36n%2BLuzV2RMgXKNGmmPcXZfQDIUOATRqXbYhmZPxdoFFf3kO6SZheLCQjbcKJa5olRrjEKyirfswXcpNG27raVjejyrt3ULnnnUEYp%2Fj2liv5qjaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 73c1af551ae36903-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame D67F 45 B
555 B 254ms
164ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=3482881&pi=55128927655&ct=standard-page&ccu=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&cpi=55128927615&lpi=55128927655&lvi=55128927655&lvc=de&r=https%3A%2F%2Fsettings.facelift-cloud.com%2F&pu=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&t=Marketing+Area+LIVE&cts=1660731707873&vi=caed006a1da31accb7df510a8f3ce1c1&nc=true&ce=false&cc=0

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f42f04c4-2920-4a81-b6b3-b6f0c570cea9
cf-ray: 73c1af56e9f39232-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrLZHc1Nl9qRy2kFpaYn6VJXk%2BtpSplYa9Qdoiu%2B0xUaT85RhA7qu%2FIuTjERfN5A64VfxYwtJkIMIAoHRKfgBa7Lzo2nbiZW3vR6QmtzAlDf4MXmaFnea0pBOZjiKasB5XixjksOg0IcvdW%2F0rss"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame D67F 45 B
960 B 243ms
153ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?id=000002635075&value=null&k=3&n=000002635075&m=&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=3482881&pi=55128927655&ct=standard-page&ccu=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&cpi=55128927615&lpi=55128927655&lvi=55128927655&lvc=de&r=https%3A%2F%2Fsettings.facelift-cloud.com%2F&pu=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&t=Marketing+Area+LIVE&cts=1660731707877&vi=caed006a1da31accb7df510a8f3ce1c1&nc=true&ce=false&cc=0

Requested by

Host: settings.facelift-cloud.com
URL: https://settings.facelift-cloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 10:21:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9fb30aff-844d-4644-adca-0fecfb7f68d0
cf-ray: 73c1af56e9f59232-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAjgk8gGBvLiCjYJf3T4v6%2Bl8nXluKAQu8AQle6zpKALX%2Bc7sbWHNI8maFG55XJZWV2StCKcfMBSMuSM2FmzcKDEWh3eK5w7iV72rUS87MSXySRf4fk9olrsfW8LStovVwjaMyxrpOnk6Lhw%2FPWO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D67F 49 KB
20 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cloud.facelift-bbt.com
URL: https://cloud.facelift-bbt.com/de/marketing-area-live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4788
date: Wed, 17 Aug 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Aug 2022 11:02:00 GMT

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/ Frame D67F
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcu=1&gcd=G100&rnd=377628474.1660731708&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&gtm=2oa8f0&did=dZTQ1Zm&gdid=dZTQ1Zm
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=G100&rnd=377628474.1660731708&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&gtm=2oa8f0&did=dZTQ1Zm&gdid=d...

42 B
285 B

46ms
46ms

Ping
image/gif

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=G100&rnd=377628474.1660731708&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&gtm=2oa8f0&did=dZTQ1Zm&gdid=dZTQ1Zm

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 10:21:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Aug 2022 10:21:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcu=1&gcd=G100&rnd=377628474.1660731708&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&gtm=2oa8f0&did=dZTQ1Zm&gdid=dZTQ1Zm
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819187043/ Frame D67F 2 KB
2 KB 161ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819187043/?random=1660731707943&cv=9&fst=1660731707943&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&ref=https%3A%2F%2Fsettings.facelift-cloud.com%2F&tiba=Marketing%20Area%20LIVE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c3c6fbdb3c90a38e08d2d48e107327098e115fee5300792d2e0d6c8aff8a517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 10:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/819187043/ Frame D67F 42 B
64 B 135ms
51ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819187043/?random=1660731707943&cv=9&fst=1660730400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&ref=https%3A%2F%2Fsettings.facelift-cloud.com%2F&tiba=Marketing%20Area%20LIVE&async=1&fmt=3&is_vtc=1&random=2173088195&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 10:21:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819187043/ Frame D67F 42 B
548 B 139ms
50ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819187043/?random=1660731707943&cv=9&fst=1660730400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fcloud.facelift-bbt.com%2Fde%2Fmarketing-area-live&ref=https%3A%2F%2Fsettings.facelift-cloud.com%2F&tiba=Marketing%20Area%20LIVE&async=1&fmt=3&is_vtc=1&random=2173088195&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.facelift-bbt.com/de/marketing-area-live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 10:21:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facelift-cloud.com/	1969-12-31 23:59:59	Name: fast-sid Value: 3e6b963fabb8977edc2a1e364f1c7499
.cloud.facelift-bbt.com/	1969-12-31 23:59:59	Name: __cfruid Value: 42b6d1dd8edd5b29116ba781c62747a5cf2745bb-1660731707
.cloud.facelift-bbt.com/	1970-01-20 05:18:53	Name: __cf_bm Value: hpBIHBG25uJznuMcqZ.UABRtgVdRNSjVbT.WzsiIctM-1660731707-0-ASTY9Wfny6b/yVC4WVCv92dY5LshIAQBJAh7jM32deOn1++CSoWTZKBOTtWC96nm8yfjEEHDP8T37FGLmQOH8/M=
.fonts.net/	1970-01-20 05:18:53	Name: __cf_bm Value: PPY7ArBcGS6Q9zNDuEbU7y8FSRdmP3f70_oJ31TuS2E-1660731707-0-ARyCWwLHDK56K9UfvJ+K6igvrTAfyHk+NM6zhM6qmybEHa3a8j0GpNnxG29LdCmDSkqwetStVPusgdvEgbqVOGE=
.get.facelift-bbt.com/	1969-12-31 23:59:59	Name: __cfruid Value: 42b6d1dd8edd5b29116ba781c62747a5cf2745bb-1660731707
.get.facelift-bbt.com/	1970-01-20 05:18:53	Name: __cf_bm Value: fI7zzwg_UKIFwpgn9ic5.Ft5nPo79ObmgnvjzS8yxYE-1660731707-0-ATcRoNLH0uXV/60qCVEphAjbkseL2tF3CZ53v8vwWu2C4ZUcDuHC3e9Bc/1FllhlFzuCqCB8IICJ+RlX7wMWwSI=
.doubleclick.net/	1970-01-20 05:18:52	Name: test_cookie Value: CheckForPermission
.hubspot.com/	1970-01-20 05:18:53	Name: __cf_bm Value: YnGzQVGXEuxtGyLbZ7.vKkfNRm05nBEc4ijWheg7tKk-1660731708-0-AYMy9TCqxFXmwF2qi0mck6FD5y6pfeVo/HL4nUDWJ9xXGn8NNSG1qjf5xCeY6xfkhqxh/LvwH9yXq7ih5FQS36Q=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://settings.facelift-cloud.com/#/postPlan/10463396 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-assets.facelift-cloud.com
cdn.jsdelivr.net
cloud.facelift-bbt.com
connect.facebook.net
fast.fonts.net
get.facelift-bbt.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hsleadflows.net
js.usemessages.com
marketingarea.facelift-success.com
pagead2.googlesyndication.com
publisher.facelift-cloud.com
settings.facelift-cloud.com
track.hubspot.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
216.58.212.130
2606:2c40::c73c:671d
2606:4700:4400::ac40:9a55
2606:4700::6810:7eaf
2606:4700::6811:43b0
2606:4700::6811:e04e
2606:4700::6811:eacc
2606:4700::6811:eccc
2606:4700::6813:9b53
2a00:1450:4001:800::2004
2a00:1450:4001:803::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a02:26f0:dc::6853:521
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42::485
77.220.242.6
80.83.122.111
050102d7e90f30e07c59cadd02161120084ffab6a3153747b7192bbd2c40b423
1cdba574d9c55a027cd8e02086cba3e62a1939e4eb17321fa7b1f6c653445da3
204320052a6ccb27e293878447f89a3e813af7a98e4cf5cd23d10674b2469bc5
23bbf2714a342c18b7460716ad6219c136f4dba21730e193cd02c372fe49c7b3
2a7c9a53c0897113117a83a59eab061568726d7a8a067dee3cee16f836457874
2d6b47c84251d8bdc2f5024572328f7e08cf7322890e5f5e6be97d623072ecf5
4788f20b521475c376c605eb95e6b2b12ff10b6864d1c68e059ca1b775c3c2c7
4be3a9619501571ee39bea466112a260fc97d89259e9acde01adbd1c4de8d01e
4fa1157321b23246f469a7471a2026171070a93a1d3d141b3d7535d0798e4281
528d79259a8da97104e69a285b2a266026953c5fc7d13a1bca2e8d4cff1f984a
67a21ce71ea56d3dd7bbab1d67533c311ef216252f81b85d710084dadbd49420
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
711efaa37c841ef4f0f578d1d70a78eb3c452bdd5cb2ae1cf3764e8071ab7200
7ae17b7ac4e2573d3c332b6753574329dea250c863b5b2a0b45a666bf6defca7
80dff532ed604b61421087e93d5265c054405d915bb94f41d5dbb2d85f37aa00
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
911da47a93376e3173c13e2c10f3041234c76083262e02b850d07490aa39b115
9121515bce665fdbb449d308a568711cc793fd3b0a86928712ac8752b4f3e222
920041cb49b8ec23bd44e35a8d83d3672e6b30b76350f71f22899719f53a1b4f
9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f
9c3c6fbdb3c90a38e08d2d48e107327098e115fee5300792d2e0d6c8aff8a517
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac6214c108697a6d0d1c3962a5c599d63870a54fc493411422ae1422fdb050c9
adaa93871f0ccce44dee8cf9fc0dc7444031cc5999577a692ac7b89eae6de6e2
b5d16ad44d710e22a40d662319a9de4a997f0c70a4db9c0d66bf37b6ad4e7fad
b9cb3beb36f4b5099ab96e99a402d9ebba4c94c93096f6f744c29ca57579c8e5
ba017e236c64471ea25d5039c658b2e596e366b6f569357f01de8ba582e43937
c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d
c0bf34c34b0b0a305cc57c22f5d18a9d2105a21d5c7e1c0fafbfe361415f1b9e
c689104a14bad8dc84ddc18b433414a9b853dd4131280e3613a5e7dbecf5b119
cd93dacbd9d8d985cb0d9467490ae4d5ef11e0f5a6361ca0524c39164f40d13c
cf997cbcd06d12ced5229efcb7f5c039e25f7fca27d9433dc01787336f33f109
d5c3416ac58f00b08a3f49877820e51ff3fef14b2fd14f7dbeeca38d3b4b8312
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085
e74295e75d9f64349618d7b1645d202e7e37e868c5029b96488b3ea11c80837d
e8598f014db2cb1ee468796657129c4d2319715d818ad6a0ea1049b7873b19fe
ecc3b925f3d073723aaabd994d37a2de88a40ed37056f907cad35e4421d4a353
ee391834395c979e4c1f0999b3dfc8358d1ba25ddd8f0cf8a915fb49fed4ba7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7964ee39d060ecb7867f4f8f6fea57560d48086e54eac9c91e59562c5688cca
faec720e8b12d5224ee8c0e17cf7013f3486cc76cb8d0b245e2b6d60970137b4
ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf

settings.facelift-cloud.com Open in urlscan Pro 77.220.242.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

85 %IPv6

19 Domains

22 Subdomains

20 IPs

3 Countries

3037 kBTransfer

4758 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

settings.facelift-cloud.com Open in urlscan Pro
77.220.242.6 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

85 %
IPv6

19
Domains

22
Subdomains

20
IPs

3
Countries

3037 kB
Transfer

4758 kB
Size

8
Cookies

48 HTTP transactions
1 data transactions