hey.car Open in urlscan Pro
99.86.4.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hey.car/
Effective URL:
https://hey.car/
Submission: On March 28 via api (March 28th 2024, 10:48:21 pm UTC) from US — Scanned from DE

Summary HTTP 136 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 52 domains to perform 136 HTTP transactions. The main IP is 99.86.4.20, located in United States and belongs to AMAZON-02, US. The main domain is hey.car. The Cisco Umbrella rank of the primary domain is 825047.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 13th 2023. Valid for: a year.

This is the only time hey.car was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	99.86.4.20 99.86.4.20	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	18.193.19.211 18.193.19.211	16509 (AMAZON-02) (AMAZON-02)
5	3.120.59.191 3.120.59.191	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	52.219.168.157 52.219.168.157	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.60 52.222.236.60	16509 (AMAZON-02) (AMAZON-02)
11	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
2	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
1	52.222.139.110 52.222.139.110	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	54.203.25.147 54.203.25.147	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.120 13.227.219.120	16509 (AMAZON-02) (AMAZON-02)
7	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 5	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	2.18.64.15 2.18.64.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	() ()
3	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	() ()
1	2a02:2638:3::c 2a02:2638:3::c	() ()
4	172.217.16.195 172.217.16.195	() ()
2	216.58.212.164 216.58.212.164	() ()
1	173.194.76.154 173.194.76.154	() ()
2	178.250.1.9 178.250.1.9	() ()
1	172.217.16.130 172.217.16.130	() ()
1	35.214.149.91 35.214.149.91	() ()
2 2	37.252.172.123 37.252.172.123	() ()
1	184.30.20.22 184.30.20.22	() ()
1	69.173.144.138 69.173.144.138	() ()
1	164.132.25.184 164.132.25.184	() ()
1	141.226.228.48 141.226.228.48	() ()
1	2.16.97.41 2.16.97.41	() ()
1	13.248.245.213 13.248.245.213	() ()
1	2.19.126.72 2.19.126.72	() ()
136	47

21 99.86.4.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-20.fra6.r.cloudfront.net

hey.car	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.19.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-19-211.eu-central-1.compute.amazonaws.com

api.common.prod.group-mobility-trader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.120.59.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-59-191.eu-central-1.compute.amazonaws.com

api.hey.car	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o385824.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.219.168.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

de-prod-heycar-images.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-60.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-110.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.25.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-25-147.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-120.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.195 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.164 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (None, )

ASN- ()

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.132.25.184 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (None, )

ASN- ()

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.72 (None, )

ASN- ()

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	hey.car hey.car — Cisco Umbrella Rank: 825047 api.hey.car	1 MB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com	91 KB
11	segment.com cdn.segment.com — Cisco Umbrella Rank: 1729	76 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	551 KB
5	doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	886 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 717	153 KB
5	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 542	3 KB
4	google.de www.google.de	252 B
4	google.com region1.analytics.google.com www.google.com	234 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	130 KB
4	amazonaws.com de-prod-heycar-images.s3.eu-central-1.amazonaws.com	156 KB
3	criteo.com gum.criteo.com sslwidget.criteo.com dis.criteo.com	5 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 360	14 KB
3	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5254	7 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	377 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 712 script.hotjar.com — Cisco Umbrella Rank: 959	59 KB
2	group-mobility-trader.com api.common.prod.group-mobility-trader.com	715 B
1	yahoo.net hb.yahoo.net	319 B
1	3lift.com eb2.3lift.com	140 B
1	teads.tv criteo-sync.teads.tv	163 B
1	taboola.com sync-t1.taboola.com	99 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	media.net contextual.media.net	812 B
1	bidswitch.net x.bidswitch.net	235 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2704	231 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 686	15 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1342	168 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3826	19 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2390	1 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2246	23 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2238	21 KB
1	sentry.io o385824.ingest.sentry.io	299 B
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3321	48 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 6553	980 B
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4770	12 KB
0	emxdgt.com Failed e1.emxdgt.com Failed
0	yieldmo.com Failed sync-criteo.ads.yieldmo.com Failed
0	yieldlab.net Failed ad.yieldlab.net Failed
0	tremorhub.com Failed criteo-partners.tremorhub.com Failed
0	sharethrough.com Failed match.sharethrough.com Failed
0	pubmatic.com Failed simage2.pubmatic.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	postrelease.com Failed jadserve.postrelease.com Failed
0	mediavine.com Failed exchange.mediavine.com Failed
0	ivitrack.com Failed matching.ivitrack.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	id5-sync.com Failed id5-sync.com Failed
0	casalemedia.com Failed r.casalemedia.com Failed
0	omnitagjs.com Failed visitor.omnitagjs.com Failed
0	adform.net Failed cm.adform.net Failed c1.adform.net Failed
136	52

	Domain	Requested by
21	hey.car	hey.car
11	cdn.segment.com	hey.car cdn.segment.com
9	www.google-analytics.com	hey.car
6	www.googletagmanager.com	hey.car
5	analytics.tiktok.com	hey.car analytics.tiktok.com
5	creativecdn.com	2 redirects hey.car creativecdn.com
5	api.hey.car	hey.car
4	www.google.de
4	stats.g.doubleclick.net	hey.car www.googletagmanager.com
4	connect.facebook.net	hey.car
4	de-prod-heycar-images.s3.eu-central-1.amazonaws.com	hey.car
3	bat.bing.com	hey.car bat.bing.com
3	widget.trustpilot.com	hey.car widget.trustpilot.com
2	ib.adnxs.com	2 redirects
2	www.google.com
2	region1.analytics.google.com	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com
2	api.common.prod.group-mobility-trader.com	hey.car
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	sslwidget.criteo.com	static.criteo.net
1	gum.criteo.com	static.criteo.net
1	vc.hotjar.io	hey.car
1	static.criteo.net	hey.car
1	script.hotjar.com	static.hotjar.com
1	api.segment.io	hey.car
1	cdn.mxpnl.com	hey.car
1	static.hotjar.com	cdn.segment.com
1	track.hubspot.com
1	js.hs-banner.com	hey.car
1	js.hs-analytics.net	hey.car
1	o385824.ingest.sentry.io	hey.car
1	img.youtube.com	hey.car
1	js-na1.hs-scripts.com	hey.car
1	websdk.appsflyer.com	hey.car
0	c1.adform.net Failed
0	e1.emxdgt.com Failed
0	sync-criteo.ads.yieldmo.com Failed
0	ad.yieldlab.net Failed
0	criteo-partners.tremorhub.com Failed
0	match.sharethrough.com Failed
0	simage2.pubmatic.com Failed
0	sync.outbrain.com Failed
0	jadserve.postrelease.com Failed
0	exchange.mediavine.com Failed
0	matching.ivitrack.com Failed
0	ad.360yield.com Failed
0	id5-sync.com Failed
0	r.casalemedia.com Failed
0	visitor.omnitagjs.com Failed
0	cm.adform.net Failed
136	60

This site contains links to these domains. Also see Links.

Domain
portal.heycar.de
www.dat.de
online-kuendigung.vwfs.de
heycargroup.com
www.youtube.com
www.facebook.com
www.instagram.com
heycar.page.link

Subject Issuer	Validity	Valid
hey.car Amazon RSA 2048 M01	`2023-06-13` - `2024-07-11`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
common.prod.group-mobility-trader.com Amazon RSA 2048 M01	`2023-06-05` - `2024-07-03`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-18`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2024-06-06`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
hb.yahoo.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://hey.car/
Frame ID: 048F2039623A2726B5BFE28AB626B07D
Requests: 99 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=5c65db740526720001ee299b
Frame ID: 93AD44B73C52AE8B6D5503D8FBC183E9
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5c65db740526720001ee299b
Frame ID: DB7DD7F7707D050474F2B360B1CEB7C0
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?id=pr_Vl8Hky5WckrgZC5brdjk&tc=1
Frame ID: 0E64765FFC834A46CEEFC6C2A6D90494
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=hey.car&origin=onetag
Frame ID: 55261894986B6CDCDEFF12C7269E4562
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_Vl8Hky5WckrgZC5brdjk_home&tc=1
Frame ID: D27AAED81853168067E420C8D109343D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qfJ0DJNaBGOxqgSELI7X1yeNv7MgutDvJ2YT6Q&google_cm&google_hm=ay1xZkowREpOYUJHT3hxZ1NFTEk3WDF5ZU52N01ndXREdkoyWVQ2UQ
Frame ID: E4A490B841447BD01C9B0A46C19F4FC1
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Autos gebraucht kaufen mit Garantie bei heycar

Page URL History Show full URLs

http://hey.car/ HTTP 307
https://hey.car/ Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

136
Requests

85 %
HTTPS

34 %
IPv6

52
Domains

60
Subdomains

47
IPs

4
Countries

2564 kB
Transfer

8622 kB
Size

38
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.heycar.de/
Title: FAQs

Search URL Search Domain Scan URL

URL: http://www.dat.de/
Title: www.dat.de

Search URL Search Domain Scan URL

URL: https://online-kuendigung.vwfs.de/
Title: Verträge hier kündigen

Search URL Search Domain Scan URL

URL: https://heycargroup.com/careers
Title: Karriere

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCMFkEo9GkQjLH7jAYPw7doA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heycar.germany/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heycar_deutschland/?hl=de

Search URL Search Domain Scan URL

URL: https://heycar.page.link/aL7u

Search URL Search Domain Scan URL

URL: https://heycar.page.link/vyJw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hey.car/ HTTP 307
https://hey.car/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://creativecdn.com/tags?type=script&id=pr_Vl8Hky5WckrgZC5brdjk_home HTTP 302
https://creativecdn.com/tags?type=script&id=pr_Vl8Hky5WckrgZC5brdjk_home&tc=1

Request Chain 71

https://creativecdn.com/tags?id=pr_Vl8Hky5WckrgZC5brdjk HTTP 302
https://creativecdn.com/tags?id=pr_Vl8Hky5WckrgZC5brdjk&tc=1

Request Chain 109

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4970712722954123393

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hey.car/
Redirect Chain

http://hey.car/
https://hey.car/

544 KB
98 KB

402ms
276ms

Document
text/html

99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hey.car/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-20.fra6.r.cloudfront.net

Software

Resource Hash

b949c209b6ec826c3ed07dc4e8b2dbaad706f2643028a909f7dd335431acb92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 22:48:16 GMT
etag: W/"87f37-fw6FJn4pM9aEbaxbVCCrjVrVH8w"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-id: 02k14nERcck0eqfj_HruZmp1aJcw2uq4hap13uKzbDfbieXhJF9rzQ==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Location: https://hey.car/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 ObjektivMk3_W_Rg.woff2
hey.car/assets/fonts/ 25 KB
25 KB 49ms
43ms Font
font/woff2 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/assets/fonts/ObjektivMk3_W_Rg.woff2
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bada20c1784187eeb3ed334abb986b5c567986facf96ae64bcae73915facabf1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
Origin: https://hey.car
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 23:58:39 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 22 Mar 2024 15:39:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 514178
etag: "f2421d4191ec5b67b47e6e9c69fcfd0e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 25284
x-amz-cf-id: d4pHLqkAAWBLMR1zPUBrRJQeCtIf3yM6vTmG2JLBlj_4y5-eGtOfew==

GET
H2 200 ObjektivMk3_W_Bd.woff2
hey.car/assets/fonts/ 25 KB
26 KB 46ms
41ms Font
font/woff2 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/assets/fonts/ObjektivMk3_W_Bd.woff2
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa121c9454af9c62d9f03fb636734ccf578b019bd2db02db32dd71b574a3d76f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
Origin: https://hey.car
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 23:42:45 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 22 Mar 2024 15:39:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 515132
etag: "1b87cef5bde79878d5c64472a3b5f4b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 25948
x-amz-cf-id: gy6qlkpnaPyFVWfherLkW-ZdB75bJcNgylzT5BUmBIYmDgAt_IiYcg==

GET
H2 200 ObjektivMk3_W_Md.woff2
hey.car/assets/fonts/ 25 KB
25 KB 70ms
66ms Font
font/woff2 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/assets/fonts/ObjektivMk3_W_Md.woff2
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e14f791629769dc3bfa90eef37b8301cfc8ef567ce3caf2f2d3fefa3008a6171

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
Origin: https://hey.car
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 05:59:51 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 233305
x-cache: Hit from cloudfront
content-length: 25476
last-modified: Tue, 19 Mar 2024 01:38:43 GMT
server: AmazonS3
etag: "3e2577f4b4c84ebb731bf01dd6766f07"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: Pk7mew7qj8Vx6-Xy8QykkyKQIWWisKfvVZU4qbO1EiWcJ6juRej1bQ==

GET
H2 200 heycar_iconfont.woff2
hey.car/assets/fonts/iconFont/ 14 KB
15 KB 161ms
156ms Font
font/woff2 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/assets/fonts/iconFont/heycar_iconfont.woff2
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c617731892cf3feee43396e9a1ab31e04fa0f64c237b8d9f3eb660c631ac93f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
Origin: https://hey.car
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 01:03:56 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 337461
x-cache: Hit from cloudfront
content-length: 14572
last-modified: Sun, 17 Mar 2024 15:38:32 GMT
server: AmazonS3
etag: "999a295c8f19eb3d7cfb662f9c1c3756"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: v_F9RfVsj6UHAviLSyBfItF2oU7D-_jYOAmc-dDLZRoftABjbjgPAg==

GET
H2 200 ObjektivMk3_W_XBd.woff2
hey.car/assets/fonts/ 28 KB
29 KB 75ms
71ms Font
font/woff2 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/assets/fonts/ObjektivMk3_W_XBd.woff2
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80fe1f2cdabdc857090a27c57a9999f15df0f9c19f067585d4436c458b64732f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
Origin: https://hey.car
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 23:08:54 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 257963
x-cache: Hit from cloudfront
content-length: 28904
last-modified: Mon, 18 Mar 2024 15:38:29 GMT
server: AmazonS3
etag: "c25034aa19f9f668327ff78e81700cb9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: EHrVsHGFhC48DO1HR7QtOwQli2JXSqKLAqsxgsalQu_ZBI4_r5ZKWQ==

GET
H2 200 app.c015e219b9a5f7af1784.js Show response
hey.car/client/ 3 MB
631 KB 83ms
79ms Script
application/javascript 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d7ae56d8cdf798bb9f8408d8604055198c3886e4cd170967d87fbd259e67f4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 10:10:49 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 01:40:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 45448
etag: W/"09bcbcd852c5e26fdbf631160925296d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: TRF7TfU0YcX3wbN4rDAhuVnIkLOPhWa1nZqpLzQVuUtUJaF5Pf2tmA==

GET
H2 200 fontfaceobserver.js Show response
hey.car/assets/vendor/ 6 KB
2 KB 94ms
93ms Script
application/javascript 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/assets/vendor/fontfaceobserver.js
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 266bcdbfcd1c383282ff91d5db02e3995ffe48ac9fa11beff7b607d6c6d4c4f3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Mar 2024 23:29:40 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Sat, 16 Mar 2024 15:38:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 429580
etag: W/"25bfefa5df88bb0393aa9ee3d8c9c4ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: JzPR3g6H2d4wAxqFne6e29ziwI532XO_W3vcwn_y9rH03lPzNJX0Ig==

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 149ms
44ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:48:16 GMT
Content-Encoding: gzip
x-amz-request-id: 2YBFDHXY2BG0X743
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2210
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Thu, 28 Mar 2024 23:25:06 GMT

GET
H2 200 icon-magnifier.svg
hey.car/client/assets/tradein/carsale24/ 2 KB
1 KB 75ms
73ms Image
image/svg+xml 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/client/assets/tradein/carsale24/icon-magnifier.svg
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d211b41fb3d4f991c60508bceb2076405f010e84afba51c44c7459a468324964

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 07:49:23 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 01:38:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 590759
etag: W/"6f89c22179a6d212d2ef0c35bb25ddc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: qI66a4Zbuc8JtKmhKx6tauINBH6PgHqh9Sz7mfDhVx7jDXgzww5Mmw==

GET
H2 200 icon-tradein.svg
hey.car/client/assets/tradein/carsale24/ 3 KB
1 KB 78ms
77ms Image
image/svg+xml 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/client/assets/tradein/carsale24/icon-tradein.svg
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9507c23743573c8c4c1789d49544fc48434c82a34dccd49ad55de575e42561aa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 05:29:50 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 01:38:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 580707
etag: W/"293f10ac5c7bbfe5712b9c4a6a6f9f86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: sEV0Qyk-XReseF2Buw3X0vQbzzYIrlTZ6KECRi-lYxNXxuVia7fAAQ==

GET
H2 200 stage-filter-panel.webp
hey.car/assets/home/ 96 KB
97 KB 79ms
77ms Image
binary/octet-stream 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/assets/home/stage-filter-panel.webp
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05166cc0c3e56bfd843cd0f0d7c121a916cb51887f7760cf1e95f3deada31a8c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:31:32 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 20 Mar 2024 01:38:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 148985
etag: "03d58230dbecadadd95833b6d8a9535c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
cache-control: max-age=31536000
content-length: 98410
x-amz-cf-id: gV_OOp87eGsZ3YgZoICzyjCHp0RPhhRUTcHVaLYY3xDFb0-FHxhw6Q==

GET
H2 200 icon_play.png
hey.car/assets/ 2 KB
3 KB 77ms
75ms Image
image/png 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/assets/icon_play.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bc3bd00952daa0cc3d1ec0e189ec029ff0f7db2864d1e8a07a0011d357f4963

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 05:26:15 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 20 Mar 2024 01:38:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 148985
etag: "9aa145946eece16d79f21754f65c2a66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 2285
x-amz-cf-id: HK2zRhUdFQ3Hlcq_rUoq9Bz8mY3kiNP2U3jWLDrlGtwAjtefVuUfNQ==

GET
H2 200 tuv-home.png
hey.car/assets/home/ 47 KB
47 KB 84ms
83ms Image
image/png 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/assets/home/tuv-home.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c7ca0d6e1578dbba62ec2a4fd21aa7af8f0a266c8306e02acb5ab0f8142b427

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 03:57:09 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 22 Mar 2024 01:39:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 586268
etag: "d4af26d55d90e740381e4de666a284ba"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 47665
x-amz-cf-id: PBiYy5RWi4uIWu-ZuI1qvqN_OyInPVh_BTcC25hdS-esIvkexPg5xA==

GET
H2 200 icon-car-blue.svg
hey.car/assets/ 2 KB
2 KB 77ms
76ms Image
image/svg+xml 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/assets/icon-car-blue.svg
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 445659accef9cc2b62db4928833c100343726c846ced7a1dce83ff5e52a85764

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 03:04:43 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 01:38:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 329225
etag: W/"e50d84c9cdaadf49f9d3c30ec834099e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 1_F9ut2VfQy5dEEkc_kNV0DnTG56klAevxFPvzbGBLTVNv0uD4_Obg==

GET
H2 200 8833071.js Show response
js-na1.hs-scripts.com/ 867 B
980 B 154ms
53ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/8833071.js

Requested by

Host: hey.car
URL: https://hey.car/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79922962b52009c9211ac978c6e9b54fce80895c30d7f23ab5a3e6b46152e8c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: a57abd84-f090-499d-a8b8-93b4888b3e8e
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=974
age: 1222
x-envoy-upstream-service-time: 36
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a57abd84-f090-499d-a8b8-93b4888b3e8e
cf-bgj: minify
last-modified: Thu, 28 Mar 2024 22:27:54 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://hey.car
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bd75d656-5fsgr
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cf-ray: 86bb2aae0a5018ef-FRA

GET
H2 200 select-arrow.png
hey.car/assets/ 630 B
953 B 40ms
40ms Image
image/png 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/assets/select-arrow.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8190566f389ec6dbde2b9c50ef83674837576977abb635f1af16a952ef32659a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 02:58:52 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 22 Mar 2024 01:39:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 589765
etag: "3328e595168dbe98b11d09517e467a11"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 630
x-amz-cf-id: fTwkZcOpotDh7FgsdLm2h-wblS8hniT511dKCeJDmJWZ7I_QcLaQ5A==

GET
H2 200 select-arrow-disabled.png
hey.car/assets/ 591 B
917 B 41ms
41ms Image
image/png 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hey.car/assets/select-arrow-disabled.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a90a4f7f5b906f83f007736ac87340312409fc5226782dc15cf8a47dad8a20

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 00:17:39 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 15:38:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 599437
etag: "df5c53b586275218088f26d39002780d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 591
x-amz-cf-id: pNMOQNXwIhpWCq54IpjrNCrmsU5P4ywS3dfvtrhQTOeml3shdRMjBg==

GET
H2 200 sddefault.jpg
img.youtube.com/vi/5NqsCVXv2h4/ 48 KB
48 KB 163ms
39ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/5NqsCVXv2h4/sddefault.jpg

Requested by

Host: hey.car
URL: https://hey.car/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91aa973ca4f3b483ae8d5455ae2a7cc44eb67d7da29402543bfb6d65f934e358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 21:23:28 GMT
x-content-type-options: nosniff
age: 5088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49155
x-xss-protection: 0
server: sffe
etag: "1667225988"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 23:23:28 GMT

OPTIONS
H2 204 last-search
api.common.prod.group-mobility-trader.com/ Frame 0
0 148ms
41ms Preflight 18.193.19.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.common.prod.group-mobility-trader.com/last-search

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.19.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-19-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,recaptcha-token,x-heycar-tenant,x-tracking-guid
Access-Control-Request-Method: GET
Origin: https://hey.car
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Cache-Control,Content-Type,Cookie,DNT,If-Modified-Since,Keep-Alive,Recaptcha-Token,User-Agent,X-Heycar-Bearer,X-Heycar-Language,X-Heycar-Tenant,X-Requested-With,X-Tracking-Guid,trace-id,x-original-forwarded-for,x-faro-session-id,x-api-key
access-control-allow-methods: GET, DELETE, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://hey.car
access-control-max-age: 1728000
date: Thu, 28 Mar 2024 22:48:16 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 count
api.hey.car/search/ Frame 0
0 133ms
40ms Preflight 3.120.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hey.car/search/count?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-59-191.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,recaptcha-token,x-heycar-tenant,x-tracking-guid
Access-Control-Request-Method: GET
Origin: https://hey.car
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Cache-Control,Content-Type,Cookie,DNT,If-Modified-Since,Keep-Alive,Recaptcha-Token,User-Agent,X-Heycar-Bearer,X-Heycar-Language,X-Heycar-Tenant,X-Requested-With,X-Tracking-Guid,trace-id,x-original-forwarded-for,x-faro-session-id,x-api-key
access-control-allow-methods: GET, DELETE, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://hey.car
access-control-max-age: 1728000
date: Thu, 28 Mar 2024 22:48:16 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
o385824.ingest.sentry.io/api/5280304/envelope/ 2 B
299 B 142ms
42ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o385824.ingest.sentry.io/api/5280304/envelope/?sentry_key=690da28bce254fb4b24a4e41513fe295&sentry_version=7

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Mar 2024 22:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 73a4e6eb039d1bcfb8b1.js Show response
hey.car/client/ 10 KB
4 KB 41ms
41ms Script
application/javascript 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/client/73a4e6eb039d1bcfb8b1.js
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f8a38522b7593d6231102435b1956b36af19895ce0576848b5df98e13edb48

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:38:51 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 01:38:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 329226
etag: W/"045f45191b43911dff6b00ddaf464bbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: vcFuACfQo5EFbsdiBJocW108NEg8rKvfdjuKa0LmP74vhd_tKahHKg==

GET
H2 200 last-search Show response
api.common.prod.group-mobility-trader.com/ 34 B
715 B 126ms
46ms Fetch
application/json 18.193.19.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.common.prod.group-mobility-trader.com/last-search

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.19.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-19-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ddcd9f48cf4cb6e304e8980e55706e73a73258f13c6805e5a8fe4abfe3d53cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Recaptcha-Token: undefined
Content-Type: application/json
Accept: application/json
Referer: https://hey.car/
X-Heycar-Tenant: DE
X-Tracking-Guid: null
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff, nosniff
content-encoding: br
etag: W/"0b2be4df4758e3b1e57cf6374dfaa35b1"
x-frame-options: DENY
access-control-allow-methods: GET, DELETE, PUT, POST, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Cache-Control,Content-Type,Cookie,DNT,If-Modified-Since,Keep-Alive,Recaptcha-Token,User-Agent,X-Heycar-Bearer,X-Heycar-Language,X-Heycar-Tenant,X-Requested-With,X-Tracking-Guid,trace-id,x-original-forwarded-for,x-faro-session-id,x-api-key
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET count
api.hey.car/search/ 0
0

GET
H2 200 ba044c4bb0e8f0e3f4df.js Show response
hey.car/client/ 30 KB
10 KB 41ms
40ms Script
application/javascript 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/client/ba044c4bb0e8f0e3f4df.js
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b9f94d97666604e82627bd3ef1c0ee212896fe3abbfd370a16af8bd2054429d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 02:00:12 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 01:40:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 74993
etag: W/"e407d22217f0c16d2c86471df26de8b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: srV5vAfZylbh2kj9WUfKExKr3ds52r9gp3t3EliaAh_o8svjIZb8nQ==

GET
H2 200 ec87a1b9c2887acbcc8a.js Show response
hey.car/client/ 47 KB
13 KB 44ms
43ms Script
application/javascript 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/client/ec87a1b9c2887acbcc8a.js
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e95d64fc89f583cf9db4c224262ecf464bff69888afee36db12b0214c6152ec3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 06:03:43 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Wed, 13 Mar 2024 01:38:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 589248
etag: W/"6b7c2f49459465aa462bb0798daa8cf9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: u-4_5c5GnB0TyQXwcKG5pSUQiFeANm_-kHyc0vyhIZ7syl1_BKDecw==

POST
H2 200 logSeoInfo Show response
hey.car/ 2 B
338 B 47ms
46ms Fetch
application/json 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hey.car/logSeoInfo

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-20.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://hey.car/
sentry-trace: ce2e2d58f3314ec296183bd7fd34902a-b180097af8966409-0
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:16 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block
x-amz-cf-id: Bw6w7tZHnFHpxYdVUCwShzIi75T8eSXEMoj2B1Qn5InGxMX_6web8g==

GET
H/1.1 200
OK 202201_electricVehicles_hc-onsite__hpTile_2x.png
de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/6xmQ01zfmVSzvGNLgXaDfX/69f34ab2f46c11d322a810db60a30422/ 46 KB
46 KB 167ms
52ms Image
image/png 52.219.168.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/6xmQ01zfmVSzvGNLgXaDfX/69f34ab2f46c11d322a810db60a30422/202201_electricVehicles_hc-onsite__hpTile_2x.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.168.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 28f1092c1974b26ced6ab0abc21685f3a7217ee2b0d055b20e46ee263e7f62fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:48:17 GMT
x-amz-version-id: null
Last-Modified: Fri, 04 Aug 2023 17:21:36 GMT
Server: AmazonS3
x-amz-request-id: 78TGCQXRS7G1JB3S
ETag: "db4db3140bf17d90e1834849ef7e727c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 46903
x-amz-id-2: Pwvj21u5/vz/uLnGAF/Y7vtNo7xmg2OayfdMdzWQ+6W66zLqmJZCACQCWRDYfdNOw3G5U4NMisY=

GET
H/1.1 200
OK 202204_cheapSUVs_hc-onsite__hpTile_01_2x.png
de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/oxVEqRMQ7RkpYfjHhJvdI/e47ad88670b4a575dba319a9ae8314d0/ 52 KB
52 KB 170ms
56ms Image
image/png 52.219.168.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/oxVEqRMQ7RkpYfjHhJvdI/e47ad88670b4a575dba319a9ae8314d0/202204_cheapSUVs_hc-onsite__hpTile_01_2x.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.168.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6828c385c00515623c44e8ba15e3bc7bc540820906a94001969db7ad86c23ed1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:48:17 GMT
x-amz-version-id: null
Last-Modified: Fri, 04 Aug 2023 17:24:24 GMT
Server: AmazonS3
x-amz-request-id: 78TP83CY9DWSDN3Q
ETag: "0678c580a30179b57ace32c1a2c178d7"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 52765
x-amz-id-2: iMkRnhonYjh/D8kx8nJPWKm+Ste/v8Ti+ZJV2dr/sKCmsdm7YC8K3JUIqToePippOaOXunA72Xo=

GET
H/1.1 200
OK 202204_reducedSmallCars_hc-onsite__hpTile_2x.png
de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/THI1Iv407BzqPIHwsQGQc/a9d6465e0c6f0f8eb68f212dfe721f73/ 40 KB
41 KB 181ms
68ms Image
image/png 52.219.168.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/THI1Iv407BzqPIHwsQGQc/a9d6465e0c6f0f8eb68f212dfe721f73/202204_reducedSmallCars_hc-onsite__hpTile_2x.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.168.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 99bc393615e8b499de55d6d04373195a15565c899d5cdb98f7dc0f4595d7fc92

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:48:17 GMT
x-amz-version-id: null
Last-Modified: Fri, 04 Aug 2023 17:22:57 GMT
Server: AmazonS3
x-amz-request-id: 78TT4DHWT2N12MHS
ETag: "78c9ad1ebe4c97a81b8e3a2d4369d296"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 41238
x-amz-id-2: QJaP7rX0OjotM5SZI0cZzDF01HRBw77RNtFglQxWwmiSL9prq2A8TyTJvHVl5zYnVMmzef/XMUg=

GET
H/1.1 200
OK Generic-Online-Kauf-hpHero--xl_1x.png
de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/4ClJvM5ckxv2dCJfdHDo0X/365fb306481d8cb3fcb9cd2769801a32/ 16 KB
17 KB 187ms
73ms Image
image/png 52.219.168.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-prod-heycar-images.s3.eu-central-1.amazonaws.com/ctf/car0nghph155/4ClJvM5ckxv2dCJfdHDo0X/365fb306481d8cb3fcb9cd2769801a32/Generic-Online-Kauf-hpHero--xl_1x.png
Requested by: Host: hey.car
URL: https://hey.car/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.168.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b6e9e898769f7dd37345562f23ba34e6d29fcc2b7bb9e6813fb2a1a729290c1e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:48:17 GMT
x-amz-version-id: null
Last-Modified: Fri, 04 Aug 2023 17:16:58 GMT
Server: AmazonS3
x-amz-request-id: 78TNG4NM8D2YMPXF
ETag: "b6205b6da77f408bf9057c727e7f2c08"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16650
x-amz-id-2: Jm87owGhMJuwoYg6hyXCX/Bkpomyt/1sm2Qr9CnfU5v7pS2bS1w7Aq64/oq12SGmnIQXDpnSiIU=

OPTIONS
H2 204 count
api.hey.car/search/ Frame 0
0 40ms
40ms Preflight 3.120.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hey.car/search/count?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-59-191.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,recaptcha-token,x-heycar-tenant,x-tracking-guid
Access-Control-Request-Method: GET
Origin: https://hey.car
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Cache-Control,Content-Type,Cookie,DNT,If-Modified-Since,Keep-Alive,Recaptcha-Token,User-Agent,X-Heycar-Bearer,X-Heycar-Language,X-Heycar-Tenant,X-Requested-With,X-Tracking-Guid,trace-id,x-original-forwarded-for,x-faro-session-id,x-api-key
access-control-allow-methods: GET, DELETE, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://hey.car
access-control-max-age: 1728000
date: Thu, 28 Mar 2024 22:48:16 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 count Show response
api.hey.car/search/ 551 KB
74 KB 124ms
122ms Fetch
application/json 3.120.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hey.car/search/count?

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-59-191.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b1ee7d4017ee01a149d5174a03320b7b1784eea28b6e06f312b16d5716a86ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Recaptcha-Token: undefined
Content-Type: application/json
Accept: application/json
Referer: https://hey.car/
X-Heycar-Tenant: DE
X-Tracking-Guid: null
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-allow-methods: GET, DELETE, PUT, POST, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://hey.car
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Cache-Control,Content-Type,Cookie,DNT,If-Modified-Since,Keep-Alive,Recaptcha-Token,User-Agent,X-Heycar-Bearer,X-Heycar-Language,X-Heycar-Tenant,X-Requested-With,X-Tracking-Guid,trace-id,x-original-forwarded-for,x-faro-session-id,x-api-key
x-xss-protection: 1; mode=block

GET
H2 200 8833071.js Show response
js.hs-analytics.net/analytics/1711664700000/ 66 KB
21 KB 166ms
68ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1711664700000/8833071.js
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af63e9f6cacf50534b1ffdfbf0a21bc832b2610ee0e22ad88b5a789153304dec

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:17 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: F38Z0F5PXMJSC9EK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 492e853b-6cee-4bcd-b2bc-32a9488dc8ac
age: 8
x-envoy-upstream-service-time: 18
x-amz-id-2: OBd18vhPq0mnjegpkoNSPj7RKrDGZ/5ioLFzPaKoIRG4h2jru7QxCp0yRxRiCr4AD+N8K+L7QPs=
x-evy-trace-listener: listener_https
x-request-id: 492e853b-6cee-4bcd-b2bc-32a9488dc8ac
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 18 Mar 2024 20:43:34 GMT
server: cloudflare
etag: W/"301d66926373d2f096228500ef0340d2"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6dfb9475dd-88fff
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 86bb2ab2599665c3-FRA
expires: Thu, 28 Mar 2024 22:53:09 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8833071/ 70 KB
23 KB 147ms
54ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8833071/banner.js
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb262081ed126056fdc2febe9ec1ad4a4c9e2a86a12d3fb62964eb90825cb99

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:17 GMT
x-amz-version-id: 0NSw9aa9DU5_vDYQ5lWdKYYyrqit59Gs
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4S9A28XPD0GNYSKP
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 78c89d89-3bef-4802-9ffb-157c09a943d6
age: 143
x-envoy-upstream-service-time: 121
x-amz-id-2: JuTzpzSewW49jDHSmbFzxpubeMPjmlc1BYnUZFywbht3Dl3QvPdwz8OmEXvEmh487DMuNqL8l1M=
x-evy-trace-listener: listener_https
x-request-id: 78c89d89-3bef-4802-9ffb-157c09a943d6
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 06 Mar 2024 16:37:43 GMT
server: cloudflare
etag: W/"8c8639e6aac88c13af6451d943170197"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://hey.car
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 86bb2ab25e2c3718-FRA
expires: Thu, 28 Mar 2024 22:50:54 GMT

OPTIONS
H2 204 search
api.hey.car/ Frame 0
0 40ms
40ms Preflight 3.120.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hey.car/search?reducedContent=true&size=10&specialOffers=reducedPrice

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-59-191.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,recaptcha-token,x-heycar-tenant,x-tracking-guid
Access-Control-Request-Method: GET
Origin: https://hey.car
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Cache-Control,Content-Type,Cookie,DNT,If-Modified-Since,Keep-Alive,Recaptcha-Token,User-Agent,X-Heycar-Bearer,X-Heycar-Language,X-Heycar-Tenant,X-Requested-With,X-Tracking-Guid,trace-id,x-original-forwarded-for,x-faro-session-id,x-api-key
access-control-allow-methods: GET, DELETE, PUT, POST, PATCH, OPTIONS
access-control-allow-origin: https://hey.car
access-control-max-age: 1728000
date: Thu, 28 Mar 2024 22:48:16 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 search Show response
api.hey.car/ 481 KB
69 KB 51ms
50ms Fetch
application/json 3.120.59.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hey.car/search?reducedContent=true&size=10&specialOffers=reducedPrice

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-59-191.eu-central-1.compute.amazonaws.com

Software

Resource Hash

7b64fab72c06888c5afcd5d9e5e876633fb5b551079b9034c10bd3059add0072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Recaptcha-Token: undefined
Content-Type: application/json
Accept: application/json
Referer: https://hey.car/
X-Heycar-Tenant: DE
X-Tracking-Guid: null
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-allow-methods: GET, DELETE, PUT, POST, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://hey.car
access-control-allow-credentials: true
x-tracking-guid: null
access-control-allow-headers: Authorization,Cache-Control,Content-Type,Cookie,DNT,If-Modified-Since,Keep-Alive,Recaptcha-Token,User-Agent,X-Heycar-Bearer,X-Heycar-Language,X-Heycar-Tenant,X-Requested-With,X-Tracking-Guid,trace-id,x-original-forwarded-for,x-faro-session-id,x-api-key
x-xss-protection: 1; mode=block

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 441ms
176ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=800x600&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2141725003&v=1.1&a=8833071&rcu=https%3A%2F%2Fhey.car%2F&pu=https%3A%2F%2Fhey.car%2F&t=Autos+gebraucht+kaufen+mit+Garantie+bei+heycar&cts=1711666097335&vi=add1ac0530e4862a5448f058e2fef517&nc=true&u=171778367.add1ac0530e4862a5448f058e2fef517.1711666097331.1711666097331.1711666097331.1&b=171778367.1.1711666097332&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ca21ec4a-f183-4336-9b2c-b3473b9bc9b4
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ca21ec4a-f183-4336-9b2c-b3473b9bc9b4
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnFrZAJDdopTN7hQQV%2BGlV%2Fb9jZdN%2FdrnVOyjl7L7Ex%2BT%2FmiIJWdt3%2FkjXs%2BgvWX0ZkovmvN8lFwbhXBROPUXPkEGoh0%2BQEqTKybf25oUc8CIu4fen%2BGDxiN3g22gR2ECKmKzmA2P0STD2%2BtOgP3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7457b666c6-7kkqr
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 86bb2ab62a2d972b-FRA
x-robots-tag: none

GET
H2 200 favicon-32x32.png
hey.car/assets/pwa/ 1 KB
2 KB 42ms
41ms Other
image/png 99.86.4.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hey.car/assets/pwa/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-20.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a29b5ee438c2dfe66484c12e43c69407227b4acd42fb77d2a5c40add7f8d5133

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 22:52:12 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Fri, 22 Mar 2024 15:39:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 518166
etag: "6d96778b7db97eef82718f5b23e45352"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
content-length: 1278
x-amz-cf-id: O_Rb319vKagDZ0gg8I6Zr_cUWvWocMTcglqS2AxYyRNVifwLdYWuzg==

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 134ms
43ms Script
application/x-javascript 52.222.236.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:27:23 GMT
content-encoding: gzip
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P4
age: 76857
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: XO32T4JltRHUzeeZjc4s91dCxIq1VI8herIhHRpV24m--DyioTxoTg==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/e1qNrDsAvRrhX5On398tRriHwGyAm378/ 108 KB
29 KB 186ms
49ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/e1qNrDsAvRrhX5On398tRriHwGyAm378/analytics.min.js
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b635c4a617f129540918ff09f0ac171767c92ff07dd77fb7974219d63c6b2054

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5oxdU8INVmD99VrJOZJMOiKbMLMurcG_
content-encoding: br
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
date: Thu, 28 Mar 2024 22:46:56 GMT
x-amz-cf-pop: FRA6-C1
age: 83
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Jan 2024 21:33:53 GMT
server: AmazonS3
etag: W/"970be2756a3e3f0d89930eed1af7e9f2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 9xKfcC_zqEklbMpX7I0yLMTKcX5Qf4E62DTBiVTe0yMVc4wLE4gqLA==

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/ Frame 93AD 0
0 119ms
40ms Document
text/html 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=5c65db740526720001ee299b

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hey.car/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 59002
cache-control: max-age=86400
content-encoding: gzip
content-length: 3454
content-type: text/html
date: Thu, 28 Mar 2024 06:24:58 GMT
etag: "40ade50b0e774e77aa724c8056b1e82f"
last-modified: Thu, 13 Jul 2023 07:02:09 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-id: tF3l_L4LjXt-klmawwXToJvvjPmWeK9-RdU4WCEYQDvels1u3qMndQ==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame DB7D 0
0 115ms
40ms Document
text/html 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5c65db740526720001ee299b

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hey.car/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 63031
cache-control: max-age=86400
content-encoding: gzip
content-length: 2109
content-type: text/html
date: Thu, 28 Mar 2024 05:17:49 GMT
etag: "991f71c8583c65f71143c6e83300ea2e"
last-modified: Mon, 08 May 2023 11:39:52 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-id: AXprzHV3I61F480rLPaf70ETW5wdM6GX2hfXHCeG_71Jrju18rVTEg==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/e1qNrDsAvRrhX5On398tRriHwGyAm378/ 6 KB
2 KB 121ms
39ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/e1qNrDsAvRrhX5On398tRriHwGyAm378/settings
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff0f900e2a64e637a0862387ab526b61f55f8cb2ebe55fa7678fedb9ab126609

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 54IDAf3FOI8spz5ab_6b8fWLMhmtt6KV
content-encoding: br
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
date: Thu, 28 Mar 2024 20:19:23 GMT
x-amz-cf-pop: FRA6-C1
age: 8937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Apr 2023 09:03:33 GMT
server: AmazonS3
etag: W/"09297de0a36c5e73cf819506aa781b95"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: KV_CfvWa3Vqg8NXguoQbGijC4M6J4Vzz037Locxm4pvcKdJbdsN7Tw==

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 40ms
39ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/e1qNrDsAvRrhX5On398tRriHwGyAm378/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 11584792
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 1OENTL0N-Q-NaIkdLLj74tgCTDc30Au9n-ESXEk3En3RvJRinve-hw==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 39ms
39ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/e1qNrDsAvRrhX5On398tRriHwGyAm378/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Jan 2024 02:55:30 GMT
x-amz-version-id: V60E1KIihu6zH2vDCNSI7M1UDRGAx6m0
content-encoding: br
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5946769
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 20 Jan 2024 01:04:52 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: TNrSo-0ava_xgU-JUYKYiiRXLoPitanuOKiFMkps_XfjIUEMn3PSzw==

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 41ms
40ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Jan 2024 16:20:03 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-version-id: K4QGNkPJBd_QhAl8Ep7SDksdcNN7fIa5
x-amz-cf-pop: FRA6-C1
age: 5639297
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: s5cZfL63w-7wTq8q1QIIWC5PC3O2Q4lXHVeMEyVqmsJUxCXE2kSGyA==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 44ms
43ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 06 Mar 2024 01:14:37 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-version-id: S8v5d5P0qfDBSEoPSWLZchRWN2umr8zx
x-amz-cf-pop: FRA6-C1
age: 1978423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 6hmX_318dwKYgZiRulyWT-LgiE1Xb93xnPKoG2w_boXIr3LEczrUdw==

GET
H2 200 mixpanel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/ 8 KB
4 KB 44ms
44ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/mixpanel.dynamic.js.gz
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e15216f9af8cf124d19716c4d4550d4cd46b3215109f438d5bf8eab9618db67

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Jan 2024 07:30:01 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-version-id: aVzMyCOl1_e0a0vlmyo5jGIJxFV1GutO
x-amz-cf-pop: FRA6-C1
age: 6103099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3261
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "4b707616bb405dad306d9a7746c54485"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: -fW2x5yuixN8xUmki41C0V8-lzHRFiEsrlEPyAGJKrPWoKDp4Y74VQ==

GET
H2 200 hotjar.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/ 3 KB
2 KB 45ms
45ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 02 Feb 2024 21:13:34 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-version-id: wvBq3ngq39jEwyczNJNamGJMP9shR_wj
x-amz-cf-pop: FRA6-C1
age: 4757685
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1336
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "4cd7c93a55ce331d264d9a857bd044ed"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: kRsVuBpFZ3RYnHjYMh2sK7vlBDEk3c-s3PjYvRUeqmxUgtzU6ueL_A==

GET
H2 200 bing-ads.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/ 2 KB
2 KB 45ms
45ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/bing-ads.dynamic.js.gz
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcc5947420bac95a9ee88dc4782ae6101a53a397e25b582b468979318eb71171

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 03 Feb 2024 07:47:26 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-version-id: BV9QwSHXzCsHy2qP_9dxJRJ1T83OJ9Zp
x-amz-cf-pop: FRA6-C1
age: 4719654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1135
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "9268c923e39afefe912025bc37ceb2f5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: CNUGvdC2L4WKCZEPBcO74JDQNNcroe3xiyj-poy4wsu8rIm5VKCrdA==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 46ms
45ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 31 Jan 2024 09:56:24 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-version-id: iBgkeROQ82ipYgPNwFnoDehQ.U3dPJg.
x-amz-cf-pop: FRA6-C1
age: 4971116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Wed, 18 Oct 2023 10:36:34 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 9DeqAbbuJMa0DsaWaOQoCII2nor9IQ68kLGg_skX4lgmEBchg8KiSg==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 46ms
45ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 21:32:12 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-version-id: HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop: FRA6-C1
age: 609368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Fri, 08 Mar 2024 07:35:27 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 2bkVPixzoz6xxd_Ea6xW4tvC1-X3_HPJfBGp7iwCdd1YjDMIUeg5Xw==

GET
H2 200 hotjar-928769.js Show response
static.hotjar.com/c/ 9 KB
4 KB 148ms
48ms Script
application/javascript 52.222.139.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-928769.js?sv=6

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-110.ams50.r.cloudfront.net

Software

Resource Hash

4dfaac81c5c11ae346745978e3cfaa5b1700a0c8a43da0d3148e4a9e06a856fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Mar 2024 22:48:20 GMT
via: 1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 34
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d09af2b2f6d35e6e4bb76327c89cffb3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: SvP1u6eBHaN64G61jTNNdeLHNsKAJa9eHL1lawa7o27JDEqj7HZevA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 136ms
38ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Mar 2024 21:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3612
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Mar 2024 23:48:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 130ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Mar 2024 22:48:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: JBJ55EX/AMt4dsr1/mEaymHaM4z7Dy4+cQnwgLTsdJbkX1iKUiipJf+/OvrS3TDLea3m/EwTs2wKmWyAm+bQSQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 54 KB
19 KB 137ms
41ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:44:27 GMT
content-encoding: gzip
age: 233
x-guploader-uploadid: ABPtcPpjPe1H96vmCZpZYL9j5gkwTa1pTOinnIVknYNwlhKfx0ISQ_uerHGDoS7CaQcT6L5fF7U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18490
last-modified: Tue, 06 Feb 2024 00:09:36 GMT
server: UploadServer
etag: "eb0675a8749ea5d76345796217db928f"
vary: Accept-Encoding
x-goog-generation: 1707178176338436
x-goog-hash: crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18490
accept-ranges: bytes
expires: Thu, 28 Mar 2024 22:54:27 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 175ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 28 Mar 2024 22:48:19 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7ACA6D8E43774A029F6C201C436E9F7A Ref B: FRA31EDGE0612 Ref C: 2024-03-28T22:48:20Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 399 KB
111 KB 159ms
50ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8MNST6&l=dataLayer

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

176aa5fa5a355a27e234e6456205b981f9fd19615a92d5737ba2b44a8f1ddc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113382
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 21:08:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 22:48:20 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
168 B 657ms
211ms Fetch
application/json 54.203.25.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.203.25.147 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-203-25-147.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hey.car
date: Thu, 28 Mar 2024 22:48:20 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 modules.ad6500eebe72fe1c39dd.js Show response
script.hotjar.com/ 220 KB
55 KB 148ms
44ms Script
application/javascript 13.227.219.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ad6500eebe72fe1c39dd.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-928769.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-120.ams54.r.cloudfront.net

Software

Resource Hash

6265ca724f73e24568a94c7ea752b44e491c10231bfc8e80e86cd3f02eab2e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 201074
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55561
last-modified: Tue, 26 Mar 2024 14:56:24 GMT
etag: "f703d086dd13480e3864cec4546e74ca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: iRkUn_NqLsnA4wrdUq6zA3yFDQZHbSsPyeBsf_BQSWAFcAKcO7Wg7w==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 128 KB
50 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-M2GKDZP&cid=860458282.1711666100

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

edd37d7fcea9df1cb3f485428d1d3af3054943a87f562d9c7c51dd1f3c462277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50432
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 22:18:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 22:48:20 GMT

GET
H2 204 25020334.js Show response
bat.bing.com/p/action/ 0
117 B 68ms
68ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25020334.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 28 Mar 2024 22:48:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A414DE522FA41B09D71DC50237AF4CD Ref B: FRA31EDGE0612 Ref C: 2024-03-28T22:48:20Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 131ms
131ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25020334&Ver=2&mid=edcc04e0-f5e8-40aa-a5f9-ee4a66198bc3&sid=46387bc0ed5511ee8244d3f5bdef95fa&vid=4638b700ed5511eeadb39968cc0d4d95&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&p=https%3A%2F%2Fhey.car%2F&r=&lt=1689&evt=pageLoad&sv=1&rn=556572

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 22:48:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 053B7A93AE184757A06E4B7430DCDE96 Ref B: FRA31EDGE0612 Ref C: 2024-03-28T22:48:20Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 741237876083995 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 45ms
44ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/741237876083995?v=2.9.151&r=stable&domain=hey.car&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd73c980e11cc8f8fd9f8b05f355e02bfe5760c337374cf34d655c7788ff1977

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Mar 2024 22:48:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11843
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=63, mss=1294, tbw=63209, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: k8zE71eNiQeDghNi7hwRnMI0Sv7XDHWFbmzcSW1Om/dMie1fx9swZ7bknV6BbtCFZBVfJgR9WmU4Y7Cxg7MVyg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
83 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WZGJ14G4ZM&l=dataLayer&cx=c

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d686226ce12e3d6bb885bb90e50288a2f317509efdb99a20d0d89fba625c13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84812
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Mar 2024 22:48:20 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 222 KB
80 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-836761596&l=dataLayer&cx=c

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3b3174067d95206c8669cea370f184117d7bcff8b641ce498ecb23455243b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81880
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 21:08:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Mar 2024 22:48:20 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 40ms
40ms Script
text/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Mar 2024 21:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Mar 2024 23:38:42 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
57 KB 47ms
46ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Mar 2024 22:48:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4328, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Gw5PtZXVr1yqUO0WUqeJA5/MVaEo9huBsxu+elfuVz0bHjKJbTyppdNa4rlJLeMfxIrKu+a2zgQ7md51cy7Ipg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 47 KB
15 KB 196ms
90ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a3079657dfdc9d6cf095aa78e354abd79b829219afd5f6244452323f5101fccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 28 Feb 2024 19:26:21 GMT
server: nginx
etag: W/"65df88dd-bc93"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Mar 2024 22:48:20 GMT

GET
H2

200

tags Show response
creativecdn.com/
Redirect Chain

https://creativecdn.com/tags?type=script&id=pr_Vl8Hky5WckrgZC5brdjk_home
https://creativecdn.com/tags?type=script&id=pr_Vl8Hky5WckrgZC5brdjk_home&tc=1

1 KB
943 B

42ms
41ms

Script
application/javascript

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=script&id=pr_Vl8Hky5WckrgZC5brdjk_home&tc=1
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 0ace1ff3011c87a24f561d802a50c41881fdb975dee6ec844027830412362872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hey.car/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT, Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: gzip
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 588
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT, Thu, 28 Mar 2024 22:48:20 GMT
access-control-max-age: 3600
vary: Origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST
location: https://creativecdn.com/tags?type=script&id=pr_Vl8Hky5WckrgZC5brdjk_home&tc=1
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

tags
creativecdn.com/ Frame 0E64
Redirect Chain

https://creativecdn.com/tags?id=pr_Vl8Hky5WckrgZC5brdjk
https://creativecdn.com/tags?id=pr_Vl8Hky5WckrgZC5brdjk&tc=1

0
0

45ms
45ms

Document
text/plain

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?id=pr_Vl8Hky5WckrgZC5brdjk&tc=1
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://hey.car/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 28 Mar 2024 22:48:20 GMT Thu, 28 Mar 2024 22:48:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?id=pr_Vl8Hky5WckrgZC5brdjk&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
vary: Origin

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 244ms
145ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGV8J5RC77UEADR77TA0&lib=ttq
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9afba7da5a04549430887cdaf22ae2655eb36d0b883e43fc1e7a1350faa21e65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2059191
date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403282248209F1525128968F6215AAC-7D8C73CC6D93A424-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=8, origin; dur=97
content-length: 1890
pragma: no-cache
server: nginx
x-tt-logid: 202403282248209F1525128968F6215AAC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,2.20.179.79
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b95a96fbc2f15e7ce490034a888d9e095f2f4d795f65fc60542614a83c3d36c66064a9d06456a5d6243f52de874aba58610fcf9922e01c3936f7fd547f675cbc89f4b488f6227929c443e26a3ffda93eb99
expires: Thu, 28 Mar 2024 22:48:20 GMT

GET
H3 200 693149349676451 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 41ms
40ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/693149349676451?v=2.9.151&r=stable&domain=hey.car&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104%2C182%2C181%2C183%2C188%2C189%2C190%2C186%2C178%2C121%2C149%2C177%2C179%2C112%2C143%2C134%2C138%2C118%2C173%2C214%2C105%2C215%2C151%2C109%2C132%2C125%2C113

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

edc5577fa6da00c55dc1a2b8418054757680a63f7b6ea8b13111643e29b94ded

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Mar 2024 22:48:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2709
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=67, mss=1232, tbw=65784, tp=62, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: VrdkeO/DV63mGJJw5Qr4WoF4VDUD3ak6jDWvtMOLE5aYrXKzzUcyIpmhBznyRazwDPZJuGbzsyj+pdIEeTxGwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 144ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=741237876083995&ev=PageView&dl=https%3A%2F%2Fhey.car%2F&rl=&if=false&ts=1711666100370&sw=800&sh=600&ud[external_id]=c1ecbbb6ad60a57a87b17286477eb78163b680f751c34a17941909e096eb84dd&v=2.9.151&r=stable&a=seg&ec=0&o=4126&fbp=fb.1.1711666100358.408202674&ler=empty&cdl=API_unavailable&it=1711666100144&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-6a0bdae3df2b2c7ce08dbece5d87c218&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2797, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 28 Mar 2024 22:48:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 928769 Show response
vc.hotjar.io/sessions/ 0
231 B 194ms
66ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/928769?s=0.25&r=0.23336272238379596
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 28 Mar 2024 22:48:20 GMT
cache-control: no-store
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: P0ezhDNW90q50-c6b05jzkwpGCHG6NxOyF5jiephmgt_sybYiCoOiQ==
x-cache: Miss from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 47ms
47ms XHR
text/plain 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1826256648&t=pageview&_s=1&dl=https%3A%2F%2Fhey.car%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=aHBAAEADQAAAACgCIAB~&jid=1439748774&gjid=1689428313&cid=860458282.1711666100&tid=UA-92335130-3&_gid=1530065824.1711666100&_r=1&_slc=1&cd2=49503f1baa10fd36dc3a3be2af39495b&cd5=49503f1baa10fd36dc3a3be2af39495b&z=157275603

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

2c391e1e3ec4cd43e9fe123e83bedcf1ca2cb6506836abc64663f6d8b964b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 49ms
48ms XHR
text/plain 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1826256648&t=pageview&_s=1&dl=https%3A%2F%2Fhey.car%2F&ul=en-us&de=UTF-8&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=aHDAAEADQAAAACgCIAD~&jid=8757981&gjid=387416444&cid=860458282.1711666100&tid=UA-92335130-10&_gid=1530065824.1711666100&_r=1&_slc=1&gtm=45He43r0n81P8MNST6v812314972za200&cd4=Thu%20Mar%2028%202024%2023%3A48%3A20%20GMT%2B0100%20(Central%20European%20Standard%20Time)&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1536141599

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

d297a6c69032f93ca70f0c5a3ab227aee7bb353428d28b23df6ec152132330b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 48ms
47ms XHR
text/plain 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1826256648&t=pageview&_s=1&dl=https%3A%2F%2Fhey.car%2F&ul=en-us&de=UTF-8&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=aHDAAEADQAAAACgCIAD~&jid=445475981&gjid=1798255440&cid=860458282.1711666100&tid=UA-180738772-1&_gid=1530065824.1711666100&_r=1&_slc=1&gtm=45He43r0n81P8MNST6v812314972za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1099307963

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

2590c0d61e7b9a132b5c61b870dbed99dfdd0336d1185b06e2d82978fd62e25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1826256648&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhey.car%2F&ul=en-us&de=UTF-8&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sd=24-bit&sr=800x600&vp=1600x1113&je=0&ec=set_Cid&ea=set_Cid&_u=aHDAAEADQAAAACgCIAD~&jid=&gjid=&cid=860458282.1711666100&tid=UA-92335130-10&_gid=1530065824.1711666100&gtm=45He43r0n81P8MNST6v812314972za200&cd2=49503f1baa10fd36dc3a3be2af39495b&cd5=49503f1baa10fd36dc3a3be2af39495b&cd3=860458282.1711666100&cd4=Thu%20Mar%2028%202024%2023%3A48%3A20%20GMT%2B0100%20(Central%20European%20Standard%20Time)&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2067733806

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 03:40:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68883
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1826256648&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhey.car%2F&ul=en-us&de=UTF-8&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sd=24-bit&sr=800x600&vp=1600x1113&je=0&ec=undefined&ea=undefined&_u=aHDAAEADQAAAACgCIAD~&jid=&gjid=&cid=860458282.1711666100&tid=UA-180738772-1&_gid=1530065824.1711666100&gtm=45He43r0n81P8MNST6v812314972za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cg1=Home&npa=1&z=1637991128

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 03:40:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68883
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
41ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1826256648&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhey.car%2F&ul=en-us&de=UTF-8&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sd=24-bit&sr=800x600&vp=1600x1113&je=0&ec=Marketing%20Dimensions&ea=undefined&_u=aHDAAEADQAAAACgCIAD~&jid=&gjid=&cid=860458282.1711666100&tid=UA-180738772-1&_gid=1530065824.1711666100&gtm=45He43r0n81P8MNST6v812314972za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=511652396

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 03:40:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68883
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 161ms
46ms XHR
text/plain 2a00:1450:400c:c00::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-92335130-3&cid=860458282.1711666100&jid=1439748774&gjid=1689428313&_gid=1530065824.1711666100&_u=aHBAAEACQAAAACgCIAB~&z=1202731245

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
94 KB 65ms
63ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E1CM59JHH0&cx=c&_slc=1

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7fe8b375436bf91d8d3e679fadd63d7e5a80f6b397b81ac96ce19f92bde61ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Mar 2024 22:48:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 159ms
47ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WZGJ14G4ZM&gtm=45je43r0v897518536z8812314972za200&_p=1711666099899&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=860458282.1711666100&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711666100&sct=1&seg=0&dl=https%3A%2F%2Fhey.car%2F&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&en=page_view&_fv=1&_ss=1&ep.cd_fullReferrer=&ep.cd_fullUrl=https%3A%2F%2Fhey.car%2F&ep.cd_timestamp=Thu%20Mar%2028%202024%2023%3A48%3A20%20GMT%2B0100%20(Central%20European%20Standard%20Time)&tfd=4937
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WZGJ14G4ZM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
90 KB 62ms
57ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-25CKVPFB5V&cx=c&_slc=1

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

df34f988072bed9c204ee892d7498ac369662e8b46546caa4df68e439149d71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91858
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Mar 2024 22:48:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 72ms
48ms XHR
text/plain 2a00:1450:400c:c00::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-180738772-1&cid=860458282.1711666100&jid=445475981&gjid=1798255440&_gid=1530065824.1711666100&npa=1&_u=aHDAAEADQAAAACgCIAD~&z=1781137718

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 72ms
71ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E7FGLXJB9T&cx=c&_slc=1

Requested by

Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

de01d8704e8e3affc2acec6e20f16c7f6199734bf6df42c1a0217b92e222b641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Mar 2024 22:48:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 43ms
38ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=693149349676451&ev=PageView&dl=https%3A%2F%2Fhey.car%2F&rl=&if=false&ts=1711666100647&sw=800&sh=600&v=2.9.151&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1711666100358.408202674&ler=empty&cdl=API_unavailable&it=1711666100144&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=13, mss=1294, tbw=3150, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 28 Mar 2024 22:48:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.MWIzOGRhOGZjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 425 KB
112 KB 45ms
41ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Requested by: Host: hey.car
URL: https://hey.car/client/app.c015e219b9a5f7af1784.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 205952f
date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202403181010165E8A43A1748A86E9FEFD
x-tt-trace-id: 00-2403181010165E8A43A1748A86E9FEFD-4F0161A88BC5C29C-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01214cfe0acc18f50992ab16e2dab500cd1e69a35a432411acad8b214a652e98a57c411d47348613484aa122477fe5e15669bff0ee78c926de483674b50f1556cc4f6d7a23d4fd33048dc640da03662a30cc7f65813efac0ea506e5a9cc3909e77
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 114150

GET
H2 200 syncframe
gum.criteo.com/ Frame 5526 0
0 166ms
49ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=hey.car&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hey.car/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 22:48:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 452088
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 tags
creativecdn.com/ Frame D27A 0
0 55ms
39ms Document
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=iframe&id=pr_Vl8Hky5WckrgZC5brdjk_home&tc=1
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?type=script&id=pr_Vl8Hky5WckrgZC5brdjk_home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: https://hey.car/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 53ms
46ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E1CM59JHH0&gtm=45je43r0v9135210520za200&_p=1711666099899&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=800x600&cid=860458282.1711666100&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhey.car%2F&dp=%2F&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sid=1711666100&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=49503f1baa10fd36dc3a3be2af39495b&ep.ua_dimension_5=49503f1baa10fd36dc3a3be2af39495b&tfd=5106
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1CM59JHH0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 52ms
51ms Ping
text/plain 2a00:1450:400c:c00::9c

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E1CM59JHH0&cid=860458282.1711666100&gtm=45je43r0v9135210520za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1CM59JHH0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 157ms
50ms Image
image/gif 172.217.16.195

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E1CM59JHH0&cid=860458282.1711666100&gtm=45je43r0v9135210520za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&z=1042747726

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 146ms
57ms Image
image/gif 216.58.212.164

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-92335130-3&cid=860458282.1711666100&jid=1439748774&_u=aHBAAEACQAAAACgCIAB~&z=697726485

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 156ms
51ms Image
image/gif 172.217.16.195

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-92335130-3&cid=860458282.1711666100&jid=1439748774&_u=aHBAAEACQAAAACgCIAB~&z=697726485

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 137ms
50ms Image
image/gif 216.58.212.164

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180738772-1&cid=860458282.1711666100&jid=445475981&npa=1&_u=aHDAAEADQAAAACgCIAD~&z=1880393953

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 155ms
51ms Image
image/gif 172.217.16.195

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180738772-1&cid=860458282.1711666100&jid=445475981&npa=1&_u=aHDAAEADQAAAACgCIAD~&z=1880393953

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-25CKVPFB5V&gtm=45je43r0v9126255714za200&_p=1711666099899&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=800x600&cid=860458282.1711666100&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhey.car%2F&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sid=1711666100&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=Thu%20Mar%2028%202024%2023%3A48%3A20%20GMT%2B0100%20(Central%20European%20Standard%20Time)&tfd=5170
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-25CKVPFB5V&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
45ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E7FGLXJB9T&_ono=1&gtm=45je43r0v9134480848za200&_p=1711666099899&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=800x600&cid=860458282.1711666100&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhey.car%2F&dt=Autos%20gebraucht%20kaufen%20mit%20Garantie%20bei%20heycar&sid=1711666100&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5235
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E7FGLXJB9T&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 49ms
48ms Ping
text/plain 173.194.76.154

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-E7FGLXJB9T&cid=860458282.1711666100&gtm=45je43r0v9134480848za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E7FGLXJB9T&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.76.154 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hey.car
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
50ms Image
image/gif 172.217.16.195

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-E7FGLXJB9T&cid=860458282.1711666100&gtm=45je43r0v9134480848za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&z=1057594943

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_05ea2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 45ms
44ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_05ea2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 205988b
date: Thu, 28 Mar 2024 22:48:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240314134152A3F3EA39CBCD9011723C
x-tt-trace-id: 00-240314134152A3F3EA39CBCD9011723C-777216768FD3D45C-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a504a3b3c82f6e2ffa3b4251eb31bb684deb67c49861804d4fa49b069f0056b9aa60b0dc3246832eb20a4545f8bcdb2f31cca3e56f68630a6056f525e52c91b3b2903e1298d4b9ae131dd4ecc53bb8df12edccc847bf76d696db50850756ec49
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 37028

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 168ms
167ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 20599d9
date: Thu, 28 Mar 2024 22:48:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240328224821B43E4EB782640C22275C-17D2EF4D94018EE2-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=25, cdn-cache; desc=MISS, edge; dur=5, origin; dur=110
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240328224821B43E4EB782640C22275C
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 110,2.20.179.79
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b95a96fbc2f15e7ce490034a888d9e095f28b80cb1d04457b376c57184a2a5d3dbd5e89b77981217b48f71f4b768f38ea83e141874e54cd800d2dc3a1e92716030c5726b5d88f6a66f6b3fb01a4e363f0f0
access-control-allow-headers: Authorization,*
expires: Thu, 28 Mar 2024 22:48:21 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 289ms
53ms Script
application/x-javascript 178.250.1.9

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=56862&v=5.23.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=_RJCI191UzhzTVQxZkZYS2NFdjhRVVhvb2VpT3RHelE0a3pMM0V4RCUyQnRSNDlWWUFoOWIzMmh0bHkzSEppMTVVUXNIdlhBN0I2WDhrQ2ljc3dzbldXRVBIOU9pWjAxS2JmR1pnWGl5enlJTFpFJTJCb3IwJTJGV0dvNG9mQyUyQmx3d1Qwb1l2JTJGSHJPaWJqcFRoZmIxamlDS3NRUEZsc3d3JTNEJTNE&tld=hey.car&fu=https%253A%252F%252Fhey.car%252F&ceid=e67bd339-876f-4269-9589-a8d252aee912&dtycbr=34150

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

fb023f3363b94163032a09ae8449c8000783d1fc4bd5a784a527ce7c23ef5fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11255654
timing-allow-origin: *
expires: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
698 B 170ms
169ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hey.car/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2059d04
date: Thu, 28 Mar 2024 22:48:21 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24032822482182563BF251A4B84AD635-52C4018EB652C081-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=17, origin; dur=112
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024032822482182563BF251A4B84AD635
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 112,2.20.179.79
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b95a96fbc2f15e7ce490034a888d9e095f2b86e6c31d39c30457a9d41c27cee6459dad77404c48f4782de0d4bb859ee2e03471df300d00b80c87174b08ba33f35cd971b5bfa7dc74a1aeeeb202fca9e971f
access-control-allow-headers: Authorization,*
expires: Thu, 28 Mar 2024 22:48:21 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E4A4 170 B
409 B 150ms
49ms Image
image/png 172.217.16.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-qfJ0DJNaBGOxqgSELI7X1yeNv7MgutDvJ2YT6Q&google_cm&google_hm=ay1xZkowREpOYUJHT3hxZ1NFTEk3WDF5ZU52N01ndXREdkoyWVQ2UQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E4A4 43 B
235 B 197ms
42ms Image
image/gif 35.214.149.91

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HcZKZJNaBGOxqgSELI7X1yeNv7O3-ZZ-VjrfQw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 22:48:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E4A4
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4970712722954123393

43 B
370 B

45ms
44ms

Image
image/gif

178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4970712722954123393

Protocol

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1826633
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Mar 2024 22:48:21 GMT
an-x-request-uuid: 2c2e2784-bad1-4505-a65b-6abb56631d54
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4970712722954123393
x-proxy-origin: 80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame E4A4 57 B
812 B 247ms
141ms Image
image/gif 184.30.20.22

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-RJ26nJNaBGOxqgSELI7X1yeNv7MnJHQcLqx-WA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 28 Mar 2024 22:48:21 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Thu, 28 Mar 2024 22:48:21 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame E4A4 0
239 B 173ms
39ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-381Z0JNaBGOxqgSELI7X1yeNv7O1otIA4Jtb2Q&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f2725c115d816cae2dce6044d9cf3fcf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E4A4 43 B
163 B 252ms
49ms Image
image/gif 164.132.25.184

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-DfinXJNaBGOxqgSELI7X1yeNv7NrE5cpjPQjOQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.132.25.184 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:20 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E4A4 0
99 B 181ms
42ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-L6J0iJNaBGOxqgSELI7X1yeNv7O6l6tCpuI5nQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41518

GET
H2 200 um
criteo-sync.teads.tv/ Frame E4A4 23 B
163 B 214ms
66ms Image
image/gif 2.16.97.41

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-K70ahZNaBGOxqgSELI7X1yeNv7NrmMN87s6DPQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 -, , ASN (),
Reverse DNS
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 28 Mar 2024 22:48:21 GMT
pragma: no-cache
date: Thu, 28 Mar 2024 22:48:21 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame E4A4 37 B
140 B 124ms
41ms Image
image/gif 13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-_3Gs1ZNaBGOxqgSELI7X1yeNv7OC1FOhPTPDBw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 22:48:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
hb.yahoo.net/ Frame E4A4 56 B
319 B 221ms
81ms Image
image/gif 2.19.126.72

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-bNjxMpNaBGOxqgSELI7X1yeNv7O-1r9KdF918g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.72 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 28 Mar 2024 22:48:21 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Thu, 28 Mar 2024 22:48:21 GMT

GET pixel
cm.adform.net/ Frame E4A4 0
0

GET sync
visitor.omnitagjs.com/visitor/ Frame E4A4 0
0

GET rum
r.casalemedia.com/ Frame E4A4 0
0

GET sync
gum.criteo.com/ Frame E4A4 0
0

GET 9.gif
id5-sync.com/s/966/ Frame E4A4 0
0

GET match
ad.360yield.com/ Frame E4A4 0
0

GET sync
matching.ivitrack.com/ Frame E4A4 0
0

GET push
exchange.mediavine.com/usersync/ Frame E4A4 0
0

GET 1017
jadserve.postrelease.com/suid/ Frame E4A4 0
0

GET cookie-sync
sync.outbrain.com/ Frame E4A4 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame E4A4 0
0

GET v1
match.sharethrough.com/sync/ Frame E4A4 0
0

GET sync
criteo-partners.tremorhub.com/ Frame E4A4 0
0

GET m
ad.yieldlab.net/ Frame E4A4 0
0

GET sync
sync-criteo.ads.yieldmo.com/ Frame E4A4 0
0

GET put
e1.emxdgt.com/ Frame E4A4 0
0

GET match
c1.adform.net/serving/cookie/ Frame E4A4 0
0

GET setuid
ib.adnxs.com/ Frame E4A4 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.hey.car
URL: https://api.hey.car/search/count?

Domain: cm.adform.net
URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ZqDCwpNaBGOxqgSELI7X1yeNv7NzNzl8qTppzA

Domain: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-KeZ7O5NaBGOxqgSELI7X1yeNv7OKwmFhezQ_zA

Domain: r.casalemedia.com
URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-o3UYLpNaBGOxqgSELI7X1yeNv7PRdmMWNUUPgQ

Domain: gum.criteo.com
URL: https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40

Domain: id5-sync.com
URL: https://id5-sync.com/s/966/9.gif?puid=k--hD6A5NaBGOxqgSELI7X1yeNv7PLkCuCuCzfuA

Domain: ad.360yield.com
URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YpICEpNaBGOxqgSELI7X1yeNv7MIhfGKgQ70rg

Domain: matching.ivitrack.com
URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-dQB3DpNaBGOxqgSELI7X1yeNv7ObmYmqEtM7Tw

Domain: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-w_amWZNaBGOxqgSELI7X1yeNv7Ozvb__avWjmA

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/suid/1017?vk=k-wzJSrpNaBGOxqgSELI7X1yeNv7PdJCypUnHvbA

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-szG2jpNaBGOxqgSELI7X1yeNv7PerI9o41utCg&initiator=partner

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-8Jr-oZNaBGOxqgSELI7X1yeNv7PPMVC8JumhIQ

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Gm4kkZNaBGOxqgSELI7X1yeNv7MIWZkP0ioOJA

Domain: criteo-partners.tremorhub.com
URL: https://criteo-partners.tremorhub.com/sync?UICR=k-a6df-ZNaBGOxqgSELI7X1yeNv7PL3qBONg3ZVQ

Domain: ad.yieldlab.net
URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-7dA8FZNaBGOxqgSELI7X1yeNv7MEkkjQrmCIJg

Domain: sync-criteo.ads.yieldmo.com
URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-KPIXBpNaBGOxqgSELI7X1yeNv7NGqBCm-adXzA&pn_id=criteo&ext=1

Domain: e1.emxdgt.com
URL: https://e1.emxdgt.com/put?d=d53&uid=k-CUGuMJNaBGOxqgSELI7X1yeNv7OvEKfrrVXgZw

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=10015&cid=k-ZqDCwpNaBGOxqgSELI7X1yeNv7NzNzl8qTppzA

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/setuid?entity=52&code=k-kTU9oZNaBGOxqgSELI7X1yeNv7PtmRwpLNoH5g

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hey.car/	1970-01-21 05:03:46	Name: persist%3AslideIn Value: {%22show%22:%22true%22%2C%22submitted%22:%22false%22%2C%22_persist%22:%22{%5C%22version%5C%22:-1%2C%5C%22rehydrated%5C%22:true}%22}
hey.car/	1970-01-21 05:03:46	Name: persist%3AcookieDashboard Value: {%22hasSavedCookieSettings%22:%22false%22%2C%22preferences%22:%22{%5C%22functional%5C%22:false%2C%5C%22analytical%5C%22:false%2C%5C%22marketing%5C%22:false%2C%5C%22essential%5C%22:true}%22%2C%22_persist%22:%22{%5C%22version%5C%22:1%2C%5C%22rehydrated%5C%22:true}%22}
hey.car/	1970-01-21 05:03:46	Name: persist%3Auser Value: {%22createdAt%22:%22null%22%2C%22isReturningUser%22:%22false%22%2C%22hasSignedUpForNewsletter%22:%22false%22%2C%22searchUserId%22:%22null%22%2C%22saveSearchConfirmed%22:%22false%22%2C%22hasSeenProfileInfo%22:%22false%22%2C%22isNotificationIndicatorVisible%22:%22false%22%2C%22_persist%22:%22{%5C%22version%5C%22:-1%2C%5C%22rehydrated%5C%22:true}%22}
hey.car/	1970-01-21 05:03:46	Name: reduxPersistIndex Value: [%22persist:slideIn%22%2C%22persist:cookieDashboard%22%2C%22persist:user%22]
hey.car/	1970-01-20 23:46:58	Name: __hstc Value: 171778367.add1ac0530e4862a5448f058e2fef517.1711666097331.1711666097331.1711666097331.1
hey.car/	1970-01-20 23:46:58	Name: hubspotutk Value: add1ac0530e4862a5448f058e2fef517
hey.car/	1969-12-31 23:59:59	Name: __hssrc Value: 1
hey.car/	1970-01-20 19:27:47	Name: __hssc Value: 171778367.1.1711666097332
.hubspot.com/	1970-01-20 19:27:47	Name: __cf_bm Value: WDn4.3I8rtow10CBJ73Y8l4sYxcZGOK13A7kAauZs1c-1711666097-1.0.1.1-mt2frldRGte5QfxRQ_gxLDdtun75TZRGN_y3ylXtfkpzj50jhL9Hc5HjgF5MrstbH4JFgI.577xZg3rovATrJw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: xLHqHAY61d9ylxDsLc3qDk6cwWAIpHjm3ZoI.6P4M60-1711666097757-0.0.1.1-604800000
.hey.car/	1970-01-21 04:13:22	Name: ajs_anonymous_id Value: 81a54e0f-a6d7-4804-8142-129687fe8f2b
.hey.car/	1970-01-21 04:13:22	Name: mp_365e80d9faaf6f0d4b38f26b8087031d_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18e873ff7651146-0193449aa363b1-26001a51-75300-18e873ff7651146%22%2C%22%24device_id%22%3A%20%2218e873ff7651146-0193449aa363b1-26001a51-75300-18e873ff7651146%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.hey.car/	1970-01-20 19:29:12	Name: _gid Value: GA1.2.1530065824.1711666100
.hey.car/	1970-01-20 19:29:12	Name: _uetsid Value: 46387bc0ed5511ee8244d3f5bdef95fa
.hey.car/	1970-01-21 04:49:22	Name: _uetvid Value: 4638b700ed5511eeadb39968cc0d4d95
.hey.car/	1970-01-20 21:37:22	Name: _gcl_au Value: 1.1.1838815589.1711666100
.hey.car/	1970-01-20 19:27:47	Name: direct Value: undefined
hey.car/	1970-01-21 05:03:46	Name: ga_cid Value: 860458282.1711666100
hey.car/	1970-01-21 05:03:46	Name: ga4_cid Value: 860458282.1711666100.
.bing.com/	1970-01-21 04:49:22	Name: MUID Value: 2FD4D1D2C91368160750C582C898698B
.hey.car/	1970-01-20 21:37:22	Name: _fbp Value: fb.1.1711666100358.408202674
.hey.car/	1970-01-21 04:13:22	Name: _hjSessionUser_928769 Value: eyJpZCI6ImQ2ZTMzYzllLTY2NzItNTE0OS1iNWY2LTY4MTI1ODM3ZGM3MCIsImNyZWF0ZWQiOjE3MTE2NjYxMDA0MzUsImV4aXN0aW5nIjpmYWxzZX0=
.creativecdn.com/	1970-01-21 04:13:22	Name: ts Value: 1711666100
.hey.car/	1970-01-20 19:27:47	Name: _hjSession_928769 Value: eyJpZCI6IjM4OGQyYmM1LWYwZWUtNGM2My04NWNkLTYzZDVjMzQ0NDdmZiIsImMiOjE3MTE2NjYxMDA0MzgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.creativecdn.com/	1970-01-21 04:13:22	Name: g Value: 0r8ShMWkSxM8dbsY2kKm_1711666100432
.creativecdn.com/	1970-01-21 04:13:22	Name: c Value: 0r8ShMWkSxM8dbsY2kKm_Vl8Hky5WckrgZC5brdjk_1711666100432
.hey.car/	1970-01-20 19:27:46	Name: _gat Value: 1
.hey.car/	1970-01-20 19:27:46	Name: _gat_UA-92335130-10 Value: 1
.hey.car/	1970-01-20 19:27:46	Name: _gat_UA-180738772-1 Value: 1
.tiktok.com/	1970-01-21 04:49:22	Name: _ttp Value: 2eKvUcXKrlswIIK7M99S3uK1Q1o
.hey.car/	1970-01-21 05:03:46	Name: _ga Value: GA1.1.860458282.1711666100
.hey.car/	1970-01-21 05:03:46	Name: _ga_WZGJ14G4ZM Value: GS1.1.1711666100.1.0.1711666100.0.0.0
.hey.car/	1970-01-21 05:03:46	Name: _ga_E1CM59JHH0 Value: GS1.2.1711666100.1.0.1711666100.60.0.0
.hey.car/	1970-01-21 05:03:46	Name: _ga_25CKVPFB5V Value: GS1.2.1711666100.1.0.1711666100.0.0.0
.criteo.com/	1970-01-21 04:49:22	Name: uid Value: 31d053a6-85bb-48f0-a212-851ce3d4fc69
.criteo.com/	1970-01-21 04:49:22	Name: receive-cookie-deprecation Value: 1
.hey.car/	1970-01-21 05:03:46	Name: _ga_E7FGLXJB9T Value: GS1.2.1711666100.1.0.1711666100.60.0.0
.hey.car/	1970-01-21 04:49:22	Name: _tt_enable_cookie Value: 1

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/741237876083995?v=2.9.151&r=stable&domain=hey.car&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://sslwidget.criteo.com/event?a=56862&v=5.23.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=_RJCI191UzhzTVQxZkZYS2NFdjhRVVhvb2VpT3RHelE0a3pMM0V4RCUyQnRSNDlWWUFoOWIzMmh0bHkzSEppMTVVUXNIdlhBN0I2WDhrQ2ljc3dzbldXRVBIOU9pWjAxS2JmR1pnWGl5enlJTFpFJTJCb3IwJTJGV0dvNG9mQyUyQmx3d1Qwb1l2JTJGSHJPaWJqcFRoZmIxamlDS3NRUEZsc3d3JTNEJTNE&tld=hey.car&fu=https%253A%252F%252Fhey.car%252F&ceid=e67bd339-876f-4269-9589-a8d252aee912&dtycbr=34150 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hey.car/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
analytics.tiktok.com
api.common.prod.group-mobility-trader.com
api.hey.car
api.segment.io
bat.bing.com
c1.adform.net
cdn.mxpnl.com
cdn.segment.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
de-prod-heycar-images.s3.eu-central-1.amazonaws.com
dis.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
hb.yahoo.net
hey.car
ib.adnxs.com
id5-sync.com
img.youtube.com
jadserve.postrelease.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
match.sharethrough.com
matching.ivitrack.com
o385824.ingest.sentry.io
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
script.hotjar.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
track.hubspot.com
vc.hotjar.io
visitor.omnitagjs.com
websdk.appsflyer.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
ad.360yield.com
ad.yieldlab.net
api.hey.car
c1.adform.net
cm.adform.net
criteo-partners.tremorhub.com
e1.emxdgt.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
r.casalemedia.com
simage2.pubmatic.com
sync-criteo.ads.yieldmo.com
sync.outbrain.com
visitor.omnitagjs.com
13.227.219.120
13.248.245.213
141.226.228.48
157.240.0.6
164.132.25.184
172.217.16.130
172.217.16.195
172.217.23.104
173.194.76.154
178.250.1.9
18.193.19.211
18.66.112.110
184.30.20.22
185.184.8.90
2.16.97.41
2.18.64.15
2.19.126.72
2001:4860:4802:34::36
216.58.206.46
216.58.212.164
2600:1901:0:bc29::
2606:4700:4400::ac40:991b
2606:4700::6810:4cba
2606:4700::6810:bf59
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:11::215:14d5
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.120.59.191
34.120.195.249
35.214.149.91
37.252.172.123
52.219.168.157
52.222.139.110
52.222.236.60
52.222.236.71
54.203.25.147
69.173.144.138
99.86.4.20
99.86.8.175
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
05166cc0c3e56bfd843cd0f0d7c121a916cb51887f7760cf1e95f3deada31a8c
05a90a4f7f5b906f83f007736ac87340312409fc5226782dc15cf8a47dad8a20
05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f
0ace1ff3011c87a24f561d802a50c41881fdb975dee6ec844027830412362872
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
176aa5fa5a355a27e234e6456205b981f9fd19615a92d5737ba2b44a8f1ddc3a
2590c0d61e7b9a132b5c61b870dbed99dfdd0336d1185b06e2d82978fd62e25e
266bcdbfcd1c383282ff91d5db02e3995ffe48ac9fa11beff7b607d6c6d4c4f3
28f1092c1974b26ced6ab0abc21685f3a7217ee2b0d055b20e46ee263e7f62fd
2c391e1e3ec4cd43e9fe123e83bedcf1ca2cb6506836abc64663f6d8b964b0c7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3bc3bd00952daa0cc3d1ec0e189ec029ff0f7db2864d1e8a07a0011d357f4963
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445659accef9cc2b62db4928833c100343726c846ced7a1dce83ff5e52a85764
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
4dfaac81c5c11ae346745978e3cfaa5b1700a0c8a43da0d3148e4a9e06a856fc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5eeb0081366c82d6237c6e16e9af56188182db7669e6916a9018bbf8d16b5b7a
6265ca724f73e24568a94c7ea752b44e491c10231bfc8e80e86cd3f02eab2e71
6828c385c00515623c44e8ba15e3bc7bc540820906a94001969db7ad86c23ed1
6d686226ce12e3d6bb885bb90e50288a2f317509efdb99a20d0d89fba625c13f
79922962b52009c9211ac978c6e9b54fce80895c30d7f23ab5a3e6b46152e8c2
7b64fab72c06888c5afcd5d9e5e876633fb5b551079b9034c10bd3059add0072
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
7c7ca0d6e1578dbba62ec2a4fd21aa7af8f0a266c8306e02acb5ab0f8142b427
7e15216f9af8cf124d19716c4d4550d4cd46b3215109f438d5bf8eab9618db67
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7fe8b375436bf91d8d3e679fadd63d7e5a80f6b397b81ac96ce19f92bde61ec0
80fe1f2cdabdc857090a27c57a9999f15df0f9c19f067585d4436c458b64732f
8190566f389ec6dbde2b9c50ef83674837576977abb635f1af16a952ef32659a
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b9f94d97666604e82627bd3ef1c0ee212896fe3abbfd370a16af8bd2054429d
91aa973ca4f3b483ae8d5455ae2a7cc44eb67d7da29402543bfb6d65f934e358
9507c23743573c8c4c1789d49544fc48434c82a34dccd49ad55de575e42561aa
99bc393615e8b499de55d6d04373195a15565c899d5cdb98f7dc0f4595d7fc92
9afba7da5a04549430887cdaf22ae2655eb36d0b883e43fc1e7a1350faa21e65
9c617731892cf3feee43396e9a1ab31e04fa0f64c237b8d9f3eb660c631ac93f
a29b5ee438c2dfe66484c12e43c69407227b4acd42fb77d2a5c40add7f8d5133
a3079657dfdc9d6cf095aa78e354abd79b829219afd5f6244452323f5101fccd
aa121c9454af9c62d9f03fb636734ccf578b019bd2db02db32dd71b574a3d76f
af63e9f6cacf50534b1ffdfbf0a21bc832b2610ee0e22ad88b5a789153304dec
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b1ee7d4017ee01a149d5174a03320b7b1784eea28b6e06f312b16d5716a86ab9
b635c4a617f129540918ff09f0ac171767c92ff07dd77fb7974219d63c6b2054
b6e9e898769f7dd37345562f23ba34e6d29fcc2b7bb9e6813fb2a1a729290c1e
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b949c209b6ec826c3ed07dc4e8b2dbaad706f2643028a909f7dd335431acb92b
bada20c1784187eeb3ed334abb986b5c567986facf96ae64bcae73915facabf1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb
bd73c980e11cc8f8fd9f8b05f355e02bfe5760c337374cf34d655c7788ff1977
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
d211b41fb3d4f991c60508bceb2076405f010e84afba51c44c7459a468324964
d297a6c69032f93ca70f0c5a3ab227aee7bb353428d28b23df6ec152132330b8
d3b3174067d95206c8669cea370f184117d7bcff8b641ce498ecb23455243b5c
d4f8a38522b7593d6231102435b1956b36af19895ce0576848b5df98e13edb48
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddcd9f48cf4cb6e304e8980e55706e73a73258f13c6805e5a8fe4abfe3d53cd5
de01d8704e8e3affc2acec6e20f16c7f6199734bf6df42c1a0217b92e222b641
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df34f988072bed9c204ee892d7498ac369662e8b46546caa4df68e439149d71e
e14f791629769dc3bfa90eef37b8301cfc8ef567ce3caf2f2d3fefa3008a6171
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
e95d64fc89f583cf9db4c224262ecf464bff69888afee36db12b0214c6152ec3
e9d7ae56d8cdf798bb9f8408d8604055198c3886e4cd170967d87fbd259e67f4
edc5577fa6da00c55dc1a2b8418054757680a63f7b6ea8b13111643e29b94ded
edd37d7fcea9df1cb3f485428d1d3af3054943a87f562d9c7c51dd1f3c462277
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd
fb023f3363b94163032a09ae8449c8000783d1fc4bd5a784a527ce7c23ef5fae
fcc5947420bac95a9ee88dc4782ae6101a53a397e25b582b468979318eb71171
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb
feb262081ed126056fdc2febe9ec1ad4a4c9e2a86a12d3fb62964eb90825cb99
ff0f900e2a64e637a0862387ab526b61f55f8cb2ebe55fa7678fedb9ab126609

hey.car Open in urlscan Pro 99.86.4.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

85 %HTTPS

34 %IPv6

52 Domains

60 Subdomains

47 IPs

4 Countries

2564 kBTransfer

8622 kBSize

38 Cookies

9 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hey.car Open in urlscan Pro
99.86.4.20 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

85 %
HTTPS

34 %
IPv6

52
Domains

60
Subdomains

47
IPs

4
Countries

2564 kB
Transfer

8622 kB
Size

38
Cookies

136 HTTP transactions
0 data transactions