geld-sparen.felixfeurstein.com Open in urlscan Pro
160.20.144.248  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response geld-sparen.felixfeurstein.com/	27 KB 8 KB	734ms 176ms	Document text/html	160.20.144.248 AUROLOGIC aurolog...
General Check archive.org Show headers Download Go to Full URL https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 160.20.144.248 Frankfurt am Main, Germany, ASN30823 (AUROLOGIC aurologic GmbH, DE), Reverse DNS Software Caddy / Resource Hash 10c2815b595c5c4ae788d3462e7a978747a5f26fe373c064a1dda6fa6a2406ec Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers origin, x-requested-with, content-type, accept, accept-language access-control-allow-methods OPTIONS, GET, POST, PATCH, PUT access-control-allow-origin * content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 19 Jul 2024 05:36:26 GMT server Caddy vary Accept-Encoding
GET H2	200	funnel-page.css static.funnelcockpit.com/assets/css/	543 KB 84 KB	267ms 191ms	Stylesheet text/css	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/css/funnel-page.css?v=83bcfce1a131c600 Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d67716f7cee613cfed877043c9d73092c556dce7f62aa0e9190f500c5b4b9448 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:26 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 15 Jul 2024 08:43:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b70f684332e9eb4972aba37aa7a50f9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6oH4o%2Ff%2Fkq1PoIkOfprsM3ZLoxyYCJAVR8zU6gSz045mmngS5n81eYdxmgJ2n0fMC4SKIgz8KAhFsAnmGgwK5TZBY3dCZ%2BRWgpToPjcfU2iWeesvLinopEwYlPG8q4Cl3ERrlyLMz51sU%2FoqWcam4s9eT4r0A0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 8a585a97b85b8da3-MIA alt-svc h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	226 KB 82 KB	199ms 85ms	Script application/javascript	2607:f8b0:4004:c06::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-439562785 Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3ae6f34aa44449ccd5e343ccf468407999c4e52b4185baf9af463b0841500e26 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:26 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83274 x-xss-protection 0 last-modified Fri, 19 Jul 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 19 Jul 2024 05:36:26 GMT
GET H2	200	83edd48b150641812d22a9eeef1ee8a9.png static.funnelcockpit.com/upload/ftBNtx53xTEk77R84/	2 MB 2 MB	304ms 230ms	Image image/png	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/ftBNtx53xTEk77R84/83edd48b150641812d22a9eeef1ee8a9.png Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 768d5deb4a354bd337630c7af142f787e12859b3e89ed19b5c2cbb0546fc2f5b Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT cf-cache-status MISS last-modified Mon, 25 Dec 2023 00:45:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b4e9c07c3762243095e54b9a56908b2c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dUBN9SUV4jWExpJE4NKJbM%2F4ze30XQVmYSibIViqjCxBHJufLaQxRfk8k2X8btjxp1ZazqRc9xog69pZ2BZ5izLRHCsZ5uLXWgSCHCaMhWLgeEvqYqMA%2FYPJjlWArwLMJWIXmiIzOXE47zO1Y7w5X0UAtGZfQs%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 8a585a97b85c8da3-MIA alt-svc h3=":443"; ma=86400 content-length 1652431
GET H/1.1	200 OK	embed-html.min.js Show response quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/	2 KB 2 KB	461ms 150ms	Script application/javascript	3.5.69.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/embed-html.min.js Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 3.5.69.250 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash d1228669d496bec0fa020e5677d313b3fd8c5a3d5a1ffd7eb1225b11d686d8d1 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 19 Jul 2024 05:36:28 GMT Last-Modified Sat, 13 Nov 2021 20:38:57 GMT Server AmazonS3 x-amz-request-id Y2E35Y7N0K5C73G8 ETag "90ac5d18d6cf8bd87a1e18a3aa5c9e6b" Content-Type application/javascript Cache-Control max-age=604800 Accept-Ranges bytes Content-Length 1896 x-amz-id-2 eTLwr2YoaO+e1c68xh6kGrnAdlF7Pl18EDvzMVQqASoHZ49HdWGvvUfYyon0+P2/0mDNutN4mgGWW7DQ28Vx3A==
GET H2	200	funnel-page.js Show response static.funnelcockpit.com/assets/js/	109 KB 36 KB	183ms 182ms	Script text/javascript	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/funnel-page.js?v=83bcfce1a131c600 Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad4c3cf0ad6e06840ea622dd16313a09713234cac028eae23270f40127ed6b7c Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 15 Jul 2024 08:43:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63bca1cd8803525c69c3271261fe663f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6LOJcvJBqxHQoxedsDk4njmO2WelyQ6hn3z7hIltVF3oHWfFOxXa%2BUCDfpBbVFf0nO15ZpzRMv3YZGzU29DI32a23qb7zTilPXK%2Bkpf2PumfiItJXAvy%2FI1p1ELNhYPbsYeN68jw1q75Lg5Ma4lqJT5DPsRDxs%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 8a585a9949248da3-MIA alt-svc h3=":443"; ma=86400
GET H2	200	28ba4760d1d895bbbab223f6d7158038.png static.funnelcockpit.com/upload/iawnjyq42t9AXwJ8o/	33 KB 33 KB	178ms 177ms	Image image/png	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.funnelcockpit.com/upload/iawnjyq42t9AXwJ8o/28ba4760d1d895bbbab223f6d7158038.png Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d60ddf1fa7e4aa76e96f953993ff421c082c4a4923f240a036705aad1b7cda3a Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT cf-cache-status REVALIDATED last-modified Mon, 25 Dec 2023 00:58:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "a86a75c628863c9c490a6fe3aafbe90d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOGAs2ypbVNHgNEADcckjmJMn0hgzbRXT3wxKTH8Xzch7mXrSd%2FA6BZKqqzn6wa19ckNzm7z9VGD%2BDI54w%2Bj%2F5MCFW9q%2Bka%2FbPl4SXx3Op0PfYqibIppE25LEvEH3VpzHVH31D3pO5JTGUGn9cGY%2Ft3P0AnBP%2F8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=43200 accept-ranges bytes cf-ray 8a585a9949228da3-MIA alt-svc h3=":443"; ma=86400 content-length 33655
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	224 KB 60 KB	172ms 57ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 19 Jul 2024 05:36:27 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58677 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug 3d48BumcGNxOEOipFInyCifOsePBF80lhf1V2NviyxuF73jpA+qu3GSdvjifzBgnkd0X4i6dCMeqAGNHsMntsw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	fa-regular-400.woff2 static.funnelcockpit.com/assets/fonts/	13 KB 13 KB	261ms 197ms	Font font/woff2	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/fa-regular-400.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca Request headers Referer https://static.funnelcockpit.com/assets/css/funnel-page.css?v=83bcfce1a131c600 Origin https://geld-sparen.felixfeurstein.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT cf-cache-status MISS last-modified Mon, 15 Jul 2024 08:44:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b91d376b8d7646d671cd820950d5f7f1" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27YfP%2F1AMW8gPheAIqeOI6Lv9MQ8SfS1NRvo7JsGqEZJ4SlQVFnX1psq6XfSupT%2BDg9PHLqakpYPmvUlrpGIZ9fbElAhN0ohyMNA8HPOdgwSlSI0raf%2ForCTW7l37io33W905HZ%2FgnjBULUHQJw6SI2LdmYDNBM%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 8a585a99ca5367bd-MIA alt-svc h3=":443"; ma=86400 content-length 13224
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/439562785/	2 KB 1 KB	180ms 72ms	Script text/javascript	172.253.115.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/439562785/?random=1721367387117&cv=11&fst=1721367387117&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgeld-sparen.felixfeurstein.com%2F&hn=www.googleadservices.com&frm=0&tiba=Geld%20sparen%20im%20Alltag%20%7C%20Mehr%20als%201000%E2%82%AC%20j%C3%A4hrlich%20einsparen&npa=0&pscdl=noapi&auid=367787192.1721367387&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-439562785 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f156.1e100.net Software cafe / Resource Hash 4e2264265ec7f0cd666090d85eaf0e7193ab7f1ec2b1df0def17d1deeb4bc0f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 19 Jul 2024 05:36:27 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1400 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/439562785/	42 B 64 B	158ms 55ms	Image image/gif	209.85.232.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/439562785/?random=1721367387117&cv=11&fst=1721365200000&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgeld-sparen.felixfeurstein.com%2F&hn=www.googleadservices.com&frm=0&tiba=Geld%20sparen%20im%20Alltag%20%7C%20Mehr%20als%201000%E2%82%AC%20j%C3%A4hrlich%20einsparen&npa=0&pscdl=noapi&auid=367787192.1721367387&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLRcpfnx802WQXwZT00RbvsM6O-ab0bQ&random=1390472983&rmt_tld=0&ipr=y Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 209.85.232.103 , United States, ASN15169 (GOOGLE, US), Reverse DNS qt-in-f103.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 19 Jul 2024 05:36:27 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 33 KB	173ms 57ms	Script text/javascript	2607:f8b0:400d:c0f::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: quentn.s3-eu-west-1.amazonaws.com URL: https://quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/embed-html.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 16:48:02 GMT content-encoding gzip x-content-type-options nosniff age 218905 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32954 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 16:48:02 GMT
OPTIONS H2	200	track-page-visit api.funnelcockpit.com/	0 0	508ms 146ms	Preflight	94.130.226.120 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.funnelcockpit.com/track-page-visit Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.226.120 Bendorf, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.120.226.130.94.clients.your-server.de Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://geld-sparen.felixfeurstein.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers origin, x-requested-with, content-type, accept, accept-language, cookie access-control-allow-methods OPTIONS, GET, POST, PATCH, PUT access-control-allow-origin https://geld-sparen.felixfeurstein.com date Fri, 19 Jul 2024 05:36:27 GMT strict-transport-security max-age=15724800; includeSubDomains x-download-options noopen x-xss-protection 1; mode=block
POST H2	200	track-page-visit Show response api.funnelcockpit.com/	0 383 B	481ms 187ms	XHR text/plain	94.130.226.120 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://api.funnelcockpit.com/track-page-visit Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.226.120 Bendorf, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.120.226.130.94.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Xss-Protection 1; mode=block Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Fri, 19 Jul 2024 05:36:28 GMT strict-transport-security max-age=15724800; includeSubDomains x-download-options noopen access-control-allow-methods OPTIONS, GET, POST, PATCH, PUT access-control-allow-origin https://geld-sparen.felixfeurstein.com cache-control private, no-cache, proxy-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers origin, x-requested-with, content-type, accept, accept-language, cookie x-xss-protection 1; mode=block
GET H2	200	1304.31030298a02161531ca7.js Show response static.funnelcockpit.com/assets/js/chunk/	5 KB 2 KB	42ms 41ms	Script text/javascript	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/chunk/1304.31030298a02161531ca7.js Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jul 2024 08:43:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6999 etag W/"789b48c7404e9ed9881c4fbd1f97afbc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGRHtw2uuVEtOu3mnErO2udsDv53owDdhyXRazDyBd7VLD2kMh7%2FqgfYJ4%2F1%2F226av3aTp3pQczC4VxmY0X%2Fm4Mg9fGTG6t4KechMiu%2BU6hseGSbwujcrBwx5blDCSDSQrNgZF9XU6rKzwEgaXFsag7j%2F0KNLu0%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 8a585a9afa2b8da3-MIA alt-svc h3=":443"; ma=86400
GET H2	200	3063.0fe39541b7a945e98559.js Show response static.funnelcockpit.com/assets/js/chunk/	11 KB 4 KB	38ms 37ms	Script text/javascript	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/js/chunk/3063.0fe39541b7a945e98559.js Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc631322240949dc96e796bd748a462f8b06797547de9941663ce63f361addfb Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jul 2024 08:43:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 7155 etag W/"7062f48a4de80bf09869572f6c9468d4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CL8QNR7i6w3hssM6hgtJ2B27nNPvGo2%2B%2FbUFkxU4xBkRp%2BNw3T1UNBSQ%2BPijIm0oneSBlvsl5Nt6qkfmSPn6YVkYF7e3AVKLThnyMD87TbJpXI%2BydlwjSqwxT1b17BHG19RVP6Ji%2B9j08yuDQ93L0w%2BEVor4kTs%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=43200 cf-ray 8a585a9afa2d8da3-MIA alt-svc h3=":443"; ma=86400
GET H2	200	quicksand.css static.funnelcockpit.com/assets/css/fonts/	3 KB 717 B	39ms 39ms	Stylesheet text/css	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=83bcfce1a131c600 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 864999d1e93ba9c8fafbdfda06ba131dbf13fb070dcec9f344fec7f1d2a08ce6 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Jul 2024 08:43:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6743 etag W/"a9a785bcb56964775f9a130121172e73" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIbqRCnYuHpPgsxRs371ZzcwkxcHhfN09QGmn79P3PPx7swn59gpTTBTE%2Fm9Ai1K5eC4EVa9IxKDoRJNyOkVtsnhWghntZChIkQBzunOtgp6mrGwEn7TFbKYGWYPIktCLRuU5Ie4ecoVn5r2dhRJYdwt1Tn%2Bqnw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 8a585a9afa368da3-MIA alt-svc h3=":443"; ma=86400
GET H2	200	407707457169851 Show response connect.facebook.net/signals/config/	67 KB 14 KB	108ms 107ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/407707457169851?v=2.9.162&r=stable&domain=geld-sparen.felixfeurstein.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0fbd5dbf1224056ed3f6fc182708d831bfc9daa70a4734e8bab59bc5708aa07c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 19 Jul 2024 05:36:27 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=57, rtx=0, c=64, mss=1297, tbw=64181, tp=-1, tpl=-1, uplat=50, ullat=0 pragma public x-fb-debug yQTOtc2eccO+2IJVBNtBnhQ8iSnnKq9PnRZKO5gB1hTGKkNbdyhLbemVOe/sNE9AL5W8aHpHEo3LDkySIpYOzw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	quicksand-v7-latin-regular.woff2 static.funnelcockpit.com/assets/fonts/	19 KB 19 KB	197ms 197ms	Font font/woff2	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/quicksand-v7-latin-regular.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 827a866b2a9a628cce555bfd12020d2dc3db084e9952688d053a54d11de6992f Request headers Referer https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=83bcfce1a131c600 Origin https://geld-sparen.felixfeurstein.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT cf-cache-status MISS last-modified Mon, 15 Jul 2024 08:45:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3f178e7b1a044e97e6ddf420f30e881b" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVkP34f8yFr73zxM1Ux4bMlVg9IpDDzwXor1u0DHCZwY8m277guf5E9zheTk6prZQ8682KG1B82N5O1bU8poneg40lq61G4%2Bp1T%2FXlpPpmdyNH8J9kVzGuPFI4jX%2F12Kk2fwH2xGNJKQk3rpMlXehbBswFpLVko%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 8a585a9b7b4067bd-MIA alt-svc h3=":443"; ma=86400 content-length 19264
GET H2	200	quicksand-v7-latin-500.woff2 static.funnelcockpit.com/assets/fonts/	19 KB 19 KB	193ms 192ms	Font font/woff2	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/quicksand-v7-latin-500.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a6d2e786a831018660c4b7b6e2388cb50eeb42e9fdebb9d701a2f8e19bcfda4 Request headers Referer https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=83bcfce1a131c600 Origin https://geld-sparen.felixfeurstein.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT cf-cache-status MISS last-modified Mon, 15 Jul 2024 08:45:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "dce202681ee1fcdbdaf352303a4f383e" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXqPH1omssa4BkNDAglN3HMmO8PYnlezg13hBgS1pu%2Bup8tXmmyb8jBFlFwk7JAQC9lTkbmc5LjMw2W1%2F8F1mEQSniR7t3rIk00CuV%2Fg6%2FMwwa2lJS2WxdS%2FfqcnvINWzSA6dMG89wuIGAcgBV7a7tpLTtaE3JE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 8a585a9b7b4367bd-MIA alt-svc h3=":443"; ma=86400 content-length 19284
GET H2	200	quicksand-v7-latin-700.woff2 static.funnelcockpit.com/assets/fonts/	18 KB 19 KB	194ms 193ms	Font font/woff2	2606:4700:3033::ac43:98b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.funnelcockpit.com/assets/fonts/quicksand-v7-latin-700.woff2 Requested by Host: static.funnelcockpit.com URL: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=83bcfce1a131c600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:98b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5751b0d2d88c8d4b046d1a03a6e6eca744c36649c5645d4f3e281ddf69aa358f Request headers Referer https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=83bcfce1a131c600 Origin https://geld-sparen.felixfeurstein.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 05:36:27 GMT cf-cache-status MISS last-modified Mon, 15 Jul 2024 08:45:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "8ec608d5ec889469c1ce8b70e06bdec2" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GdCclzIU31u28jy7zE6UZDYwb4Z071hw3WyWWvFkqvVGDUpwfD0fDsy8J5sBcJE%2FisO26XL7gpJtFMyVx%2BqWDygchtGy4WEc2w8RNJeSub%2FJUBCXbnhT2BPgfkVXiPIC2Inm5WNu9rE0F95qSB%2BmURts%2BMzjlFI%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=43200 accept-ranges bytes cf-ray 8a585a9b7b4567bd-MIA alt-svc h3=":443"; ma=86400 content-length 18792
GET H2	200	/ www.facebook.com/tr/	0 269 B	173ms 57ms	Image text/plain	2a03:2880:f103:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=407707457169851&ev=PageView&dl=https%3A%2F%2Fgeld-sparen.felixfeurstein.com&rl=&if=false&ts=1721367387537&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721367387532.66735892771074733&cs_est=true&pm=1&hrl=6c7128&ler=empty&cdl=API_unavailable&it=1721367387400&coo=false&cs_cc=1&rqm=GET Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=54, rtx=0, c=10, mss=1297, tbw=2827, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 19 Jul 2024 05:36:27 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	273ms 158ms	Image image/png	2a03:2880:f103:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=407707457169851&ev=PageView&dl=https%3A%2F%2Fgeld-sparen.felixfeurstein.com&rl=&if=false&ts=1721367387537&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721367387532.66735892771074733&cs_est=true&pm=1&hrl=6c7128&ler=empty&cdl=API_unavailable&it=1721367387400&coo=false&cs_cc=1&rqm=FGET Requested by Host: geld-sparen.felixfeurstein.com URL: https://geld-sparen.felixfeurstein.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Fri, 19 Jul 2024 05:36:27 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7393216631928201392", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=3140, tp=-1, tpl=-1, uplat=97, ullat=0 pragma no-cache x-fb-debug UdvnSuB+7twnWhEwuK2Xv58ugdSIigeVaDD+gcKKeyo8Nub6zeHZg7YWzd/U2u2KEWQIiUNd0+By2+NNhu8szw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393216631928201392"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	parsley.min.js Show response quentn.s3-eu-west-1.amazonaws.com/lib/js/Parsley/	42 KB 42 KB	154ms 154ms	Script application/javascript	3.5.69.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quentn.s3-eu-west-1.amazonaws.com/lib/js/Parsley/parsley.min.js Requested by Host: quentn.s3-eu-west-1.amazonaws.com URL: https://quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/embed-html.min.js Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 3.5.69.250 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 5ea1268f16c83d70e4d75990a64f5ca59c584fef26472548924a3c990cd7df2f Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 19 Jul 2024 05:36:28 GMT Last-Modified Sat, 13 Nov 2021 20:38:57 GMT Server AmazonS3 x-amz-request-id Y2E9TVNREEBYMFYF ETag "5c3fc4fb62bb1adaeadc49877707b6c8" Content-Type application/javascript Cache-Control max-age=604800 Accept-Ranges bytes Content-Length 43087 x-amz-id-2 QQ+8wg6cOWAlXWXPLZ2HA9NMME8SfD04COIvWinkwCBM1uLQsxaJ0GwkAFWC1BUpvAZTQgrHY3908frPQ0GtAQ==
GET H/1.1	200 OK	de.js Show response quentn.s3-eu-west-1.amazonaws.com/lib/js/Parsley/	2 KB 2 KB	153ms 153ms	Script application/javascript	3.5.69.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quentn.s3-eu-west-1.amazonaws.com/lib/js/Parsley/de.js Requested by Host: quentn.s3-eu-west-1.amazonaws.com URL: https://quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/embed-html.min.js Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 3.5.69.250 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 57cf37953501a7e47bad1e2a27410c60713abbb595642a1f076c2ae86b4deb2b Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 19 Jul 2024 05:36:28 GMT Last-Modified Sat, 13 Nov 2021 20:38:57 GMT Server AmazonS3 x-amz-request-id Y2EACZ9SSPCC9JYQ ETag "f157fc2a1212d365a63314164fbf5f5e" Content-Type application/javascript Cache-Control max-age=604800 Accept-Ranges bytes Content-Length 1897 x-amz-id-2 AFOdt6HLQWKFaXJs9XwrH+a7b4qfirTcU45eDaQiM8NJS/dn/ZH7PtvPh9HXFmHZFgMN6zPFL5xJJnCY62TujA==
GET H/1.1	200 OK	parsley-restricted-email-domain.js Show response quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/	31 KB 31 KB	304ms 150ms	Script application/javascript	3.5.69.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/parsley-restricted-email-domain.js Requested by Host: quentn.s3-eu-west-1.amazonaws.com URL: https://quentn.s3-eu-west-1.amazonaws.com/lib/js/wv_form/embed-html.min.js Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 3.5.69.250 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 5d4c87b014e0a8238dffbe4cac31dae4c8299eada5b4d777bcfe36abef98ea2d Request headers Referer https://geld-sparen.felixfeurstein.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 19 Jul 2024 05:36:29 GMT Last-Modified Sat, 13 Nov 2021 20:38:57 GMT Server AmazonS3 x-amz-request-id 9P5A48009G3KPQPZ ETag "e1b16f6a2b866fb8271380b1f885aca3" Content-Type application/javascript Cache-Control max-age=604800 Accept-Ranges bytes Content-Length 31352 x-amz-id-2 OCiBcsbs0ofQ9JARZCZnSR3sss+QMeIIAGJpTwpS0znBOhRDlX5ISxvAjBZtjICNxOyZgW4VdGvfah4QHFdZWg==

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| apiEndpoint object| trackingConfig function| gtag object| dataLayer function| fbq function| _fbq object| cookieNoticeConfig object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| WebFontConfig object| webpackChunkfunnelcockpit_page_assets object| urlParameters object| tempPausedVideoPlayers object| overlays function| cleverPushInitCallback object| regeneratorRuntime object| gdpr-cookie-notice-templates function| $ function| jQuery function| _toConsumableArray function| _slice function| _slicedToArray function| _extends object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			geld-sparen.felixfeurstein.com/	1970-01-20 22:52:39	Name: funnelPage-srdXptPEWJ6haaGT4-1-splitTestPageId Value: SxShKnSBrmg97Z7jy
			.felixfeurstein.com/	1970-01-21 00:19:03	Name: _gcl_au Value: 1.1.367787192.1721367387
			.doubleclick.net/	1970-01-20 22:09:28	Name: test_cookie Value: CheckForPermission
			.felixfeurstein.com/	1970-01-21 00:19:03	Name: _fbp Value: fb.1.1721367387532.66735892771074733

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.funnelcockpit.com
connect.facebook.net
geld-sparen.felixfeurstein.com
googleads.g.doubleclick.net
quentn.s3-eu-west-1.amazonaws.com
static.funnelcockpit.com
www.facebook.com
www.google.com
www.googletagmanager.com
160.20.144.248
172.253.115.156
209.85.232.103
2606:4700:3033::ac43:98b9
2607:f8b0:4004:c06::61
2607:f8b0:400d:c0f::5f
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.5.69.250
94.130.226.120
0a6d2e786a831018660c4b7b6e2388cb50eeb42e9fdebb9d701a2f8e19bcfda4
0fbd5dbf1224056ed3f6fc182708d831bfc9daa70a4734e8bab59bc5708aa07c
10c2815b595c5c4ae788d3462e7a978747a5f26fe373c064a1dda6fa6a2406ec
3ae6f34aa44449ccd5e343ccf468407999c4e52b4185baf9af463b0841500e26
4e2264265ec7f0cd666090d85eaf0e7193ab7f1ec2b1df0def17d1deeb4bc0f1
549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341
5751b0d2d88c8d4b046d1a03a6e6eca744c36649c5645d4f3e281ddf69aa358f
57cf37953501a7e47bad1e2a27410c60713abbb595642a1f076c2ae86b4deb2b
5d4c87b014e0a8238dffbe4cac31dae4c8299eada5b4d777bcfe36abef98ea2d
5ea1268f16c83d70e4d75990a64f5ca59c584fef26472548924a3c990cd7df2f
768d5deb4a354bd337630c7af142f787e12859b3e89ed19b5c2cbb0546fc2f5b
827a866b2a9a628cce555bfd12020d2dc3db084e9952688d053a54d11de6992f
864999d1e93ba9c8fafbdfda06ba131dbf13fb070dcec9f344fec7f1d2a08ce6
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad4c3cf0ad6e06840ea622dd16313a09713234cac028eae23270f40127ed6b7c
cc631322240949dc96e796bd748a462f8b06797547de9941663ce63f361addfb
d1228669d496bec0fa020e5677d313b3fd8c5a3d5a1ffd7eb1225b11d686d8d1
d60ddf1fa7e4aa76e96f953993ff421c082c4a4923f240a036705aad1b7cda3a
d67716f7cee613cfed877043c9d73092c556dce7f62aa0e9190f500c5b4b9448
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629