au-app-a954e.web.app Open in urlscan Pro
2620:0:890::100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au-app-a954e.web.app/?type=arznei
Submission: On March 28 via api (March 28th 2024, 12:04:59 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 56 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is au-app-a954e.web.app.
TLS certificate: Issued by GTS CA 1D4 on March 21st 2024. Valid for: 3 months.

This is the only time au-app-a954e.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	13.33.158.112 13.33.158.112	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	52.37.125.87 52.37.125.87	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2.16.101.88 2.16.101.88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.186.64.46 52.186.64.46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	23.45.233.50 23.45.233.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	20

9 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

au-app-a954e.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.158.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-158-112.fra60.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.37.125.87 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-125-87.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

europe-west1-au-digital.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.101.88 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-101-88.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.186.64.46 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

shown.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.233.50 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-233-50.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

gt.dransay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	web.app au-app-a954e.web.app	1 MB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 717	157 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 996 trc.taboola.com — Cisco Umbrella Rank: 704 trc-events.taboola.com — Cisco Umbrella Rank: 2340	24 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
5	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2926 api.amplitude.com — Cisco Umbrella Rank: 2073	28 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2920 tr.outbrain.com — Cisco Umbrella Rank: 2759 wave.outbrain.com — Cisco Umbrella Rank: 2905	10 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 360	14 KB
2	dransay.io gt.dransay.io	2 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2655	303 B
2	cloudfunctions.net europe-west1-au-digital.cloudfunctions.net	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	199 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	822 B
1	google.de www.google.de — Cisco Umbrella Rank: 7099	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	249 B
1	shown.io shown.io — Cisco Umbrella Rank: 912264	2 KB
56	16

	Domain	Requested by
9	au-app-a954e.web.app	au-app-a954e.web.app
7	analytics.tiktok.com	au-app-a954e.web.app analytics.tiktok.com
5	www.google-analytics.com	www.googletagmanager.com au-app-a954e.web.app
4	api.amplitude.com	au-app-a954e.web.app
3	trc-events.taboola.com	au-app-a954e.web.app
3	bat.bing.com	www.googletagmanager.com bat.bing.com au-app-a954e.web.app
2	gt.dransay.io	au-app-a954e.web.app
2	tr.outbrain.com	amplify.outbrain.com
2	region1.analytics.google.com	www.googletagmanager.com
2	europe-west1-au-digital.cloudfunctions.net	au-app-a954e.web.app
2	connect.facebook.net	au-app-a954e.web.app connect.facebook.net
2	www.googletagmanager.com	au-app-a954e.web.app www.googletagmanager.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	trc.taboola.com	cdn.taboola.com
1	wave.outbrain.com	amplify.outbrain.com
1	www.google.de	au-app-a954e.web.app
1	stats.g.doubleclick.net	www.googletagmanager.com
1	shown.io	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	cdn.amplitude.com	au-app-a954e.web.app
56	21

This site contains links to these domains. Also see Links.

Domain
www.au-schein.de
au-schein.de

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2024-03-21` - `2024-06-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
misc.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
blog.shown.io R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
dransay.io GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://au-app-a954e.web.app/?type=arznei
Frame ID: F6CD66245CAA0EEAC29A0DDE75B3CDDF
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online-Ärztedienste

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

56
Requests

93 %
HTTPS

53 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

1706 kB
Transfer

6720 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.au-schein.de/

Search URL Search Domain Scan URL

URL: https://au-schein.de/faq
Title: FAQ

Search URL Search Domain Scan URL

URL: https://au-schein.de/mehr-informationen
Title: Mehr Informationen

Search URL Search Domain Scan URL

URL: https://au-schein.de/ueber-uns
Title: Über uns

Search URL Search Domain Scan URL

URL: https://au-schein.de/impressum
Title: Impressum

Search URL Search Domain Scan URL

URL: https://au-schein.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://au-schein.de/agb
Title: AGB

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
au-app-a954e.web.app/ 4 KB
2 KB 72ms
7ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/?type=arznei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6940d0349cc5dd5d29f30add22628e0c53ed0d6c2f9361393fca6548f36569c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 1452
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 12:04:53 GMT
etag: "743642d3ac01a4415f439597292ac9d02f6d70ceada498d6435882464f88eb40-br"
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-fra-eddf8230070-FRA
x-timer: S1711627493.311523,VS0,VE0

GET
H2 200 fonts.538f18f8.css
au-app-a954e.web.app/ 609 B
292 B 8ms
7ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/fonts.538f18f8.css

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bbf4f67be5922af89c68843243a2ef9508463d71fae04d902943c4b333e9f6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/?type=arznei
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230070-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627493.322753,VS0,VE0
etag: "3fda14f571349f1fdc563fbeb2d5bb9290b0ef3138e065f22daa8d5203df6877-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158
x-cache-hits: 5

GET
H2 200 src.5f4a392e.css
au-app-a954e.web.app/ 1 MB
94 KB 8ms
7ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/src.5f4a392e.css

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12b0fd618e14b9390717088769041e43bb27b38b0abf6fc6ad88d6cc8f5f5777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/?type=arznei
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230070-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627493.322894,VS0,VE0
etag: "36c8f1cbbafa98b61c3ea5e17e49b8a9e7e62e426d9dfc1e0d3890a0f077a728-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 95589
x-cache-hits: 5

GET
H3 200 src.641d6b5e.js Show response
au-app-a954e.web.app/ 3 MB
522 KB 9ms
8ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/src.641d6b5e.js

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei

Protocol

Security

QUIC, , AES_256_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c4322e3d2ca7022094e63c8b0ce1dd4503fb4a1bb0fbd6920b8dd2e3a07e7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/?type=arznei
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230082-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627493.335161,VS0,VE2
etag: "18b13adf816ca0449875b58b43b8f2984ce5feb3faeeaff8b0d37cf9fb70815e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 534087
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
101 KB 80ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KCZVHFL

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ecaf63e4208d723e809233852c0e3897f8b2219287fdb2d6ad9bd411778bb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:04:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Mar 2024 12:04:53 GMT

GET
H2 200 amplitude-8.17.0-min.gz.js Show response
cdn.amplitude.com/libs/ 92 KB
27 KB 50ms
8ms Script
application/javascript 13.33.158.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by: Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.158.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-158-112.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
Origin: https://au-app-a954e.web.app
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 26 Oct 2023 08:43:00 GMT
content-encoding: gzip
via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
x-amz-cf-pop: FRA60-P9
age: 13317714
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27400
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
server: AmazonS3
etag: "e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: BUAImV5NH3sxh8uOWjs0eDaLMcWAzutUcKEXndst_Gf-PqOFpO7bFQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 47ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Mar 2024 12:04:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: PQ4Op1sUeX36VOv3A+7B3G2bjJ0SXVkfTScXq30DIh4AJJZZk8HffO49mDDmWkd9ZJiRQLLC7kPh0lTa6hVRRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 531ms
168ms Preflight 52.37.125.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.125.87 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-125-87.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Thu, 28 Mar 2024 12:04:54 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
226 B 182ms
182ms XHR
text/html 52.37.125.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.641d6b5e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.125.87 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-125-87.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://au-app-a954e.web.app/
Cross-Origin-Resource-Policy: cross-origin
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:04:54 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-66055ce6-7a91b703520b133028bcbc89
content-length: 7

GET
H3 200 Poppins-Bold.72d197b0.ttf
au-app-a954e.web.app/ 150 KB
61 KB 8ms
7ms Font
font/ttf 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/Poppins-Bold.72d197b0.ttf

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/fonts.538f18f8.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7219547ee25334cbac0fe4b3acf0bf631e48ebb622c71af038edaaa652c60875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/fonts.538f18f8.css
Origin: https://au-app-a954e.web.app
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230082-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627494.666942,VS0,VE0
etag: "cdba461d44b0bac7ba6122824a801b9cef0a921d7c97af5ae8824b2295f38c96-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/ttf
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62505
x-cache-hits: 2

GET
H3 200 Poppins-Regular.148bac34.ttf
au-app-a954e.web.app/ 155 KB
62 KB 9ms
9ms Font
font/ttf 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/Poppins-Regular.148bac34.ttf

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/fonts.538f18f8.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/fonts.538f18f8.css
Origin: https://au-app-a954e.web.app
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230082-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627494.667220,VS0,VE0
etag: "c6cf10ba23bbe0decf26aa369fa080ce855293bb35ff8e18f398d5b68bec8f71-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/ttf
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 63312
x-cache-hits: 2

GET
H3 200 materialdesignicons-webfont.ebe698dc.woff2
au-app-a954e.web.app/ 376 KB
368 KB 9ms
9ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/materialdesignicons-webfont.ebe698dc.woff2?v=7.0.96

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.5f4a392e.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/src.5f4a392e.css
Origin: https://au-app-a954e.web.app
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230082-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627494.693807,VS0,VE2
etag: "2f0a48db965a1cc264e077a4ffe747a33fa636b81dae9dcf2d524cc76b254a53-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 376883
x-cache-hits: 1

GET
H3 200 Logo-AU-Schein-HighResXXL-NEW_medium_lighter.8f8aeffa.png
au-app-a954e.web.app/ 70 KB
57 KB 8ms
8ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://au-app-a954e.web.app/Logo-AU-Schein-HighResXXL-NEW_medium_lighter.8f8aeffa.png

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/step1

Protocol

Security

QUIC, , AES_256_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20cd787c554b233fcb3c4cc6cf7261fc2e9f91394a93a04541ad2952e9155b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/step1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230082-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627494.701711,VS0,VE0
etag: "09ac9d1a1ae408447534c183476aa5a03d41710c237486afad2e8c607d9db097-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57733
x-cache-hits: 2

POST
H2 200 initApp Show response
europe-west1-au-digital.cloudfunctions.net/ 27 KB
11 KB 197ms
193ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://europe-west1-au-digital.cloudfunctions.net/initApp
Requested by: Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.641d6b5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 59dadf4da581a4d66f7a64320721630978817e9615a1b0cf0bc47fe203808440

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://au-app-a954e.web.app/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: gzip
server: Google Frontend
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: df26d9b630a5436dc2686f25a718c209
cache-control: private
function-execution-id: brbeksjce1k5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11125

GET
H2 200 377642200438651 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/377642200438651?v=2.9.151&r=stable&domain=au-app-a954e.web.app&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14e3a09a12b7d4578f6d8d934fbfc5f5992975de3401f26c36d0042e814e9105

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Mar 2024 12:04:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=63, mss=1326, tbw=63190, tp=-1, tpl=-1, uplat=70, ullat=1
pragma: public
x-fb-debug: UGxHB1g0gNTfO+jdKRilhjNjwoxyin/UC7hDQM2zb3DUtfRa0UYTSksTys//UesJkTRI9dkLXUoowuM90VwGUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
98 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T8LBEJJPD1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCZVHFL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a2b8dd032b7189a8e69656db615a8615a62d89c2eb833756c8e8baeebd4fa24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:04:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100522
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Mar 2024 12:04:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 119ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCZVHFL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Mar 2024 11:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1571
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Mar 2024 13:38:42 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1511488/ 69 KB
21 KB 118ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1511488/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCZVHFL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2187be9c5da6e1dcd89008eb5829cf234ce38a13918613530df8f326bd4d8843

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: y06oFr5X1mbyKePvJVU_rNZmhIOJxFgy
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Mar 2024 12:04:53 GMT
x-amz-request-id: 2QAGVQ5AERCH6Q6D
age: 26
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 21514
x-amz-id-2: 5IQvW8ErfEfR21mz5zK0PVHIxyb6+rDuoBMqLgG2vVJZn1ILQ2NiCQDqLwMp/OUPsOn61ol1rIA=
x-served-by: cache-fra-etou8220133-FRA
last-modified: Sun, 24 Mar 2024 11:16:22 GMT
server: AmazonS3
x-timer: S1711627494.959057,VS0,VE1
etag: "1d24e0b336b0e254ee205f65195cd77d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 140ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCZVHFL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 28 Mar 2024 12:04:53 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5419C72912A4B17B90D1D16E5D28FD4 Ref B: FRA31EDGE0615 Ref C: 2024-03-28T12:04:53Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 27 KB
8 KB 119ms
11ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCZVHFL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fb1afc01c16fdad5719b09ee2f8e5d841b0cdb2a669bdabc8a6eec18cd72c018

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 12:04:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2024 10:20:18 GMT
Server: AkamaiNetStorage
ETag: "b8a546f55dab30983fc9bd403c53bc91:1710757218.439864"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8262
Expires: Thu, 28 Mar 2024 12:24:53 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 465ms
358ms Script
application/javascript 2.16.101.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK06GVRC77UDFRIV14G0&lib=ttq
Requested by: Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.101.88 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-101-88.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6733a2941b36aa027bfec6d28fb10a5c3cae1f9c47f977a75d0ddc126c3bd413

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 53efae0a.cf0c528
date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240328120454EEAB5A22EE2213672F6A-2D69E14F7166C7BF-00
x-cache: TCP_MISS from a2-16-101-84.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 253,2.16.101.84
server-timing: cdn-cache; desc=MISS, edge; dur=311, origin; dur=6, inner; dur=2
content-length: 1772
pragma: no-cache
server: nginx
x-tt-logid: 20240328120454EEAB5A22EE2213672F6A
x-cache-remote: TCP_MISS from a23-48-200-114.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.48.200.114
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec537b6b0106e0dc02ce59a123d76872ca3d2d7a1d845431953f440c5c37dec4170a4caf5259a667e4f19387e90e4f278368b73dbc29b16bb25aa4af171e350c1d9d58b7d58ed9f6714a9faa34a9ad78b49b716bc258a1fb1e871241e244f0cba
expires: Thu, 28 Mar 2024 12:04:54 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 305ms
199ms Script
application/javascript 2.16.101.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CL9M1OJC77UFQUH25EUG&lib=ttq
Requested by: Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/?type=arznei
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.101.88 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-101-88.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f5e2b214b7ec49d0018b6d45741931b4bdd59cd977c63af61e52e7731610c90d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 5af56337.cf0c529
date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240328120454E52B08ADDAF086B5EE0A-4CA8D3F169E053CE-00
x-cache: TCP_MISS from a2-16-101-84.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 161,2.16.101.84
server-timing: cdn-cache; desc=MISS, edge; dur=144, origin; dur=17, inner; dur=3
content-length: 1764
pragma: no-cache
server: nginx
x-tt-logid: 20240328120454E52B08ADDAF086B5EE0A
x-cache-remote: TCP_MISS from a23-48-200-101.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.48.200.101
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec537b6b0106e0dc02ce59a123d76872c98f39fb14dba44bc120ff1da5d92de9c21f6e519156681f1ea3faf0a22899f54de65b66f24ed995dcf43f0fb1bdfa515a2b140b5ec67df8fd2107d047ad1fce979fc13afa01c45fca4236bf1cbeb62c2
expires: Thu, 28 Mar 2024 12:04:54 GMT

GET
H2 200 ke8KWjjz8q Show response
shown.io/metrics/ 3 KB
2 KB 340ms
123ms Script
application/x-javascript 52.186.64.46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://shown.io/metrics/ke8KWjjz8q

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCZVHFL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.186.64.46 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

975a885fc1c3960a2390a2540e02a8bd48970cda1e275319f43d1e8392f99a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-response-id: fb941364-1f90-4ae8-9c4c-1026fe4568d6
content-length: 976
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Apache/2.4.52 (Ubuntu)
etag: "ff4d83b9c76358e01fbba1ec79150e67-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=2628000, public
feature-policy: none
access-control-allow-headers: Upgrade-Insecure-Requests

OPTIONS
H2 204 initApp
europe-west1-au-digital.cloudfunctions.net/ 0
0 257ms
24ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://europe-west1-au-digital.cloudfunctions.net/initApp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 28 Mar 2024 12:04:53 GMT
function-execution-id: brberey1l2nl
server: Google Frontend
x-cloud-trace-context: 98f26d703e63bb529b054988d3833d9b

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 73ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T8LBEJJPD1&gtm=45je43p0v880090169z8859198923za200&_p=1711627493334&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=568502073.1711627494&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711627493&sct=1&seg=0&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&dt=Online-%C3%84rztedienste&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=761
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T8LBEJJPD1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 12:04:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au-app-a954e.web.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 75ms
17ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T8LBEJJPD1&cid=568502073.1711627494&gtm=45je43p0v880090169z8859198923za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T8LBEJJPD1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 12:04:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au-app-a954e.web.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 57ms
38ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T8LBEJJPD1&cid=568502073.1711627494&gtm=45je43p0v880090169z8859198923za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=723751407

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/step1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 12:04:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 47ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T8LBEJJPD1&gtm=45je43p0v880090169z8859198923za200&_p=1711627493334&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=568502073.1711627494&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sid=1711627493&sct=1&seg=0&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&dt=Online-%C3%84rztedienste&_s=2&tfd=785
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T8LBEJJPD1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 12:04:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au-app-a954e.web.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 384ms
87ms Ping
image/gif 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=008335828819803814&referrer=&cht=gtm&marketerId=0015105bd37b4ee1e6b39b8625673468e2&name=PAGE_VIEW&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 12:04:54 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: a004576819cfcfdcf9a3532e1fa68dcb
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 382ms
87ms Script
application/javascript 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=0015105bd37b4ee1e6b39b8625673468e2

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 9b7a98d41a652a07c8aa3cfb55c35eb2
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 0015105bd37b4ee1e6b39b8625673468e2 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 87ms
10ms Script
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/0015105bd37b4ee1e6b39b8625673468e2

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-86.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 28 Mar 2024 12:04:54 GMT
ob-sent-time: 1711597150324
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: ed6ee53931ef9fb9bea9c9b87586caf8
Content-Length: 22
Expires: Thu, 28 Mar 2024 12:05:54 GMT

GET
H2 200 json Show response
trc.taboola.com/1511488/trc/3/ 3 KB
2 KB 53ms
32ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1511488/trc/3/json?tim=1711627494077&data=%7B%22id%22%3A121%2C%22ii%22%3A%22%2Fstep1%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1711627494063%2C%22cv%22%3A%2220240321-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fau-app-a954e.web.app%2Fstep1%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-steffenau-scheinde%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1711627494073%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fau-app-a954e.web.app%2Fstep1%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1511488/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db2a77b3be44a0c82046b8fe5a2451519a294c729c0b42653e6c1529d98e27c8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 17
date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.368125
x-fastly-to-nlb-rtt: 7526
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220133-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1711627494.104563,VS0,VE17
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H3 200 collect
www.google-analytics.com/j/ 0
0 44ms
16ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1479151533&gjid=815465732&cid=568502073.1711627494&tid=UA-145934289-1&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=358639082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,sentry-trace
Access-Control-Request-Method: POST
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 1
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 12:04:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
pragma: no-cache
server: Golfe2
x-content-type-options: nosniff

OPTIONS
H3 200 collect
www.google-analytics.com/j/ 0
0 32ms
16ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=820963942&gjid=143727943&cid=568502073.1711627494&tid=UA-145934289-5&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1401568865

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,sentry-trace
Access-Control-Request-Method: POST
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 1
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 12:04:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
pragma: no-cache
server: Golfe2
x-content-type-options: nosniff

OPTIONS
H3 200 collect
www.google-analytics.com/j/ 0
0 19ms
18ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1243243565&gjid=712545371&cid=568502073.1711627494&tid=UA-145934289-8&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=404949268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,sentry-trace
Access-Control-Request-Method: POST
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 1
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 12:04:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
pragma: no-cache
server: Golfe2
x-content-type-options: nosniff

POST collect
www.google-analytics.com/j/ 0
0

OPTIONS
H3 200 collect
www.google-analytics.com/j/ 0
0 16ms
15ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1162532684&gjid=1716314433&cid=568502073.1711627494&tid=UA-145934289-9&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2000896740

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,sentry-trace
Access-Control-Request-Method: POST
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 1
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 12:04:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
pragma: no-cache
server: Golfe2
x-content-type-options: nosniff

GET
H2 204 343022807.js Show response
bat.bing.com/p/action/ 0
117 B 30ms
29ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343022807.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 28 Mar 2024 12:04:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93670224EF0D4A51A45AB561DD87EC11 Ref B: FRA31EDGE0615 Ref C: 2024-03-28T12:04:54Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343022807&tm=gtm002&Ver=2&mid=add9d47c-e41e-47a6-84ee-6947b26b358c&sid=634947f0ecfb11eebe3791ab76beda8a&vid=6349ae80ecfb11eeb9c97d101fcae944&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Online-%C3%84rztedienste&p=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&r=&lt=467&evt=pageLoad&sv=1&rn=103919

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/step1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 12:04:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69A7090A65B6493AA493D72CAE630969 Ref B: FRA31EDGE0615 Ref C: 2024-03-28T12:04:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWIzOGRhOGZjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 425 KB
112 KB 37ms
37ms Script
application/javascript 2.16.101.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CL9M1OJC77UFQUH25EUG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.101.88 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-101-88.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: cf0c6a0
date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202403181012391E91B302D58B2D4B8131
x-tt-trace-id: 00-2403181012391E91B302D58B2D4B8131-75B69DF252E59D9A-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-101-84.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014879561ef7f3527ea75d83adc6eef023c9831f75b4a9c36212efbc070d047e54f4fd468434330926026ec8df333d00edbb3f42ece6b1a8433dff3f9e8252757e0a2cec2b795455be809cdca8ab15dcd37ef34dfc25c9cd3c36908d2e904c3f80
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 114317

GET
H2 200 identify_05ea2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 17ms
16ms Script
application/javascript 2.16.101.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_05ea2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.101.88 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-101-88.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: cf0c717
date: Thu, 28 Mar 2024 12:04:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202403141348185ACBF29FCC0086C0461A
x-tt-trace-id: 00-2403141348185ACBF29FCC0086C0461A-2D1262CA538F77E9-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-101-84.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0135d3e56cf34dd810789b6fe2bc6cc290cc42d6247c2e48be9e0917e450b9d8212638bc237f7132e4620ffa654ca778dc785170d2c17573eb53a1c32e9d076a006142fb32d5a03115cc2183c64c5d99c603443b964e9c5819ae3174beb8221ec8
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 37226

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
822 B 407ms
108ms Ping
text/plain 23.45.233.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.233.50 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-233-50.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 11177951
date: Thu, 28 Mar 2024 12:04:54 GMT
x-bytefaas-request-id: 202403281204542CA3AC0D1547301C2DCD
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403281204542CA3AC0D1547301C2DCD-79967C8C6950C52F-00
x-cache: TCP_MISS from a23-45-233-46.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54729273) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403281204542CA3AC0D1547301C2DCD
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.56
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01071338e576d3120912a2d25762897a4eab3a6f78aedae78291835b55625052665a27b81c80a5bfd99b52d7b1f4421c040df8d6524a35c96da09df97b544815d02de75494ce186232a937af8878adeb5b7653a6a79d997f54c9400d887a60a363
x-origin-response-time: 9,23.45.233.46
access-control-allow-headers: *
expires: Thu, 28 Mar 2024 12:04:54 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
840 B 141ms
141ms Ping
text/plain 2.16.101.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.101.88 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-101-88.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 90efcfee.cf0c78d
date: Thu, 28 Mar 2024 12:04:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403281204540963AA6295B8337161C7-7C1F0CCE7D85E8B7-00
x-cache: TCP_MISS from a2-16-101-84.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 102,2.16.101.84
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=21, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403281204540963AA6295B8337161C7
x-cache-remote: TCP_MISS from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.220.107.15
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec537b6b0106e0dc02ce59a123d76872c5cb64563b62c4d43035cf7976314e1b598d48e6dd15c3a1a11288a8b0b5d43a594d9e142356423d9ade39fb765c93d3310218f119c955de32487d40e9f984733f896a9315287886c720caae74b8b17c7
access-control-allow-headers: Authorization,*
expires: Thu, 28 Mar 2024 12:04:54 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
839 B 149ms
149ms Ping
text/plain 2.16.101.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.101.88 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-101-88.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2845922a.cf0c7c3
date: Thu, 28 Mar 2024 12:04:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2403281204543A5FC26404FFF116662C-0087D3704DECD135-00
x-cache: TCP_MISS from a2-16-101-84.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 114,2.16.101.84
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=35, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202403281204543A5FC26404FFF116662C
x-cache-remote: TCP_MISS from a104-78-78-93.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,104.78.78.93
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ed1e274d84d9c1d2c7dc50a789993c341613a6a0733830da740c600f4a646562b7b6e07301f6855a06bd7c7b740e3e6606131d60678a87a7e228f99cb6aecdf376e8e373d2e6c895e155dec4bee6229e94298a22daea70335b3d232a658349a28
access-control-allow-headers: Authorization,*
expires: Thu, 28 Mar 2024 12:04:54 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
227 B 180ms
179ms XHR
text/html 52.37.125.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.641d6b5e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.125.87 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-125-87.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://au-app-a954e.web.app/
Cross-Origin-Resource-Policy: cross-origin
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:04:54 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-66055ce6-647fdd114272ff3c230dc37c
content-length: 7

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 167ms
167ms Preflight 52.37.125.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.125.87 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-125-87.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Thu, 28 Mar 2024 12:04:54 GMT
strict-transport-security: max-age=15768000

GET
H3 200 favicon-32x32.7043a05c.png
au-app-a954e.web.app/ 1 KB
1 KB 8ms
7ms Other
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au-app-a954e.web.app/favicon-32x32.7043a05c.png

Protocol

Security

QUIC, , AES_256_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c1449e5de9d9a63510615796f991027fd491304250c382524055594f3777a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/step1
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-eddf8230082-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 28 Mar 2024 12:04:54 GMT
last-modified: Thu, 28 Mar 2024 11:27:25 GMT
x-timer: S1711627494.463255,VS0,VE0
etag: "5081bbf1b68b3e80170e913aa391d1691dbcf642b21e4414906679f651b0d395-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1077
x-cache-hits: 2

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
839 B 212ms
212ms Ping
text/plain 2.16.101.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWIzOGRhOGZjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.101.88 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-101-88.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5af58f38.cf0c971
date: Thu, 28 Mar 2024 12:04:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24032812045443C2DCD16DD89716873F-6A630A655E1B7812-00
x-cache: TCP_MISS from a2-16-101-84.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
x-parent-response-time: 156,2.16.101.84
server-timing: cdn-cache; desc=MISS, edge; dur=139, origin; dur=24, inner; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024032812045443C2DCD16DD89716873F
x-cache-remote: TCP_MISS from a23-48-200-101.deploy.akamaitechnologies.com (AkamaiGHost/11.4.3-54726453) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.48.200.101
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec537b6b0106e0dc02ce59a123d76872c98f39fb14dba44bc120ff1da5d92de9cebacdf562f4e55a0d5e6ed7bb447777e64212a987e25b536e002b1ec0c0252ff67b1416fa2ca1d546cff0f9024d2ae1a966ae2e61a32403b30e3ee15336b4723
access-control-allow-headers: Authorization,*
expires: Thu, 28 Mar 2024 12:04:54 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1511488/log/3/ 0
251 B 39ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1511488/log/3/unip?en=pre_d_eng_tb&tos=1581&scd=0&ssd=1&est=1711627494071&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1711627495653&vi=1711627494063&ri=6f08b8ef36039ddde8c65b73b202c495&ref=null&cv=20240321-9-RELEASE&item-url=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1
Requested by: Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.641d6b5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://au-app-a954e.web.app/
baggage: sentry-environment=production,sentry-transaction=step1,sentry-public_key=4bccdcbf68574d30b853bf4121a1d5a2,sentry-trace_id=026deb5ca29241f795a35f271a505ee0,sentry-sample_rate=1
sentry-trace: 026deb5ca29241f795a35f271a505ee0-9e1d3301ee69ee1f-1
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://au-app-a954e.web.app
pragma: no-cache
date: Thu, 28 Mar 2024 12:04:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1511488/log/3/ 0
0 97ms
13ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1511488/log/3/unip?en=pre_d_eng_tb&tos=1581&scd=0&ssd=1&est=1711627494071&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1711627495653&vi=1711627494063&ri=6f08b8ef36039ddde8c65b73b202c495&ref=null&cv=20240321-9-RELEASE&item-url=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,sentry-trace
Access-Control-Request-Method: GET
Origin: https://au-app-a954e.web.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: baggage,sentry-trace
access-control-allow-origin: https://au-app-a954e.web.app
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Thu, 28 Mar 2024 12:04:55 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H3 200 / Show response
gt.dransay.io/api/1/envelope/ 41 B
838 B 128ms
91ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.dransay.io/api/1/envelope/?sentry_key=4bccdcbf68574d30b853bf4121a1d5a2&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.44.2

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.641d6b5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d5c15ead42811a9ece90db74263684348abd06c5ae0d867ef8ebe4613891eeb

Security Headers

Name	Value
Content-Security-Policy	style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://.glitchtip.com; worker-src 'self' blob:; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; script-src 'self' https://.glitchtip.com; frame-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Mar 2024 12:04:56 GMT
content-security-policy: style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://*.glitchtip.com; worker-src 'self' blob:; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; script-src 'self' https://*.glitchtip.com; frame-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 41
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: DENY
allow: POST
content-language: de
vary: Accept-Language, origin
access-control-allow-origin: *
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnXxE7PnmYCW39bNrSU6Zs0xUjjbUzK6GB%2BFA4Le4DCxqmr%2B853PVxUj2RNBX0g2gohAF%2BCnqNiubHji6eTFVHKE4F2wgCVipJ653MzMEgztKODSzcEjyJVbnMFHyjy7I6woBa%2B72UgFgl2q"}],"group":"cf-nel","max_age":604800}
cf-ray: 86b77c4e6a1e8c3e-FRA

POST
H3 200 / Show response
gt.dransay.io/api/1/envelope/ 41 B
803 B 73ms
72ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gt.dransay.io/api/1/envelope/?sentry_key=4bccdcbf68574d30b853bf4121a1d5a2&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.44.2

Requested by

Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.641d6b5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08a4ce8a9b2446cef21a7b9a287632a6fcf65c5cfd35b0c4ba1143daf787201e

Security Headers

Name	Value
Content-Security-Policy	style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://.glitchtip.com; worker-src 'self' blob:; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; script-src 'self' https://.glitchtip.com; frame-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Mar 2024 12:04:56 GMT
content-security-policy: style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://*.glitchtip.com; worker-src 'self' blob:; default-src 'self'; font-src 'self' https://fonts.gstatic.com data:; script-src 'self' https://*.glitchtip.com; frame-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 41
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: DENY
allow: POST
content-language: de
vary: Accept-Language, origin
access-control-allow-origin: *
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcVDwLOrAjH%2FmhucWOeSUBIRlBiOj6mIyKntL6ns0zQMSiYuWhhgexivPE6CFDH7ALZou53HOol2gc8T%2BYv2%2BI%2FWm62DrrzhTIYuEykU9UeaF4%2B1QWc1LwIsEf9rGUpB%2FpRULqQu2BQgriqo"}],"group":"cf-nel","max_age":604800}
cf-ray: 86b77c4efacd8c3e-FRA

GET
H2 204 unip Show response
trc-events.taboola.com/1511488/log/3/ 0
250 B 13ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1511488/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=0&ssd=1&est=1711627494071&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1711627498654&vi=1711627494063&ri=6f08b8ef36039ddde8c65b73b202c495&ref=null&cv=20240321-9-RELEASE&item-url=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1
Requested by: Host: au-app-a954e.web.app
URL: https://au-app-a954e.web.app/src.641d6b5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://au-app-a954e.web.app/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://au-app-a954e.web.app
pragma: no-cache
date: Thu, 28 Mar 2024 12:04:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1479151533&gjid=815465732&cid=568502073.1711627494&tid=UA-145934289-1&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=358639082

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=820963942&gjid=143727943&cid=568502073.1711627494&tid=UA-145934289-5&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1401568865

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1243243565&gjid=712545371&cid=568502073.1711627494&tid=UA-145934289-8&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=404949268

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1162532684&gjid=1716314433&cid=568502073.1711627494&tid=UA-145934289-9&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2000896740

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
au-app-a954e.web.app/	1970-01-21 05:03:07	Name: AC-C Value: ac-c
.au-app-a954e.web.app/	1970-01-21 04:12:43	Name: amp_d3be56 Value: YeS_eLi_iMxrOqcNN1MXlV...1hq2f5o22.1hq2f5o8t.2.0.2
.au-app-a954e.web.app/	1970-01-20 21:36:43	Name: _gcl_au Value: 1.1.692571118.1711627494
.au-app-a954e.web.app/	1970-01-21 05:03:07	Name: _ga_T8LBEJJPD1 Value: GS1.1.1711627493.1.0.1711627494.59.0.0
.au-app-a954e.web.app/	1970-01-21 05:03:07	Name: _ga Value: GA1.3.568502073.1711627494
.au-app-a954e.web.app/	1970-01-20 19:28:33	Name: _gid Value: GA1.3.1860062811.1711627494
.au-app-a954e.web.app/	1970-01-20 19:27:07	Name: _gat_UA-145934289-1 Value: 1
.au-app-a954e.web.app/	1970-01-20 19:27:07	Name: _gat_UA-145934289-5 Value: 1
.au-app-a954e.web.app/	1970-01-20 19:27:07	Name: _gat_UA-145934289-8 Value: 1
.au-app-a954e.web.app/	1970-01-20 19:27:07	Name: _gat_UA-145934289-9 Value: 1
.au-app-a954e.web.app/	1970-01-20 19:28:33	Name: _uetsid Value: 634947f0ecfb11eebe3791ab76beda8a
.au-app-a954e.web.app/	1970-01-21 04:48:43	Name: _uetvid Value: 6349ae80ecfb11eeb9c97d101fcae944
.bing.com/	1970-01-21 04:48:43	Name: MUID Value: 2808C0F0F23763991C4ED4A0F3BC62E9
.tiktok.com/	1970-01-21 04:48:43	Name: _ttp Value: 2eJfF2ossvadCjHm2uhPryK33HJ
.au-app-a954e.web.app/	1970-01-21 04:48:43	Name: _tt_enable_cookie Value: 1
.au-app-a954e.web.app/	1970-01-21 04:48:43	Name: _ttp Value: XX4SVdFathJjLsEjUkrtG8ZqVkP
au-app-a954e.web.app/	1970-01-20 19:27:07	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1711627494445%7D

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/377642200438651?v=2.9.151&r=stable&domain=au-app-a954e.web.app&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://au-app-a954e.web.app/step1 Message: Access to XMLHttpRequest at 'https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1479151533&gjid=815465732&cid=568502073.1711627494&tid=UA-145934289-1&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=358639082' from origin 'https://au-app-a954e.web.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1479151533&gjid=815465732&cid=568502073.1711627494&tid=UA-145934289-1&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=358639082 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://au-app-a954e.web.app/step1 Message: Access to XMLHttpRequest at 'https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=820963942&gjid=143727943&cid=568502073.1711627494&tid=UA-145934289-5&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1401568865' from origin 'https://au-app-a954e.web.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=820963942&gjid=143727943&cid=568502073.1711627494&tid=UA-145934289-5&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1401568865 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://au-app-a954e.web.app/step1 Message: Access to XMLHttpRequest at 'https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1243243565&gjid=712545371&cid=568502073.1711627494&tid=UA-145934289-8&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=404949268' from origin 'https://au-app-a954e.web.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1243243565&gjid=712545371&cid=568502073.1711627494&tid=UA-145934289-8&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=404949268 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://au-app-a954e.web.app/step1 Message: Access to XMLHttpRequest at 'https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1162532684&gjid=1716314433&cid=568502073.1711627494&tid=UA-145934289-9&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2000896740' from origin 'https://au-app-a954e.web.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1790694658&t=pageview&_s=1&dl=https%3A%2F%2Fau-app-a954e.web.app%2Fstep1&ul=en-us&de=UTF-8&dt=Online-%C3%84rztedienste&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YCDACEABBAAAACAAI~&jid=1162532684&gjid=1716314433&cid=568502073.1711627494&tid=UA-145934289-9&_gid=1860062811.1711627494&_r=1&_slc=1&gtm=45He43p0n81KCZVHFLv859198923za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2000896740 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://au-app-a954e.web.app/step1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.pangle-ads.com
analytics.tiktok.com
api.amplitude.com
au-app-a954e.web.app
bat.bing.com
cdn.amplitude.com
cdn.taboola.com
connect.facebook.net
europe-west1-au-digital.cloudfunctions.net
gt.dransay.io
region1.analytics.google.com
shown.io
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.google-analytics.com
13.33.158.112
141.226.228.48
151.101.65.44
2.16.101.88
2001:4860:4802:34::36
2001:4860:4802:36::36
23.35.237.86
23.45.233.50
2620:0:890::100
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3121::3
52.186.64.46
52.37.125.87
70.42.32.95
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
08a4ce8a9b2446cef21a7b9a287632a6fcf65c5cfd35b0c4ba1143daf787201e
0ecaf63e4208d723e809233852c0e3897f8b2219287fdb2d6ad9bd411778bb06
12b0fd618e14b9390717088769041e43bb27b38b0abf6fc6ad88d6cc8f5f5777
14e3a09a12b7d4578f6d8d934fbfc5f5992975de3401f26c36d0042e814e9105
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20cd787c554b233fcb3c4cc6cf7261fc2e9f91394a93a04541ad2952e9155b25
2187be9c5da6e1dcd89008eb5829cf234ce38a13918613530df8f326bd4d8843
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d8884f3e3ac809c301d102e063ae5be043b7c5b3ffbd279f25fa7f6733dd2c7
59dadf4da581a4d66f7a64320721630978817e9615a1b0cf0bc47fe203808440
6733a2941b36aa027bfec6d28fb10a5c3cae1f9c47f977a75d0ddc126c3bd413
6940d0349cc5dd5d29f30add22628e0c53ed0d6c2f9361393fca6548f36569c1
6c4322e3d2ca7022094e63c8b0ce1dd4503fb4a1bb0fbd6920b8dd2e3a07e7c5
6d5c15ead42811a9ece90db74263684348abd06c5ae0d867ef8ebe4613891eeb
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
7219547ee25334cbac0fe4b3acf0bf631e48ebb622c71af038edaaa652c60875
7c1449e5de9d9a63510615796f991027fd491304250c382524055594f3777a38
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8a2b8dd032b7189a8e69656db615a8615a62d89c2eb833756c8e8baeebd4fa24
975a885fc1c3960a2390a2540e02a8bd48970cda1e275319f43d1e8392f99a4b
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bbf4f67be5922af89c68843243a2ef9508463d71fae04d902943c4b333e9f6c3
bd4c3a41eccea0d5704ed6eb9cd22d25242dddb210cf8e5075b542a8af7cd9fb
db2a77b3be44a0c82046b8fe5a2451519a294c729c0b42653e6c1529d98e27c8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e2b214b7ec49d0018b6d45741931b4bdd59cd977c63af61e52e7731610c90d
fb1afc01c16fdad5719b09ee2f8e5d841b0cdb2a669bdabc8a6eec18cd72c018

au-app-a954e.web.app Open in urlscan Pro 2620:0:890::100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

93 %HTTPS

53 %IPv6

16 Domains

21 Subdomains

20 IPs

4 Countries

1706 kBTransfer

6720 kBSize

17 Cookies

7 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

au-app-a954e.web.app Open in urlscan Pro
2620:0:890::100 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

93 %
HTTPS

53 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

1706 kB
Transfer

6720 kB
Size

17
Cookies

56 HTTP transactions
0 data transactions