allianzewka.tmdi01.com Open in urlscan Pro
2606:4700:3034::6815:26d9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://allianzewka.tmdi01.com/
Submission: On February 14 via automatic, source certstream-suspicious (February 14th 2023, 12:24:41 pm UTC) — Scanned from DE

Summary HTTP 63 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3034::6815:26d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is allianzewka.tmdi01.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 11th 2023. Valid for: a year.

This is the only time allianzewka.tmdi01.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3034::6815:26d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
5	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	108.138.7.100 108.138.7.100	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:ecb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	108.156.61.65 108.156.61.65	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2	52.218.84.18 52.218.84.18	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:fe00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.26.226.116 52.26.226.116	16509 (AMAZON-02) (AMAZON-02)
2	52.29.44.235 52.29.44.235	16509 (AMAZON-02) (AMAZON-02)
63	23

13 2606:4700:3034::6815:26d9 (United States)

ASN13335 (CLOUDFLARENET, US)

allianzewka.tmdi01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o58425.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-100.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ecb (United States)

ASN13335 (CLOUDFLARENET, US)

multiclinic-api.tmdi04.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

8406613.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.61.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-65.ams1.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.84.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:fe00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.26.226.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-226-116.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.44.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-44-235.eu-central-1.compute.amazonaws.com

api.eu.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	tmdi01.com allianzewka.tmdi01.com	1 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 2472 q.stripe.com — Cisco Umbrella Rank: 24898 m.stripe.com — Cisco Umbrella Rank: 2319	110 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	279 B
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 8406613.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 160	4 KB
5	sentry.io o58425.ingest.sentry.io	569 B
4	google.com adservice.google.com — Cisco Umbrella Rank: 129 www.google.com — Cisco Umbrella Rank: 18	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3701	670 B
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4652 api.eu.amplitude.com — Cisco Umbrella Rank: 45199	23 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 93 region1.google-analytics.com — Cisco Umbrella Rank: 1904	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	246 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2697	16 KB
2	amazonaws.com s3-eu-west-1.amazonaws.com	26 KB
2	tmdi04.com multiclinic-api.tmdi04.com staging.tmdi04.com Failed	414 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 109	174 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 468	2 KB
63	15

	Domain	Requested by
13	allianzewka.tmdi01.com	allianzewka.tmdi01.com
6	www.facebook.com	allianzewka.tmdi01.com
5	o58425.ingest.sentry.io	allianzewka.tmdi01.com
3	q.stripe.com	allianzewka.tmdi01.com
3	www.google.de	allianzewka.tmdi01.com
3	www.google.com	allianzewka.tmdi01.com
3	connect.facebook.net	allianzewka.tmdi01.com connect.facebook.net
3	js.stripe.com	allianzewka.tmdi01.com js.stripe.com
2	api.eu.amplitude.com	allianzewka.tmdi01.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	s3-eu-west-1.amazonaws.com	allianzewka.tmdi01.com
2	www.google-analytics.com	www.googletagmanager.com allianzewka.tmdi01.com
2	8406613.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	multiclinic-api.tmdi04.com	allianzewka.tmdi01.com
2	www.googletagmanager.com	allianzewka.tmdi01.com www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	adservice.google.com	8406613.fls.doubleclick.net
1	stats.g.doubleclick.net	allianzewka.tmdi01.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.amplitude.com	cdn.jsdelivr.net
1	cdn.jsdelivr.net	www.googletagmanager.com
0	staging.tmdi04.com Failed	allianzewka.tmdi01.com
63	23

This site contains links to these domains. Also see Links.

Domain
telemedi.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-11` - `2024-02-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.ingest.sentry.io R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.tmdi04.com E1	`2022-12-20` - `2023-03-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-23` - `2023-02-21`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-30`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.eu.amplitude.com Amazon RSA 2048 M01	`2023-02-13` - `2023-09-13`	7 months	crt.sh

This page contains 5 frames:

Primary Page: https://allianzewka.tmdi01.com/
Frame ID: 93585810CC9FF81038D95A7D6E5F226A
Requests: 48 HTTP requests in this frame

Frame: https://allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676376000
Frame ID: 1236D760AB24B891FC091A33838C310F
Requests: 3 HTTP requests in this frame

Frame: https://8406613.fls.doubleclick.net/activityi;dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F
Frame ID: A7FFDF3D25DC17751ABC7377664B3E1E
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: CF86A2DB26136E48173B41B8930D903C
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 29D46A05591431B42F2D91033BEDC0AE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Konto pacjenta

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

63
Requests

95 %
HTTPS

64 %
IPv6

15
Domains

23
Subdomains

23
IPs

4
Countries

2151 kB
Transfer

7580 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://telemedi.com/pl
Title: Go to the Telemedi home page

Search URL Search Domain Scan URL

URL: https://telemedi.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://8406613.fls.doubleclick.net/activityi;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F HTTP 302
https://8406613.fls.doubleclick.net/activityi;dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
allianzewka.tmdi01.com/ 5 KB
3 KB 111ms
88ms Document
text/html 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da95a49c49aff298a3327d5d1c3a1b06378e928dbb464199bb87a05331c75650

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 7995c8158aff9b76-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 14 Feb 2023 12:24:35 GMT
last-modified: Tue, 14 Feb 2023 09:33:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI9CbZgc1uW4JbGvVxUyXYfHSFqtqFaaAbnFeqJDg%2FOURNVIjr3oho%2FNBDSXTM29oNplCKJqqZQmSACIpThjNhj%2BnkPt7v9bjieJ4WJTE6U7rvKTrnRB3xe9DZ5g3Cf5Ht%2BGkFBPrGAK0Dvj6s44VoKOgtU8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-forwarded-proto: https

GET
H2 200 2.baf1f12b.chunk.css
allianzewka.tmdi01.com/static/css/ 26 KB
4 KB 101ms
100ms Stylesheet
text/css 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/static/css/2.baf1f12b.chunk.css
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69824b8792d4a96aa9005c759533a84156e1afa51ba9ad43456e18e6178a5ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:30:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb54ce-682f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JUNLlMVDwsHwoulcPniso2zzxinisGz%2BimVMx4L4ZJK2IZLUXVAuzKrGmb1xQoyXA1rdyj5IIvfellmoGT5LniYp8iUEG97xiM2Db4DLIav8DC%2FjzHMfSdoYdQroVdin55ZjLDuNZoTrfxXO7TrZwU%2FZtbL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c8161bda9b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.19d8b651.chunk.css
allianzewka.tmdi01.com/static/css/ 61 KB
32 KB 123ms
122ms Stylesheet
text/css 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/static/css/main.19d8b651.chunk.css
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fad11b469a74b3c19127f25c1d8d242002a14fb93720cfe1e0b74cb05c7487d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:30:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb54ce-f53d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2bAZClD7XWfrYs3FcC0XirIrmifbRHCgWU6UiJAM4QP5yYxfX%2FFmUDVaW%2FVU2YMyQozsqocJgJHRR3A%2FhqfwJCvHisE60is%2BK62i%2B88%2FI1TFmGbFli6xXFIi1e%2FxGqb3c6R1oPn8WPtC2seqoMzE8PpII5C"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c8161bdc9b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2.b2a4ea06.chunk.js Show response
allianzewka.tmdi01.com/static/js/ 3 MB
900 KB 142ms
141ms Script
application/javascript 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793d8afd5639c0d7f78a542e1293929ea705839bd1edcf8c096891ee9e904f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb5565-333629"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDYnHwVSQLfq4mUaaL5zz5L7GK%2FbRjQCI3oQL4ANe6KDUFK6l8yVPfzOBv77crbRBOTix%2FBUC06777mFKrnLzmj7Z2OQr1nlcA9oQcSXjinSPi1iCPkufuX3%2B9ti1U1c8PiBOnJrWvAoo9hMIaxkNsKB5gqx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c8161bdd9b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.03fb8b9e.chunk.js Show response
allianzewka.tmdi01.com/static/js/ 2 MB
487 KB 147ms
146ms Script
application/javascript 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/static/js/main.03fb8b9e.chunk.js
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c733280f26be8750fa93bffce4636d21500f43c11d8ea6a70c5c0c0243796b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb5568-1ea4d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtIW9DiRpo3XukFy%2FwVlTlsvgEa18bLo8WVpnwL0%2BDjwteVd2ODjNWyecsbodKur6Qs%2BZP19wY8Zhihon9f6DDX0fwRNo%2Bbv0tuKRhmt4b5Dhph%2FwUXA2aT43B83XgozbQk6LsEyZ6VmfT5%2BbyM%2BaD4EZUyZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c8161bde9b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 336 KB
95 KB 131ms
69ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDSDRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95b3de53cb648b931881f009578561fb28ca164e5a23aea7350d00baf0f2ee36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96550
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Feb 2023 12:24:35 GMT

POST
H2 200 / Show response
o58425.ingest.sentry.io/api/5844251/envelope/ 2 B
282 B 70ms
15ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o58425.ingest.sentry.io/api/5844251/envelope/?sentry_key=05454b4ce62549a69cbb9ba029a33bf6&sentry_version=7

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://allianzewka.tmdi01.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 v3 Show response
js.stripe.com/ 436 KB
105 KB 73ms
10ms Script
text/javascript 108.138.7.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-100.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5badbd7445df3e75d7453b8f317ce82b402868203345085dab97a175ce192f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 12:24:35 GMT
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2
x-cache: Hit from cloudfront
last-modified: Mon, 13 Feb 2023 20:34:11 GMT
server: Cloudfront
etag: W/"bddc7b025003060c0279cc3180de50fb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: D7GUeNSP-d8qH9yc-RFiAqw4JV0hC34FW0ULov5oNWFS6XINh3MJ0Q==

GET
BLOB 200
OK dd73cd19-0bf0-467d-acf4-1fd6212949b4
https://allianzewka.tmdi01.com/ 9 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://allianzewka.tmdi01.com/dd73cd19-0bf0-467d-acf4-1fd6212949b4
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f9b7dc6b31cf2700161f242bb577665031a3de726bb3ce1b92075cbbe8ea0fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 8805
Content-Type: text/javascript

OPTIONS
H2 200 graphql
multiclinic-api.tmdi04.com/v1/ Frame 0
0 186ms
83ms Preflight 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://multiclinic-api.tmdi04.com/v1/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://allianzewka.tmdi01.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: https://allianzewka.tmdi01.com
access-control-max-age: 0
cf-cache-status: DYNAMIC
cf-ray: 7995c81a5a5d3655-FRA
content-length: 0
date: Tue, 14 Feb 2023 12:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NK0RTFzLnrjY%2BpOGrKTNqNl3Dkqr%2B4nPCB0fncjqrtageVe3gbZnnibVeIVLs75GiIFPmj%2FfH7PGnZ5HtoU0CLRo7Uun%2FLAPXcVVpfV1wYZOXRLvvrXZq7pecs6plPtE1DM2zpX%2F1NKeT9lmrH5ZQcJk%2FLzHHmce"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 graphql Show response
multiclinic-api.tmdi04.com/v1/ 65 B
414 B 517ms
516ms Fetch
application/json 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://multiclinic-api.tmdi04.com/v1/graphql
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ecee014b1ea9c00de6a523610f279bd0f0597311c4104a1ee2498ba6977d07

Request headers

accept: */*
Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjdWgK%2Fif5kHt5Znjfq5XdSyyHqpVpKbqq1NG%2F4RbUAh9%2FDDIDOn%2BiyrACgpdZW%2FciecQ1F3Ezh6me9PZfN1KirDwYUmujve8jIUzLaoTk2xRQpAm0SegVAEo9NRcBAQuIfFk%2B2unND2yNTGFDgjEPIH0DRai3r2"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://allianzewka.tmdi01.com
access-control-allow-credentials: true
cf-ray: 7995c81adb133655-FRA
x-request-id: 0faca74b-5393-42a3-bee2-674208f4e0a6

GET
H3 200 invisible.js Show response
allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 1236 34 KB
17 KB 15ms
14ms Script
application/javascript 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676376000
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67e44ab842d097b7be28734a24389f28a84eab88c13b87a599808bb4b052ad8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K96sGIRrBdncuEEMmy9hayS9n7vJRiGsn3jvsW3a15oNuOhNIH9XDqe7di740b3Lgy5v79eLxkoG4W3x4Z8xjZPKCOCrpUVXjQ3ucr3PJU4fySskR5aTFmzEzBuUOLQDOJLr5mk4bTSg77zW6mSHYvHllpJ5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7995c819bf085bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/933541347/ 2 KB
1023 B 155ms
80ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933541347/?random=1676377476126&cv=11&fst=1676377476126&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fallianzewka.tmdi01.com%2F&tiba=Konto%20pacjenta&auid=1158328130.1676377476&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSDRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bb798085d2bd7568b9c89c634559eb9dda047a55c1ba93d7c253988d439d2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 858
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/807625801/ 2 KB
1 KB 150ms
78ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/807625801/?random=1676377476133&cv=11&fst=1676377476133&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fallianzewka.tmdi01.com%2F&tiba=Konto%20pacjenta&auid=1158328130.1676377476&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSDRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe47fd590805e555bcc256b9973a9f28185807e007e6a44dcfbe25e56dc1af87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 855
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F Show response
8406613.fls.doubleclick.net/ Frame A7FF
Redirect Chain

https://8406613.fls.doubleclick.net/activityi;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F?
https://8406613.fls.doubleclick.net/activityi;dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2F...

402 B
572 B

62ms
61ms

Document
text/html

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8406613.fls.doubleclick.net/activityi;dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSDRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

e0ae8031c8411cf1f1717ba9bae22e56c1fa9c8d142dde6b3d5992e6dc426bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allianzewka.tmdi01.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 12:24:36 GMT
expires: Tue, 14 Feb 2023 12:24:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 12:24:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8406613.fls.doubleclick.net/activityi;dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.js Show response
cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.0.0-beta.4/dist/ 3 KB
2 KB 34ms
14ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.0.0-beta.4/dist/index.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSDRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1fa6c762b28dbce356dfb6452b6d01414df5795cb19416d4dbcfcebc7954609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4647689
x-jsd-version: 3.0.0-beta.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230125-FRA, cache-yyz4549-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"bac-0VpvdzXbMJ+jgcJOcc5e2QpfEvA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjeTYrfCPugBX4uZOIGmYrd8EHR6SWSn7a3ppnuFNg4cjYkBSiuYx0Mys%2Flo1EMffUqb5kWL2%2BB127q3JWL0DY7dNxJ3E2YgDG0Vl6BqAeLsnDRbAzTlIr1mrdB5ZkjDnaQI2c57r5T%2FOL0SEbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7995c81a0cb0902e-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 42ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 12:24:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: piEy/fssX3e1epceSKbU2nFh/KIMw+QEoXGzAA/YjJxdLFWv5x1Rej7DBkOVflh8SnNkaTIyuEXg2aWchC11sg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
79 KB 51ms
50ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6D2X5MH8BC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSDRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30442901649d9636a34fb06602806a025eb9733d26cbf4ae72a74dab73866df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 12:24:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDSDRR&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 11:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4350
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Feb 2023 13:12:06 GMT

GET
H3 200 pica.js
allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1236 17 KB
9 KB 13ms
13ms Other
application/javascript 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a282685541d473a91c41d800c4a858d52fd23d189b6058a812f6d42a3aa73c98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jP1htqCa1RS9W%2FHcvUTnH%2ByXQNNiik3aosrzZauD1O5E9FL5s5PF%2FMk8OLraFmQCHK6pVPju220y%2BY1DMhXjVdXJYlTdGvrPuS3TKZQHkKElhEPugkhj7pAxjrSuZfzubjzciHCuxL7EswsOHavgeOJeowSk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7995c81a0f375bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 marketing-analytics-browser-0.2.0-min.js.gz Show response
cdn.amplitude.com/libs/ 71 KB
22 KB 676ms
632ms Script
application/javascript 108.156.61.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/marketing-analytics-browser-0.2.0-min.js.gz
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.0.0-beta.4/dist/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-65.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30bddbec673355648c2111f7fb82cdad04e365711a47237bedd3bdd4a12c2715

Request headers

Referer: https://allianzewka.tmdi01.com/
Origin: https://allianzewka.tmdi01.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:37 GMT
content-encoding: gzip
via: 1.1 d3a48a8630785a2a858cfdeb83e66c24.cloudfront.net (CloudFront)
x-amz-version-id: JGlvVrMe6IDeqBHOqKaq3R8yl8npAlxl
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 22165
last-modified: Tue, 04 Oct 2022 18:43:29 GMT
server: AmazonS3
etag: "a1ce30627c401c15d3ff8413aee8b702"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: ETwufxmdG54mdrUrPdrOCLlgFzyJDve6KOm_CcRl_mz1inOe9c9Vqw==

GET
H2 200 1058624847829921 Show response
connect.facebook.net/signals/config/ 379 KB
109 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1058624847829921?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b4ac7a7eea458c8c9199cda713d6b8bcb67c64c02cab6913032a90e14cee6bb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 12:24:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111306
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4536MClVl1Hu1JoEIyc2XdzbrRGSA1vgZeI/GnTGoqE945F38pJefcszzjV+Per5tatw6XIk42o65+P1sdGsRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6D2X5MH8BC&gtm=45je32d0&_p=1245525560&cid=1986620137.1676377476&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676377476&sct=1&seg=0&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2F&dt=Konto%20pacjenta&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D2X5MH8BC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://allianzewka.tmdi01.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 383829475450463 Show response
connect.facebook.net/signals/config/ 382 KB
109 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/383829475450463?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

69fd9eab699dd34c813183f27349a6a628ee69f6ed1b09fcd108b18deb7f22ae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 12:24:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111767
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3ouj0RO1K4ki/OHXMDzGJ68eIeMLd4K7Dqzmk7Vv1F0jg3oD1vSec8leLuN98aOxqsJgM4EBtHAjNzDxV3tZ6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 41ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1058624847829921&ev=PageView&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2F&rl=&if=false&ts=1676377476281&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1676377476280.1267551931&it=1676377476206&coo=false&rqm=GET

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 12:24:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 7995c8158aff9b76 Show response
allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1236 2 B
699 B 22ms
22ms XHR
text/plain 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/cv/result/7995c8158aff9b76
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676376000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEi2o92IsXA6MEYv5w05YOQqIfd63SsmLn5RNY%2Fq1nI4wDoVKJoKwpZPe%2Fc47YrCywuCA53IiLkESnmbtQ6kXGmKoe8H6MxJZOzFtSbYn7xLSiJT6pcKIWBwZ5lym39orbim%2F5E1Kh2FssB1ICifbDXOdavy"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7995c81bb90c5bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-55177773-1&cid=1986620137.1676377476&jid=2118143943&gjid=852991034&_gid=1431869090.1676377476&_u=YCDAiEABBAAAAEAAI~&z=1600439079

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Feb 2023 12:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://allianzewka.tmdi01.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 20ms
19ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1245525560&t=pageview&_s=1&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2F&ul=en-us&de=UTF-8&dt=Konto%20pacjenta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAAAAI~&jid=2118143943&gjid=852991034&cid=1986620137.1676377476&tid=UA-55177773-1&_gid=1431869090.1676377476&gtm=45He32d0n71TDSDRR&z=1693225928

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 21:01:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55383
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=*;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F
adservice.google.com/ddm/fls/z/ Frame A7FF 42 B
401 B 73ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=*;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F

Requested by

Host: 8406613.fls.doubleclick.net
URL: https://8406613.fls.doubleclick.net/activityi;dc_pre=CNT579-Alf0CFU4HogMd1tgGlw;src=8406613;type=invmedia;cat=telem0;ord=6946091491294;gtm=45He32d0;auiddc=1158328130.1676377476;~oref=https%3A%2F%2Fallianzewka.tmdi01.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8406613.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/807625801/ 42 B
108 B 113ms
46ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/807625801/?random=1676377476133&cv=11&fst=1676376000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fallianzewka.tmdi01.com%2F&tiba=Konto%20pacjenta&fmt=3&is_vtc=1&random=4282341747&rmt_tld=0&ipr=y

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/807625801/ 42 B
108 B 124ms
49ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/807625801/?random=1676377476133&cv=11&fst=1676376000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fallianzewka.tmdi01.com%2F&tiba=Konto%20pacjenta&fmt=3&is_vtc=1&random=4282341747&rmt_tld=1&ipr=y

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/933541347/ 42 B
455 B 111ms
45ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/933541347/?random=1676377476126&cv=11&fst=1676376000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fallianzewka.tmdi01.com%2F&tiba=Konto%20pacjenta&fmt=3&is_vtc=1&random=329580473&rmt_tld=0&ipr=y

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/933541347/ 42 B
455 B 120ms
46ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/933541347/?random=1676377476126&cv=11&fst=1676376000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fallianzewka.tmdi01.com%2F&tiba=Konto%20pacjenta&fmt=3&is_vtc=1&random=329580473&rmt_tld=1&ipr=y

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=383829475450463&ev=PageView&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2F&rl=&if=false&ts=1676377476461&cd[utm_source]=undefined&cd[utm_medium]=undefined&cd[utm_campaign]=undefined&cd[utm_content]=undefined&cd[utm_term]=undefined&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676377476280.1267551931&it=1676377476206&coo=false&rqm=GET

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 12:24:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 72ms
56ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-55177773-1&cid=1986620137.1676377476&jid=2118143943&_u=YCDAiEABBAAAAEAAI~&z=1219287882

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 81ms
57ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-55177773-1&cid=1986620137.1676377476&jid=2118143943&_u=YCDAiEABBAAAAEAAI~&z=1219287882

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 12:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
o58425.ingest.sentry.io/api/5844251/envelope/ 41 B
110 B 17ms
16ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o58425.ingest.sentry.io/api/5844251/envelope/?sentry_key=05454b4ce62549a69cbb9ba029a33bf6&sentry_version=7

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

cb5ff20683ceb5e53c4351623781a500e36719ce72f2a18c5ecc65840912562a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://allianzewka.tmdi01.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 / Show response
o58425.ingest.sentry.io/api/5844251/envelope/ 41 B
59 B 10ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o58425.ingest.sentry.io/api/5844251/envelope/?sentry_key=05454b4ce62549a69cbb9ba029a33bf6&sentry_version=7

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4e38bf204035a6a5912ce556975bd32f5c8849afd8bbef8774662e3a91acf3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://allianzewka.tmdi01.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 / Show response
o58425.ingest.sentry.io/api/5844251/envelope/ 41 B
59 B 13ms
12ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o58425.ingest.sentry.io/api/5844251/envelope/?sentry_key=05454b4ce62549a69cbb9ba029a33bf6&sentry_version=7

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c3355c478951444a74e75942a9f64b878064dd334c1df6a64f4db8c84f35b217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://allianzewka.tmdi01.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1058624847829921&ev=PageView&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2Fen%2Fclinic-not-found&rl=&if=false&ts=1676377476824&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=1&o=30&cs_est=true&fbp=fb.1.1676377476280.1267551931&it=1676377476206&coo=false&rqm=GET

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/en/clinic-not-found

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 12:24:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=383829475450463&ev=PageView&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2Fen%2Fclinic-not-found&rl=&if=false&ts=1676377476825&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&cs_est=true&fbp=fb.1.1676377476280.1267551931&it=1676377476206&coo=false&rqm=GET

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/en/clinic-not-found

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 12:24:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 en.b3b61365.svg
allianzewka.tmdi01.com/static/media/ 3 KB
1 KB 90ms
88ms Image
image/svg+xml 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allianzewka.tmdi01.com/static/media/en.b3b61365.svg
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/en/clinic-not-found
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a70a335a90f89ae29c66798e7e66246f5ea17f763e6860799b45d4ed764e20c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/en/clinic-not-found
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:30:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb54cd-b02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDqnWeol1w9mZ3JIka%2BaEajztX9xgNroC5nEEgP6QaedYEQj6A%2BNpPjexIoZrXnBU%2BKE1I3dc3yfVeS2aZ9UKpDyP%2BY7%2FHlGMs7jFNCZqFfxOmyf%2FHLpt81K8mG00u8lzKy1mlWqprmL9LGC7V%2B5lGIZw1BH"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c81e7af45bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 clinic-not-found.b493d531.png
allianzewka.tmdi01.com/static/media/ 71 KB
71 KB 126ms
124ms Image
image/png 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allianzewka.tmdi01.com/static/media/clinic-not-found.b493d531.png
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/en/clinic-not-found
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370f86086b70a7b6b744ac2da73cbd5a0ed9920c652e705314983a424ad31aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/en/clinic-not-found
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:30:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63eb54cd-11a4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C49N1CP%2F7Eb6ai4DNChPXr9Hd3NeEuL1YGfTWAqq6BIvNqU9XmbfnNalYKOqflEgTnhQMMZoFsvdvjDV0o%2Fvob2AbB8JWMPIRduqhuaj22Ph1Q9b4aJnZZiHHz7RRNGw8GajD4LHav%2BqfwqUYobCLI%2FI2f9Q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
x-forwarded-proto: https
cf-ray: 7995c81e7af55bdd-FRA
content-length: 72267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pl.b76ba4c2.svg
allianzewka.tmdi01.com/static/media/ 2 KB
1 KB 83ms
82ms Image
image/svg+xml 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allianzewka.tmdi01.com/static/media/pl.b76ba4c2.svg
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/en/clinic-not-found
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c605dcd8fd1c1d8fddfada6691cf0f140affc055a374174f1e3cc1f1e2c37b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/en/clinic-not-found
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:30:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb54cd-633"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9VBi5BiY%2BKLe60DHBQDziTfm2OUVuImC7H34ko5No1JzHJz0MgkNCJ4g5B7lx79F1qkm%2B9pgNDgo%2Fa2%2BG8jxYMjRQQVzKF9MI5SXUJh73Q6xcT3RtA0IPdvmyZhvqZy994TVMZwhV%2Bl4ZwZzuSDaRNq%2FFTx"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c81e7af75bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 es.576ad1e4.svg
allianzewka.tmdi01.com/static/media/ 2 KB
1 KB 87ms
86ms Image
image/svg+xml 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allianzewka.tmdi01.com/static/media/es.576ad1e4.svg
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/en/clinic-not-found
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02777f8d9539c8f9d4f9a305bf2a344748fcd11baa85ac9b14c83a36dc5636a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/en/clinic-not-found
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:30:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb54cd-638"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BCKjqofbSMAQHB1OWhBleOnSF7gUU%2BIr3ao%2BP%2B1w7kDNta4gkfiqwJ58uPO4Ly9zC1Jr7DesXj%2Fzf9cCBSSyQg736zPyDu4PsEUgKdlxBiHXAsshd8yFjh%2FdjqsPBeVrjRKHGW07Oxmnmmu5dh%2FYfMZVbp%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c81e7af85bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ua.5dee4bea.svg
allianzewka.tmdi01.com/static/media/ 2 KB
1 KB 108ms
106ms Image
image/svg+xml 2606:4700:3034::6815:26d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allianzewka.tmdi01.com/static/media/ua.5dee4bea.svg
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/en/clinic-not-found
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:26d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2bf0dca5328d98c907acac7aa8153bee92cd263d6e7649148ae0042b7923ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/en/clinic-not-found
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:24:36 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 09:30:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63eb54cd-606"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97RD1eYJCYAQwCMOJBOz%2BMxSVQl%2BQF6Y4YdK3fx9I1ACMcdlYpydKb1cvbPe4oFIoncpGZBAulhK2eUmVbydxleHd9Ixt3%2FTr4wgNvvz98PsIbKxb99Jzts8z74SnfRVvXADcPmaii1PYcR8UvF%2F98xpD0GF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-forwarded-proto: https
cf-ray: 7995c81e7af95bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET clinics
staging.tmdi04.com/api/v2/ 0
0

GET
H/1.1 200
OK WF-036568-011668-002848-3e70bbf76b21923033b26d6936d5176d.woff2
s3-eu-west-1.amazonaws.com/fonts-ireland.typotheque.com/ 12 KB
13 KB 146ms
71ms Font
application/font-woff2 52.218.84.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/fonts-ireland.typotheque.com/WF-036568-011668-002848-3e70bbf76b21923033b26d6936d5176d.woff2
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/css/main.19d8b651.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.84.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e489a58b2aba7cd9d2f1b40f4b13641c437577cfe833fa22b0de32e75ae2ab06

Request headers

Referer: https://allianzewka.tmdi01.com/
Origin: https://allianzewka.tmdi01.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 12:24:37 GMT
Content-Encoding: gzip
x-amz-request-id: BKZ99T1KMASC3KA3
x-amz-meta-domains: telemedi\.co|.*\.telemedi\.co
Content-Length: 12611
x-amz-id-2: r/7xzyqMmV0gtk/MxlEvNzvKT74ZeHaW7U2hOnZPwIT/hI6U0VXW5lWN9KgdnFiTzj1puZgo97A=
Last-Modified: Wed, 19 Jan 2022 08:19:41 GMT
Server: AmazonS3
ETag: "ff30a2e5d7bbe8c97ee6c626d908511a"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
x-amz-meta-webfont-cache: 60
Cache-Control: max-age=2678400
Content-Type: application/font-woff2
Accept-Ranges: bytes

GET
H/1.1 200
OK WF-036568-011668-002844-592567efceab69f64c9d65225e4009a2.woff2
s3-eu-west-1.amazonaws.com/fonts-ireland.typotheque.com/ 12 KB
13 KB 135ms
58ms Font
application/font-woff2 52.218.84.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/fonts-ireland.typotheque.com/WF-036568-011668-002844-592567efceab69f64c9d65225e4009a2.woff2
Requested by: Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/css/main.19d8b651.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.84.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7eaaf3df93062a2d3f757a9ab8f6ced074b4ca02184ddb52b940cb15376954d1

Request headers

Referer: https://allianzewka.tmdi01.com/
Origin: https://allianzewka.tmdi01.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 12:24:37 GMT
Content-Encoding: gzip
x-amz-request-id: BKZ4B7JMJKR4W95A
x-amz-meta-domains: telemedi\.co|.*\.telemedi\.co
Content-Length: 12607
x-amz-id-2: tlqVabd+x78pzAvHHbStxku/p69DMotHXl1pGaOixkdcydoDnoKJqxCiw8k4gWMGC91/IHmykQE=
Last-Modified: Wed, 19 Jan 2022 08:19:41 GMT
Server: AmazonS3
ETag: "5c15901286592dab20944494ee45a7a3"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
x-amz-meta-webfont-cache: 60
Cache-Control: max-age=2678400
Content-Type: application/font-woff2
Accept-Ranges: bytes

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame CF86 200 B
1 KB 9ms
9ms Document
text/html 108.138.7.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-100.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://allianzewka.tmdi01.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 785
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 12:11:44 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Mon, 06 Feb 2023 18:41:51 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-id: jmLLqDyspHMaOJS-vT1K6CRUhn3jNETbpuq_oDDIHxjHDFQ05rd4-w==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame CF86 0
601 B 602ms
173ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Feb 2023 12:24:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame CF86 0
600 B 603ms
174ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Feb 2023 12:24:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CF86 631 B
1 KB 11ms
11ms Script
text/javascript 108.138.7.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-100.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 14 Feb 2023 12:11:33 GMT
x-content-type-options: nosniff
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 784
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 09 Feb 2023 23:29:42 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YlPDjB_Q87ohf-4x1X2UDBqzFi_LGgGQCM7Z_0vKIDlm2LszKJDmeg==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 29D4 930 B
2 KB 70ms
8ms Document
text/html 2600:9000:2057:fe00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 118
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 12:22:51 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: 3J6y8ov5e9hHQAQ_oawhQEVWr6UBuq4MLEeBHDjSD-hxjubI22DFbg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 29D4 0
374 B 507ms
174ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Tue, 14 Feb 2023 12:24:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 29D4 86 KB
14 KB 15ms
15ms Script
text/javascript 2600:9000:2057:fe00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 12:22:22 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 140
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: wljHMHwpe_GlKuOsh34S3YT1rFIGoWj7AE4S2UzWEny-hHkn-uEXvw==

POST
H2 200 6 Show response
m.stripe.com/ Frame 29D4 156 B
553 B 552ms
176ms XHR
application/json 52.26.226.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.226.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-226-116.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0f82e2ca5fcc0c2f45c4fbf125b86d25bcced9eac8b2df5e15f4f23101f6fa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 14 Feb 2023 12:24:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1058624847829921&ev=Microdata&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2Fen%2Fclinic-not-found&rl=&if=false&ts=1676377477784&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Konto%20pacjenta%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1676377476280.1267551931&it=1676377476206&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 12:24:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 / Show response
o58425.ingest.sentry.io/api/5844251/envelope/ 41 B
59 B 10ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o58425.ingest.sentry.io/api/5844251/envelope/?sentry_key=05454b4ce62549a69cbb9ba029a33bf6&sentry_version=7

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4cb2510c38c52dc20daab8692f84255616445675ae488ce0816a903719b8f795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 12:24:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://allianzewka.tmdi01.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=383829475450463&ev=Microdata&dl=https%3A%2F%2Fallianzewka.tmdi01.com%2Fen%2Fclinic-not-found&rl=&if=false&ts=1676377477963&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Konto%20pacjenta%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=2&o=30&fbp=fb.1.1676377476280.1267551931&it=1676377476206&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://allianzewka.tmdi01.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 12:24:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 httpapi Show response
api.eu.amplitude.com/2/ 94 B
287 B 22ms
22ms Fetch
application/json 52.29.44.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.amplitude.com/2/httpapi

Requested by

Host: allianzewka.tmdi01.com
URL: https://allianzewka.tmdi01.com/static/js/2.b2a4ea06.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.44.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-44-235.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c9c0da6de0f18427687ac2455ee1aa67a89fe1739c80cbc721d1620fbc170650

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://allianzewka.tmdi01.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 14 Feb 2023 12:24:38 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63eb7d86-2a22467c3ccd9c9664a3de7b
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api.eu.amplitude.com/2/ Frame 0
0 42ms
9ms Preflight 52.29.44.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eu.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.44.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-44-235.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://allianzewka.tmdi01.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Feb 2023 12:24:38 GMT
strict-transport-security: max-age=15768000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: staging.tmdi04.com
URL: https://staging.tmdi04.com/api/v2/clinics?limit=100

Domain: staging.tmdi04.com
URL: https://staging.tmdi04.com/api/v2/clinics?limit=100

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tmdi01.com/	1970-01-20 11:49:13	Name: _gcl_au Value: 1.1.1158328130.1676377476
.tmdi01.com/	1970-01-20 11:49:13	Name: _fbp Value: fb.1.1676377476280.1267551931
.doubleclick.net/	1970-01-20 19:01:13	Name: IDE Value: AHWqTUm2CLeIeuT8Sxrq7bLzPF9-z0rCGTWgAtfJlejO7MfKR2ea2nVbUTssRLMZ80w
.tmdi01.com/	1970-01-20 19:15:37	Name: _ga Value: GA1.2.1986620137.1676377476
.tmdi01.com/	1970-01-20 09:41:03	Name: _gid Value: GA1.2.1431869090.1676377476
.tmdi01.com/	1970-01-20 09:39:37	Name: _dc_gtm_UA-55177773-1 Value: 1
.tmdi01.com/	1970-01-20 09:39:39	Name: __cf_bm Value: 95HcboVD2VT2MPk7GqcPGVNC_9ahapvy9ay0EpTXCS8-1676377476-0-Ac36c5CBQXXcNj/8ggkYBMVHkNymTOzwQehUw3+tS52SwIkymlkrzjDggPwi+tFqRmlP2RHP3WxIVH/PJBYfOw03ezZPr+ONHYmfRb3Cvc3MalVfsQm+Knah7dNPKO244WkRUT/+zavYQOnR8iGRxZw=
.tmdi01.com/	1970-01-20 18:25:13	Name: AMP_MKTG_258db7eb38 Value: JTdCJTdE
.tmdi01.com/	1970-01-20 18:25:13	Name: AMP_258db7eb38 Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjQxYzRkOWZmLWI0ZDktNDM3NC04NTZmLTUxZDIyMWRiYzg4MCUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjc2Mzc3NDc3MDE5JTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY3NjM3NzQ3Njk5OCU3RA==
m.stripe.com/	1970-01-20 19:15:37	Name: m Value: 36e5aa82-9d62-4cb8-a6c7-f57d29f7f6cb4ecafc
.allianzewka.tmdi01.com/	1970-01-20 18:25:13	Name: __stripe_mid Value: 881d43f7-50eb-4153-97a4-ba9f9ca2b18fa107f6
.allianzewka.tmdi01.com/	1970-01-20 09:39:39	Name: __stripe_sid Value: 9bd8dccb-fb01-45fd-953c-2a27ac52329db5d972
.tmdi01.com/	1970-01-20 19:15:37	Name: _ga_6D2X5MH8BC Value: GS1.1.1676377476.1.1.1676377477.0.0.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://allianzewka.tmdi01.com/en/clinic-not-found Message: Access to XMLHttpRequest at 'https://staging.tmdi04.com/api/v2/clinics?limit=100' from origin 'https://allianzewka.tmdi01.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://staging.tmdi04.com/api/v2/clinics?limit=100 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://allianzewka.tmdi01.com/en/clinic-not-found Message: Access to XMLHttpRequest at 'https://staging.tmdi04.com/api/v2/clinics?limit=100' from origin 'https://allianzewka.tmdi01.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://staging.tmdi04.com/api/v2/clinics?limit=100 Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8406613.fls.doubleclick.net
adservice.google.com
allianzewka.tmdi01.com
api.eu.amplitude.com
cdn.amplitude.com
cdn.jsdelivr.net
connect.facebook.net
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
multiclinic-api.tmdi04.com
o58425.ingest.sentry.io
q.stripe.com
region1.google-analytics.com
s3-eu-west-1.amazonaws.com
staging.tmdi04.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
staging.tmdi04.com
108.138.7.100
108.156.61.65
142.250.180.230
2001:4860:4802:32::36
2600:9000:2057:fe00:19:7d10:bd80:93a1
2606:4700:20::681a:ecb
2606:4700:3034::6815:26d9
2606:4700::6810:5614
2a00:1450:4001:829::2002
2a00:1450:400c:c0b::9a
2a00:1450:400d:804::2008
2a00:1450:400d:806::2003
2a00:1450:400d:806::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.120.195.249
52.218.84.18
52.26.226.116
52.29.44.235
54.186.23.98
02777f8d9539c8f9d4f9a305bf2a344748fcd11baa85ac9b14c83a36dc5636a1
0f82e2ca5fcc0c2f45c4fbf125b86d25bcced9eac8b2df5e15f4f23101f6fa4e
1f9b7dc6b31cf2700161f242bb577665031a3de726bb3ce1b92075cbbe8ea0fb
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b4ac7a7eea458c8c9199cda713d6b8bcb67c64c02cab6913032a90e14cee6bb
2c605dcd8fd1c1d8fddfada6691cf0f140affc055a374174f1e3cc1f1e2c37b2
30442901649d9636a34fb06602806a025eb9733d26cbf4ae72a74dab73866df6
30bddbec673355648c2111f7fb82cdad04e365711a47237bedd3bdd4a12c2715
370f86086b70a7b6b744ac2da73cbd5a0ed9920c652e705314983a424ad31aba
3c733280f26be8750fa93bffce4636d21500f43c11d8ea6a70c5c0c0243796b9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cb2510c38c52dc20daab8692f84255616445675ae488ce0816a903719b8f795
4e38bf204035a6a5912ce556975bd32f5c8849afd8bbef8774662e3a91acf3d8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a70a335a90f89ae29c66798e7e66246f5ea17f763e6860799b45d4ed764e20c
5badbd7445df3e75d7453b8f317ce82b402868203345085dab97a175ce192f7c
67e44ab842d097b7be28734a24389f28a84eab88c13b87a599808bb4b052ad8e
69824b8792d4a96aa9005c759533a84156e1afa51ba9ad43456e18e6178a5ccd
69fd9eab699dd34c813183f27349a6a628ee69f6ed1b09fcd108b18deb7f22ae
7eaaf3df93062a2d3f757a9ab8f6ced074b4ca02184ddb52b940cb15376954d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bb798085d2bd7568b9c89c634559eb9dda047a55c1ba93d7c253988d439d2a1
8fad11b469a74b3c19127f25c1d8d242002a14fb93720cfe1e0b74cb05c7487d
95b3de53cb648b931881f009578561fb28ca164e5a23aea7350d00baf0f2ee36
9793d8afd5639c0d7f78a542e1293929ea705839bd1edcf8c096891ee9e904f1
a282685541d473a91c41d800c4a858d52fd23d189b6058a812f6d42a3aa73c98
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c1fa6c762b28dbce356dfb6452b6d01414df5795cb19416d4dbcfcebc7954609
c3355c478951444a74e75942a9f64b878064dd334c1df6a64f4db8c84f35b217
c9c0da6de0f18427687ac2455ee1aa67a89fe1739c80cbc721d1620fbc170650
cb5ff20683ceb5e53c4351623781a500e36719ce72f2a18c5ecc65840912562a
d2bf0dca5328d98c907acac7aa8153bee92cd263d6e7649148ae0042b7923ec9
da95a49c49aff298a3327d5d1c3a1b06378e928dbb464199bb87a05331c75650
e0ae8031c8411cf1f1717ba9bae22e56c1fa9c8d142dde6b3d5992e6dc426bcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e489a58b2aba7cd9d2f1b40f4b13641c437577cfe833fa22b0de32e75ae2ab06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ecee014b1ea9c00de6a523610f279bd0f0597311c4104a1ee2498ba6977d07
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fe47fd590805e555bcc256b9973a9f28185807e007e6a44dcfbe25e56dc1af87

allianzewka.tmdi01.com Open in urlscan Pro 2606:4700:3034::6815:26d9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

64 %IPv6

15 Domains

23 Subdomains

23 IPs

4 Countries

2151 kBTransfer

7580 kBSize

13 Cookies

2 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

allianzewka.tmdi01.com Open in urlscan Pro
2606:4700:3034::6815:26d9 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

64 %
IPv6

15
Domains

23
Subdomains

23
IPs

4
Countries

2151 kB
Transfer

7580 kB
Size

13
Cookies

63 HTTP transactions
0 data transactions