vpn.www.katjasedlmeier.de Open in urlscan Pro
45.138.175.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vpn.www.katjasedlmeier.de/
Submission: On December 19 via automatic, source certstream-suspicious (December 19th 2023, 9:24:34 pm UTC) — Scanned from DE

Summary HTTP 22 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 45.138.175.224, located in Germany and belongs to AUROLOGIC aurologic GmbH, DE. The main domain is vpn.www.katjasedlmeier.de.
TLS certificate: Issued by R3 on December 19th 2023. Valid for: 3 months.

This is the only time vpn.www.katjasedlmeier.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	45.138.175.224 45.138.175.224	30823 (AUROLOGIC...) (AUROLOGIC aurologic GmbH)
16	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	94.130.226.120 94.130.226.120	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
22	6

1 45.138.175.224 (Germany)

ASN30823 (AUROLOGIC aurologic GmbH, DE)

vpn.www.katjasedlmeier.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.funnelcockpit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.226.120 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.120.226.130.94.clients.your-server.de

api.funnelcockpit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	funnelcockpit.com static.funnelcockpit.com — Cisco Umbrella Rank: 788925 api.funnelcockpit.com — Cisco Umbrella Rank: 776431	5 MB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	91 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	katjasedlmeier.de vpn.www.katjasedlmeier.de	17 KB
22	4

	Domain	Requested by
16	static.funnelcockpit.com	vpn.www.katjasedlmeier.de static.funnelcockpit.com
2	api.funnelcockpit.com	static.funnelcockpit.com
2	connect.facebook.net	vpn.www.katjasedlmeier.de connect.facebook.net
1	www.facebook.com	vpn.www.katjasedlmeier.de
1	vpn.www.katjasedlmeier.de
22	5

This site contains links to these domains. Also see Links.

Domain
affirmationskarten.katjasedlmeier.de
calendly.com
freebie.katjasedlmeier.de
www.katjasedlmeier.de
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
vpn.www.katjasedlmeier.de R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
funnelcockpit.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.funnelcockpit.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-01` - `2024-10-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://vpn.www.katjasedlmeier.de/
Frame ID: B3B790BEE7C23F83A341B3E9BA5BC665
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MindfulMama

Detected technologies

Microsoft Word (Editors) Expand

Overall confidence: 100%
Detected patterns

(?:<html [^>]*xmlns:w="urn:schemas-microsoft-com:office:word"|<w:WordDocument>|<div [^>]*class="?WordSection1[" >]|<style[^>]*>[^>]*@page WordSection1)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

4916 kB
Transfer

5809 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://affirmationskarten.katjasedlmeier.de/
Title: Affirmationskarten für Kinder

Search URL Search Domain Scan URL

URL: https://calendly.com/katjasedlmeier/trance-healing
Title: Trance Healing

Search URL Search Domain Scan URL

URL: https://freebie.katjasedlmeier.de/
Title: 111 Affirmationen gegen Stress

Search URL Search Domain Scan URL

URL: https://www.katjasedlmeier.de/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.katjasedlmeier.de/datenschutz/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.instagram.com/katjasedlmeier/
Title: Folge mir auf Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/864841321927901/?ref=share
Title: Komm in meine Facebook Gruppe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vpn.www.katjasedlmeier.de/ 123 KB
17 KB 113ms
41ms Document
text/html 45.138.175.224
AUROLOGIC aurolog...

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.www.katjasedlmeier.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.138.175.224 , Germany, ASN30823 (AUROLOGIC aurologic GmbH, DE),
Reverse DNS
Software: Caddy /
Resource Hash: 69b0893ba4ebc355d862e21720d5157248357b855d1dd0b116d5c9ad235e079c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 21:24:30 GMT
server: Caddy
vary: Accept-Encoding

GET
H2 200 funnel-page.css
static.funnelcockpit.com/assets/css/ 535 KB
83 KB 55ms
24ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=04f20780e4fc1387
Requested by: Host: vpn.www.katjasedlmeier.de
URL: https://vpn.www.katjasedlmeier.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e698bd7e6bde7cde7d5189484da3e952b1573bdc9d5b11ead1a7c6067a92c8cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6NNVDTGY5X4T5R9S
age: 5328
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vA6zv2czghT2xsRI0LIlqy8+834lJ6r1Wbfe6JLDyd6lwfIy519XgKsNzA5YzylnLjsggZ9f/wg=
last-modified: Tue, 21 Nov 2023 19:35:00 GMT
server: cloudflare
etag: W/"ec67a2460366b8cfe0416f6e8949a87b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BI%2FKQVqlap0YVgy6Cepp6Y%2FZttCWrjOve%2FUbPGc%2Bq1Eh9SpptTAxTT0T1X1SESjJ%2F01ewoWPzo9QpjycqIB36MFSc8JY6H26QNmq5AzioJQXdMkqSH0nmbTkZq4RmsaPZ%2B9UFjlQ4vaqF6p%2FMBRYdhcgTb1hk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8382b677df6bbb59-FRA

GET
H2 200 5d862427fec0dc223ef90ef9d291f947.jpg
static.funnelcockpit.com/upload/yAQpCMannYsrnWTew/ 3 MB
3 MB 142ms
122ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/yAQpCMannYsrnWTew/5d862427fec0dc223ef90ef9d291f947.jpg
Requested by: Host: vpn.www.katjasedlmeier.de
URL: https://vpn.www.katjasedlmeier.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b93fe16cc2951902f8bb074f57009d7d3ce44d4bf0f76da49ff2efac923c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 02KAGDX9WMQ9N9B8
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 2974850
x-amz-id-2: C9FZ/cZTTP3lY9MTphwMTsiJ1uiVjkLck3xn4EhRgomsBjcIds/vTu6cz1uH49ADOGKwL3QdgrY=
last-modified: Wed, 10 May 2023 09:54:05 GMT
server: cloudflare
etag: "4053f8e3de21521bb49c9953ebd317d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGII6u2tdIYdstzvKK38D%2BRlZjZm2EUia%2FknqyTqpmMZMhkaoNdQ%2FrRhVbUTv88RmaN%2FZtJUvI%2BBEyIwNWJJ%2F140T98MHjw3xhO1NDwNGBl1D1sm3JUUDrhliZHdWy8H9UNn7SI%2FhyUq%2FCp0z%2BRkW1K2x6NxDkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8382b677df6dbb59-FRA

GET
H2 200 1af28ecc5b49c088bd25ec7721add963.jpg
static.funnelcockpit.com/upload/yAQpCMannYsrnWTew/ 2 MB
2 MB 115ms
96ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.funnelcockpit.com/upload/yAQpCMannYsrnWTew/1af28ecc5b49c088bd25ec7721add963.jpg
Requested by: Host: vpn.www.katjasedlmeier.de
URL: https://vpn.www.katjasedlmeier.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c46d111a97c8a75373d0e7cff659e990a730213a24e7b07f7b535fdd4963f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 02K67NX6KY82WNP4
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1646757
x-amz-id-2: WQ1CHizAty1Hd2bhKSJtqc5AVn6WLrgtZ5TLBWcMvu+Zz3oYqNewuH4/BdxdDqGTC8mSBP97mD8=
last-modified: Mon, 02 Oct 2023 11:21:36 GMT
server: cloudflare
etag: "967edb56f190d52523023fffdf94b9d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIS%2BGWSbH17ExoBwgyU%2B62OkioJ1OZCGVzwAppDht8iK%2FEYRJA%2FUcjCuch3KwmWjZ5dpAnb2nUdEgl9G66T1IZveLHIYIz%2Fu998LQBZw8FeG1c3k0i%2BxEN8OrfCAJem4cc6KsSntonhumcaVRA%2BxpgKD0%2BZRzT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8382b677df6cbb59-FRA

GET
H2 200 funnel-page.js Show response
static.funnelcockpit.com/assets/js/ 104 KB
34 KB 21ms
20ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Requested by: Host: vpn.www.katjasedlmeier.de
URL: https://vpn.www.katjasedlmeier.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285de137de3fb3df6522bc7b323e968649523d53242dc6742ef979be9a715c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6NNPSWA325TVGS5G
age: 3680
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FMwIxNcN6sAYTjvlA/j1HayNGtpL23ZtP+nWuK931GRDq2ABtaKLDAVNh6c9uvBE/CBb7SdkVqA=
last-modified: Tue, 21 Nov 2023 19:34:56 GMT
server: cloudflare
etag: W/"8788493dba9c37ac3791f828630ce90b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBPwPDxobUgCKAyOxgv9KyahN5InOYRRpRyFShahRjRtCAQ3RuYguNEfYnMd1pMfE0yNZjCEpLYrd2aAdB5cYlX9Tdb0IPbIfIcojf7psdl5vmR2s7zPriiTGBtH1ucN9AcFMAvC%2BZs3QpFLexjsjAwXtpmfBxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 8382b6781fb9bb59-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vpn.www.katjasedlmeier.de
URL: https://vpn.www.katjasedlmeier.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 21:24:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cTS5uNeo3SFyVzh9qQxpB48BlTrODguCOWiR798CaFST+OGJ9Y+ijk1rdRBIQtLyX5pf3LV7Ui1vrk/J/F3ndg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fa-solid-900.woff2
static.funnelcockpit.com/assets/fonts/ 76 KB
77 KB 64ms
44ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/fa-solid-900.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://static.funnelcockpit.com/assets/css/funnel-page.css?v=04f20780e4fc1387
Origin: https://vpn.www.katjasedlmeier.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 02K6RS9FBZKV2CAM
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 78268
x-amz-id-2: 7jkDf9xAufCErzKbHOAmUG04jxX2dhAIvF6ROpt5h/uoiJ5C8HlyYz19ZlZ2r5z9bndXchzDvfQ=
last-modified: Tue, 21 Nov 2023 19:35:08 GMT
server: cloudflare
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhP3xKqn9nF9JR0PG%2BffQt6x%2BCiKTT0wdYIxLUMtZRb6r4dIA8zzFwKphVZLb4lOACYASRZWkdvpm%2F8bzPhf0TBXzRn8nNz%2Bz86G%2FgtOOV88cPewGAV101gSgqL5c%2FWkXPqQD0rhd%2F1qWAU8Mt3CI6a3jazE%2Fok%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8382b6783efa696f-FRA

OPTIONS
H2 200 track-page-visit
api.funnelcockpit.com/ 0
0 48ms
11ms Preflight 94.130.226.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-page-visit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.226.120 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.120.226.130.94.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vpn.www.katjasedlmeier.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://vpn.www.katjasedlmeier.de
date: Tue, 19 Dec 2023 21:24:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H2 200 track-page-visit Show response
api.funnelcockpit.com/ 0
381 B 67ms
45ms XHR
text/plain 94.130.226.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.funnelcockpit.com/track-page-visit

Requested by

Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.226.120 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.120.226.130.94.clients.your-server.de

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vpn.www.katjasedlmeier.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: https://vpn.www.katjasedlmeier.de
cache-control: private, no-cache, proxy-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, cookie
x-xss-protection: 1; mode=block

GET
H2 200 2819.d6d84bb98dbe0ff84b29.js Show response
static.funnelcockpit.com/assets/js/chunk/ 877 B
876 B 15ms
15ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/2819.d6d84bb98dbe0ff84b29.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd5e9abcc2c222a80aee31ada49755ea918b6245e35d1367c107eb00d52bfd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ARYFDQ79FZ6KK5ED
age: 353
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 97K/G+NW1O5ms89IW3FmkGEN+c4gln1W5Zl8l2upy+DDy5YZe9/YiwbY/5z6gXxidtehOkbSmR0=
last-modified: Tue, 21 Nov 2023 19:34:54 GMT
server: cloudflare
etag: W/"900e8d6cebeba595cd4d9d397c936a97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B%2FD%2F4Om7byc%2FTIUejhZGVer4Z8C2E3YNLE6fw3ppdaPh2Dh9EKAg48UDCSSb%2BrvZXcv%2B7nJ3XBg8DO%2F3n39zDneiaCLjT%2F0CohDGnosNxmKSPVFQREte%2B2ZAZjImuDBRRNXPLIArqgvsxAivHIitkkqGoHw718%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 8382b6784ffdbb59-FRA

GET
H2 200 8795.b9a7fadd13c5c415ed57.js Show response
static.funnelcockpit.com/assets/js/chunk/ 7 KB
3 KB 17ms
17ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/8795.b9a7fadd13c5c415ed57.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0306f40ff8a075f6afc19e54911ecb0c8dcd174aa3d0291a7b159635ec536d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C4YXTZDBYYSTSYQZ
age: 1827
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b4Aomm35rcK2G72ikpTJNnZEkG6YMNXOI+ZaXgKo0MIrCvJNXSCmK7vgWuono5aGri/YIEqQ2j0=
last-modified: Tue, 21 Nov 2023 19:34:55 GMT
server: cloudflare
etag: W/"30423b8f34315bdd3dd0ebc67d2c9756"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D4Q1gFNmrk618jOd38Mkgx8c2%2FcMuqlcpa0x1UBwy2mluK2hgsiK4jzcldMkZplame6kqiJdXPaCB9PZhmG%2BCKVP1IVnYl2%2FsnrZs%2Fq%2BYdwkAfuwkU53QIok6tv%2FcIcpYY01rOdPh7QwvDhcyg7DCglUPRkmH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 8382b6784ffebb59-FRA

GET
H2 200 2681.f9ebe191577409e358e3.js Show response
static.funnelcockpit.com/assets/js/chunk/ 4 KB
2 KB 20ms
19ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/2681.f9ebe191577409e358e3.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VDRR4GKREZ5GB4SX
age: 5658
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tdz3lU286HwV5z+qal9FVmyYLD1SkLFN4sDjDFfuVyLSPK66466V6xrTbF7H9/sjOyYGTvk+EAw=
last-modified: Tue, 21 Nov 2023 19:34:54 GMT
server: cloudflare
etag: W/"45823df5200104062056ad9fe02fc457"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwaMCQzre6rTzAUjJYC7az6%2BPFWh768dstUv1mf3aEkp2k1OHq4nUI6qih%2Bl69vYK3b3yAnehF4YqAlBAPEceivuPSS1Lsjz5QVNegfaaDPimC75nbhAKCrn3neJ0jGiwG3rbWpCUnHjrvWsIN%2F%2BbTIUBBbwje0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 8382b6784800bb59-FRA

GET
H2 200 1304.31030298a02161531ca7.js Show response
static.funnelcockpit.com/assets/js/chunk/ 5 KB
2 KB 16ms
16ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/1304.31030298a02161531ca7.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RJRXMBJ3ZP18VHPQ
age: 1197
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4LnOm5v9o7Fv4/EkKUoeGCV5ou3rmYvR56qLwhlCVE/o7UTssl8a0oaS1/Q+HkVtJ1qob5bF5XQ=
last-modified: Tue, 21 Nov 2023 19:34:54 GMT
server: cloudflare
etag: W/"789b48c7404e9ed9881c4fbd1f97afbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xA1kBNdSDEI4xnAl5MZXp1Qe%2BJSEgxUSSkiwRq%2BM1demslj2EtjEsiHG0wNoU0Zl4SA9Wviu1fC3zOChrbCePVAU%2BpAlGBl3ObH9zr4oZKQAUYNAb8qQvUuGF1uxgQTMKd8Gl8lL%2BWj9oyepuzXzJBm6LhKjVTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 8382b6784801bb59-FRA

GET
H2 200 3063.d144cf5f0ea5b3841ee7.js Show response
static.funnelcockpit.com/assets/js/chunk/ 11 KB
4 KB 19ms
18ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/js/chunk/3063.d144cf5f0ea5b3841ee7.js
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b587fb70a3386b5b8510bbf96b084e48433191fd7fa7b94788e81c2c95b64a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RJRSE49CXYXDG8TN
age: 4572
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: M9oXdXszblBwTqKZSieWZLehCfDYU+52/ukXTSd2IxjtJvSJw5ZylTvhz94UJy+jrDA+owokrSs=
last-modified: Tue, 21 Nov 2023 19:34:54 GMT
server: cloudflare
etag: W/"4db89df7b9bac967111b158f1cc7da66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2knnMZqSPMVfnz07gNggON6yP0%2BVOsJ%2B1BxgtgTI%2FDf9ZgSjvwRDBU4DcZTMhiRJnslCO6anCRrDlknOViWAduxJqVGeUWxkzArYQh1m0PIeEI3PyPAU75Ftw4BdmBgxBdjemFswDuU5XxUrlwjmE6FlUgD4Ck%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=43200
cf-ray: 8382b6784802bb59-FRA

GET
H2 200 quicksand.css
static.funnelcockpit.com/assets/css/fonts/ 3 KB
956 B 16ms
15ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=04f20780e4fc1387
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864999d1e93ba9c8fafbdfda06ba131dbf13fb070dcec9f344fec7f1d2a08ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6NNHGMWBD3EY6D0C
age: 3182
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PZX3sR7YObnX+qBBVGIVEjiXmpHZHujkg9O6hGuz3LHESrRFrA/wG3MN2jiGz0OB61RESnMlOis=
last-modified: Tue, 21 Nov 2023 19:35:00 GMT
server: cloudflare
etag: W/"a9a785bcb56964775f9a130121172e73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B4nOFKGed%2BSuYSa8UnrhSQgZySg5rOqgNIHPbKziT0azcobdaKk7t%2FLK9zUtM%2B7MYmKZCAqr8Qjz9wtllV28jHc0PANSMHZHzixu0SNX8ye1WqMB2eRYa4aqrkpHgVSU7F76YwwNDmjBzcEpSb7DrbB2OibFeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8382b6784804bb59-FRA

GET
H2 200 lato.css
static.funnelcockpit.com/assets/css/fonts/ 4 KB
848 B 18ms
17ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/fonts/lato.css?v=04f20780e4fc1387
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac81d0abdda0dea3828223342f43555e314d0eefa5aaca4e7f1ed11e118847c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TC72YPMFZ8PTXM4P
age: 6706
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IE1O3sk2AlFX+tI7VX/1C0p3yzGa8NSMzacqyAnxoVXDkdA88+Cn+aXyKx4MwZYonfCrwFLP7+0=
last-modified: Tue, 21 Nov 2023 19:34:59 GMT
server: cloudflare
etag: W/"0470ecf3ed0e6fe527e2fdc60631bf66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCy%2Ft34d6U%2BPZ68td95Un17mwrNdJxR9l00mNmxogV0kpp%2FUz7AdEaZA6LGNqwe9trUnsqvb9ps%2FS%2Bt43xyWKVbm9HD9E9EPcdAG3oK%2FcwqIP%2FfgkShVHhaHrZc4rB%2BudNwYL8206ImKGQcJEbSF100%2B%2BnQ7Irc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8382b6784806bb59-FRA

GET
H2 200 abel.css
static.funnelcockpit.com/assets/css/fonts/ 13 KB
10 KB 40ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/css/fonts/abel.css?v=04f20780e4fc1387
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/js/funnel-page.js?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af10533e34a227e58786ebaeaea4541a532886f53f5d2e9059ae224e1fdff92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9DD3WY8PGVXB7MPG
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sFbU2cYX5SDQ6+JQqeSN0YGvQ18s/jLt2nVMLoW1xQWHwQbJQ2AtB8UEWE/YaAkNQQ6k2HojLUk=
last-modified: Tue, 21 Nov 2023 19:34:58 GMT
server: cloudflare
etag: W/"d9006c88e5e0fb01e17177791e278d7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7EnyjVVNcR2uuTCwPkNIz85UmpcQDfZY%2Fjc5b3nNfMT0gEQbFnronyLZa2u27M%2FKQLFzZWDgxWsx6crRYm%2FfR9MkCmyoe28KhFnbUmB8SH23xU1totBKBzfgj8xEbf2fQAL4ukNR8RM1rjU7pefubZnGE9szFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8382b6784807bb59-FRA

GET
H2 200 601762142150905 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 184ms
184ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/601762142150905?v=2.9.138&r=stable&domain=vpn.www.katjasedlmeier.de

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fc50964baf9b6e66f2a74eca8f2b2037469dd98ae34be49b7a1cf0564e6fdff

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 21:24:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9iQNUV1Zv8CuaUWhn0Fvhq5xajqVmvszuCiO8iEKK8KoMiKpNoRK0udRt2kuvDHGAI68v60RFw5YypSwBjKkjw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quicksand-v7-latin-regular.woff2
static.funnelcockpit.com/assets/fonts/ 19 KB
19 KB 42ms
41ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/quicksand-v7-latin-regular.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827a866b2a9a628cce555bfd12020d2dc3db084e9952688d053a54d11de6992f

Request headers

Referer: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=04f20780e4fc1387
Origin: https://vpn.www.katjasedlmeier.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 02K5CKEVWMWPY4X8
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 19264
x-amz-id-2: HkUc2rjIQLKq6dRWGlOK7kSZFiYiH3n97xR3hMnALLYP7uHKh+Ftt2JQ6FvJSz4W7ajd/nOkwNo=
last-modified: Tue, 21 Nov 2023 19:35:26 GMT
server: cloudflare
etag: "3f178e7b1a044e97e6ddf420f30e881b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt3LlRyHjVMAiEo1GOtS%2BtHaVwxkOYLwxE%2FNWrAvpPEnlyGqm7YTHsCNXU5P8JtkMbOElfR7CocEsaDMb%2Bs%2Bbm5%2FjDWRrIDsPsrjFgn5ulfFIcBYnR4OtNCb%2Ffs1A6lzW%2BTEVOoPZerbhjuc1PBKML0bkvT2I0s%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8382b6786f2b696f-FRA

GET
H2 200 quicksand-v7-latin-700.woff2
static.funnelcockpit.com/assets/fonts/ 18 KB
19 KB 76ms
76ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/quicksand-v7-latin-700.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5751b0d2d88c8d4b046d1a03a6e6eca744c36649c5645d4f3e281ddf69aa358f

Request headers

Referer: https://static.funnelcockpit.com/assets/css/fonts/quicksand.css?v=04f20780e4fc1387
Origin: https://vpn.www.katjasedlmeier.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 02K8YJDVQE9T0SBX
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 18792
x-amz-id-2: 2rcH2HHAc19fSqtiJcbvU/8nPQPkYCUYI/DjkRAcUdmseW0DadLZM0f8g3BE8YzC0lwI4OEA5IM=
last-modified: Tue, 21 Nov 2023 19:35:25 GMT
server: cloudflare
etag: "8ec608d5ec889469c1ce8b70e06bdec2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34JYkPrYJfml1zrFpWLMx4LzJxfTuiBVY3QZJcIvkZ7oCuASPHp%2Fu873MfKCQ%2F5RMfrg0ilydzJqHC8tSB10uWXlTa9YUS0Sx0kDD0MHAp0WfrjJELGN50CTL7HmQNcYVRp9pq8X%2FNYPtcBVTqWbHg0NHYzToUU%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8382b6786f2e696f-FRA

GET
H2 200 lato-v14-latin-regular.woff2
static.funnelcockpit.com/assets/fonts/ 23 KB
23 KB 36ms
35ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.funnelcockpit.com/assets/fonts/lato-v14-latin-regular.woff2
Requested by: Host: static.funnelcockpit.com
URL: https://static.funnelcockpit.com/assets/css/fonts/lato.css?v=04f20780e4fc1387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Request headers

Referer: https://static.funnelcockpit.com/assets/css/fonts/lato.css?v=04f20780e4fc1387
Origin: https://vpn.www.katjasedlmeier.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:24:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 02K96JNH8WVEZX2B
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 23316
x-amz-id-2: LbfG2HKBAOudCjOYsYPzJuexy46vGb7NH9Q6QJHn9oen/G83GlC8w6sWXX/aaiXLkJSfrtWpg34=
last-modified: Tue, 21 Nov 2023 19:35:13 GMT
server: cloudflare
etag: "f1a4a058fbba1e35a406188ae7eddaf8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2wA3AoluYsAB7UqPicnY%2Bb%2FDxeI1Rx5X9LuenWCdLRRIF6pMEyIND9rroPv26GvuhulpkI8gGIHCJwFXh9GGjg72BpijxEuOv%2Bp8f%2FGYb6MmXixggu2XiWZgrzq0uCyBt4LzkaxTN4uljRuTvOn3I%2FHztjsqt4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 8382b6788f5a696f-FRA

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23b46ff0334b4dad5692c872c607b7b2f05eb38535047cc3726aac89f96c434a

Request headers

Referer
Origin: https://vpn.www.katjasedlmeier.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 45ms
16ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=601762142150905&ev=PageView&dl=https%3A%2F%2Fvpn.www.katjasedlmeier.de%2F&rl=&if=false&ts=1703021070355&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703021070353.560642172&cs_est=true&ler=empty&it=1703021070137&coo=false&rqm=GET

Requested by

Host: vpn.www.katjasedlmeier.de
URL: https://vpn.www.katjasedlmeier.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vpn.www.katjasedlmeier.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 19 Dec 2023 21:24:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.katjasedlmeier.de/	1970-01-20 19:13:17	Name: _fbp Value: fb.1.1703021070353.560642172

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.funnelcockpit.com
connect.facebook.net
static.funnelcockpit.com
vpn.www.katjasedlmeier.de
www.facebook.com
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
45.138.175.224
94.130.226.120
0306f40ff8a075f6afc19e54911ecb0c8dcd174aa3d0291a7b159635ec536d07
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
23b46ff0334b4dad5692c872c607b7b2f05eb38535047cc3726aac89f96c434a
285de137de3fb3df6522bc7b323e968649523d53242dc6742ef979be9a715c21
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
549f9d5fd7fd59a1c927144e8259ec36cc680bce87be8a97f12e800b3477e341
5751b0d2d88c8d4b046d1a03a6e6eca744c36649c5645d4f3e281ddf69aa358f
69b0893ba4ebc355d862e21720d5157248357b855d1dd0b116d5c9ad235e079c
6b587fb70a3386b5b8510bbf96b084e48433191fd7fa7b94788e81c2c95b64a6
6fc50964baf9b6e66f2a74eca8f2b2037469dd98ae34be49b7a1cf0564e6fdff
75c46d111a97c8a75373d0e7cff659e990a730213a24e7b07f7b535fdd4963f9
76b93fe16cc2951902f8bb074f57009d7d3ce44d4bf0f76da49ff2efac923c97
827a866b2a9a628cce555bfd12020d2dc3db084e9952688d053a54d11de6992f
864999d1e93ba9c8fafbdfda06ba131dbf13fb070dcec9f344fec7f1d2a08ce6
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9af10533e34a227e58786ebaeaea4541a532886f53f5d2e9059ae224e1fdff92
cac81d0abdda0dea3828223342f43555e314d0eefa5aaca4e7f1ed11e118847c
d0bb889c43fabf22abcd20546b72af7e6b1c76ec0e75dabad3ef2594a23a7ffb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e698bd7e6bde7cde7d5189484da3e952b1573bdc9d5b11ead1a7c6067a92c8cd
fbd5e9abcc2c222a80aee31ada49755ea918b6245e35d1367c107eb00d52bfd7

vpn.www.katjasedlmeier.de Open in urlscan Pro 45.138.175.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

4916 kBTransfer

5809 kBSize

1 Cookies

7 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Indicators

vpn.www.katjasedlmeier.de Open in urlscan Pro
45.138.175.224 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

4916 kB
Transfer

5809 kB
Size

1
Cookies

22 HTTP transactions
1 data transactions