wp-669-payment-form-update.english-improve.stage-boosters.com Open in urlscan Pro
143.204.215.45 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Submission: On July 21 via automatic, source certstream-suspicious (July 21st 2022, 12:18:09 am UTC) — Scanned from DE

Summary HTTP 85 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 20 domains to perform 85 HTTP transactions. The main IP is 143.204.215.45, located in United States and belongs to AMAZON-02, US. The main domain is wp-669-payment-form-update.english-improve.stage-boosters.com.
TLS certificate: Issued by Amazon on July 20th 2022. Valid for: a year.

This is the only time wp-669-payment-form-update.english-improve.stage-boosters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	143.204.215.45 143.204.215.45	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:20:... 2606:4700:20::ac43:44d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	34.247.248.73 34.247.248.73	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.36.163.241 23.36.163.241	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	46.101.13.61 46.101.13.61	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	54.164.117.248 54.164.117.248	14618 (AMAZON-AES) (AMAZON-AES)
1	108.157.4.113 108.157.4.113	16509 (AMAZON-02) (AMAZON-02)
3	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
2	34.209.74.230 34.209.74.230	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	52.19.18.85 52.19.18.85	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	54.72.99.35 54.72.99.35	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
85	29

8 143.204.215.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-45.fra53.r.cloudfront.net

wp-669-payment-form-update.english-improve.stage-boosters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:44d6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.248.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-248-73.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.163.241 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-241.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.13.61 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 529751.cloudwaysapps.com

active.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
directory.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.164.117.248 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-117-248.compute-1.amazonaws.com

api.panda.boosters.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.74.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-74-230.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.18.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-18-85.eu-west-1.compute.amazonaws.com

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-38.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.99.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-99-35.eu-west-1.compute.amazonaws.com

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72 firebase.googleapis.com — Cisco Umbrella Rank: 7454 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 658 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 551	7 KB
8	boosters.company api.panda.boosters.company	2 KB
8	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 33280	76 KB
8	stage-boosters.com wp-669-payment-form-update.english-improve.stage-boosters.com	1 MB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 919	73 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5701	692 B
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	3 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5536 www.google.com — Cisco Umbrella Rank: 10	1008 B
4	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 37505 active.cookieyes.com — Cisco Umbrella Rank: 41954 directory.cookieyes.com — Cisco Umbrella Rank: 43635	790 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	191 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
3	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5904	1 KB
3	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 6379 wa.appsflyer.com — Cisco Umbrella Rank: 9785	11 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	388 B
2	onelink.me wa.onelink.me — Cisco Umbrella Rank: 13832	911 B
2	gstatic.com fonts.gstatic.com	46 KB
2	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1334	410 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 637 script.hotjar.com — Cisco Umbrella Rank: 795 vars.hotjar.com Failed	66 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
85	20

	Domain	Requested by
8	api.panda.boosters.company	wp-669-payment-form-update.english-improve.stage-boosters.com
8	cdn-cookieyes.com	wp-669-payment-form-update.english-improve.stage-boosters.com cdn-cookieyes.com
8	wp-669-payment-form-update.english-improve.stage-boosters.com	wp-669-payment-form-update.english-improve.stage-boosters.com
5	analytics.tiktok.com	wp-669-payment-form-update.english-improve.stage-boosters.com analytics.tiktok.com
5	fonts.googleapis.com	wp-669-payment-form-update.english-improve.stage-boosters.com
4	firebaseremoteconfig.googleapis.com	wp-669-payment-form-update.english-improve.stage-boosters.com
4	www.google.de	wp-669-payment-form-update.english-improve.stage-boosters.com
4	www.googletagmanager.com	wp-669-payment-form-update.english-improve.stage-boosters.com www.googletagmanager.com
3	www.google.com	wp-669-payment-form-update.english-improve.stage-boosters.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com wp-669-payment-form-update.english-improve.stage-boosters.com
3	pro.ip-api.com	wp-669-payment-form-update.english-improve.stage-boosters.com
2	www.facebook.com	wp-669-payment-form-update.english-improve.stage-boosters.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	wa.appsflyer.com	websdk.appsflyer.com
2	firebaseinstallations.googleapis.com	wp-669-payment-form-update.english-improve.stage-boosters.com
2	wa.onelink.me	websdk.appsflyer.com
2	firebase.googleapis.com	wp-669-payment-form-update.english-improve.stage-boosters.com
2	fonts.gstatic.com	fonts.googleapis.com
2	api.amplitude.com	wp-669-payment-form-update.english-improve.stage-boosters.com
2	connect.facebook.net	wp-669-payment-form-update.english-improve.stage-boosters.com connect.facebook.net
2	log.cookieyes.com	cdn-cookieyes.com
1	directory.cookieyes.com	cdn-cookieyes.com
1	www.googleadservices.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	wp-669-payment-form-update.english-improve.stage-boosters.com
1	active.cookieyes.com	cdn-cookieyes.com
1	websdk.appsflyer.com	wp-669-payment-form-update.english-improve.stage-boosters.com
0	vars.hotjar.com Failed	static.hotjar.com
85	30

This site contains links to these domains. Also see Links.

Domain
english-improve.com

Subject Issuer	Validity	Valid
wp-669-payment-form-update.english-improve.stage-boosters.com Amazon	`2022-07-20` - `2023-08-18`	a year	crt.sh
*.cdn-cookieyes.com E1	`2022-06-18` - `2022-09-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
log.cookieyes.com Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-29` - `2022-07-28`	3 months	crt.sh
*.appsflyer.com DigiCert SHA2 Secure Server CA	`2021-10-09` - `2022-10-11`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
active.cookieyes.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
api.panda.boosters.company Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.onelink.me Amazon	`2022-03-06` - `2023-04-04`	a year	crt.sh
*.appsflyersdk.com Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
geoip.cookieyes.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Frame ID: 3FE478CB2BE5D2964F98BF874ABF683F
Requests: 76 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: 2090248E2FF2045ABDC9F791A2E72D9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

English Course

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

85
Requests

99 %
HTTPS

57 %
IPv6

20
Domains

30
Subdomains

29
IPs

5
Countries

1900 kB
Transfer

6748 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://english-improve.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wp-669-payment-form-update.english-improve.stage-boosters.com/ 6 KB
3 KB 460ms
428ms Document
text/html 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01dea1c95e7f8112643ea8478fdb2a0ae8edefe21d01f2088815aeef3c559238

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44466
content-encoding: gzip
content-type: text/html
date: Wed, 20 Jul 2022 11:56:58 GMT
etag: W/"a50ca0b8760bdb96e2fa300da2043e6d"
last-modified: Wed, 20 Jul 2022 11:55:15 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: e00Pr94SGnHJ5tMd1KCo8SmIPKatDRXchakTTCpXJFXh3ThQJfLM1A==
x-amz-cf-pop: FRA53-C1
x-cache: Error from cloudfront

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/ 89 KB
33 KB 48ms
16ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/script.js
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b883c0c869fb8f1dea9a58f7b5da610506238a21da7f93ba9b162507f4140f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125389
access-control-allow-methods: GET, OPTIONS
last-modified: Tue, 19 Jul 2022 13:27:58 GMT
server: cloudflare
etag: W/"164dc-5e42873ebc78c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDtebFz%2FSNfX%2BxcXfOqmypYwLRf8U7mwQdkVKNpjKRLKMu7AETNX9KbDWGNOMlciPZG3pKO7dZNgEUWnjylWhmEvCNQ1TYfUOm0M66W4KK17iHGaHjQuhWIS%2FazpEfZq0LlPjfyyPHsqKRG%2BM2Yz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 72dfc1d34a519bdd-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 42ms
17ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145336162-1

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc8ec951b91d39b8de42faf147f485a7a6b24a2095a1e241d3d18ab2b5bb89ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43065
x-xss-protection: 0
expires: Thu, 21 Jul 2022 00:18:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 40ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 00:11:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 00:18:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 00:18:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
615 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Serif:wght@500&display=swap

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f8458f1a7e9be9c3b6aa184f58a724767507f7cc86a7719d32d934c69cf5ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 00:18:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 00:18:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 00:18:03 GMT

GET
H2 200 2.67e358d4.chunk.css
wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/ 98 KB
35 KB 471ms
470ms Stylesheet
text/css 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/2.67e358d4.chunk.css
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 188d407538e1c87d1f3cfd79e3110cce411be0b4ce2a983e618d7f8774ca0f12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:04 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 11:55:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"608a5ebdb04bdf99a4e67adcb23c3b13"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: QWpxESRD7f6GJq3c1CuJPJ9KIbRp9NGeVKE3cGG_iIF7esH5ds7gDA==

GET
H2 200 main.6233b696.chunk.css
wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/ 372 KB
132 KB 448ms
448ms Stylesheet
text/css 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/main.6233b696.chunk.css
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0012c8d7388d9967beba8945f1a85f4519b58aa53cecbf89c08cd939e9e733a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:04 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 11:55:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"63f2eafcaab525fdc98a8bba7984201d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: MaycCx2C-Mj7aXoircNiRebrbBzuM3KlyKXx0oANeYPuSfEM-fpEjw==

GET
H2 200 2.736d1bc1.chunk.js Show response
wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/ 3 MB
598 KB 497ms
496ms Script
application/javascript 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f42fb60d8bbf99689c7629140818aec2f57de15db9e3f03df5d5373de513c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:04 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 11:55:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"c7b715561d8b5efc3d45ec254e7e9788"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: _bCaPrT6V8uzgPorXO8spcRaH8PN8F71XvFh5us_072VY5a7K4G0Zw==

GET
H2 200 main.8ff6eaf6.chunk.js Show response
wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/ 2 MB
449 KB 448ms
448ms Script
application/javascript 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcdf51b9cf6fd06a2ceb9bdd718223a9577dccb7622a6251808a5d4f25d37ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:04 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 11:55:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"49ccb7b762dd97e3ba2bb8e7d002a730"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-id: KLfudLOJ_zXRnGrwc9ecfcwmVPQIRiuqh2E4f8tpAJXNbl0Jd5rjwA==

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 101ms
33ms Ping
text/plain 34.247.248.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.248.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-248-73.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywaMRslYxcrkwokgT

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:03 GMT
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/ 91 KB
32 KB 16ms
15ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 781d17701ea3aa5ab9169e0fff36f1c50498a82d994412dbbca11c8418b53505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125388
access-control-allow-methods: GET, OPTIONS
last-modified: Tue, 19 Jul 2022 13:27:58 GMT
server: cloudflare
etag: W/"16c0f-5e42873ebb7ec-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9%2F93vOqz0qeepMawGD7Z6qLCCdhrwlJPeRfTCjB1UYcWcYvQtNWfNs8ePRkB5lVAJ1a%2FQXZ%2BMuo%2FeaDFVYZgLyWertrF2wJ2swbGigmts8RoeWsWWFOq5DLkQQqLgQghQ2uCVSTigmDZxWqKVQ7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 72dfc1d38a9b9bdd-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: xoZFwHwkxJFBg98NGwXlx+U4zw4DO9pCYKR5kswu+JecYF0u3JO0fTFZgWKy99sWwnY+qNI2QJ6ePj+4d4Qp6Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 21 Jul 2022 00:18:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 59ms
9ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0828d80f1e2542b247915dbafaa268fcdd6f5c4ce4d6e57eccc0d37916752e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Thu, 21 Jul 2022 00:18:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2022 08:41:43 GMT
Server: AmazonS3
x-amz-request-id: DC0QRYZR9PFB97NG
ETag: "cc82ca2a69eac2386ea395ea1e0ad0f6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=769
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9575
x-amz-id-2: GXuQ/ToMMJPNXBRgaf0XoF4oPGOjC6U8jXo/szY894EWQx+xCPPuDkdqIo2lPSdnNK2RALIkvzE=
Expires: Thu, 21 Jul 2022 00:30:52 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 140 KB
40 KB 144ms
108ms Script
application/javascript 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9F9GIJC77U12DDTHTN0&lib=ttq
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4469738774ec56d829889d18a602546702e46456ef0690bd67913ff6be046797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id: 7e17ffcf.882510ef
date: Thu, 21 Jul 2022 00:18:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 98,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=8, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202207210018030100040030077350020030B18942E
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.105.68
x-tt-trace-host: 0151073e60a041ec656923d320ad767e784d3a778c808a0c7ba12098effca8936c4e60bfb23bdb81371319c3337e8877c62f377f97501987fdd10af00c12f8bb8fd789655ebd7ca96638a8334aa6c841ab59aab33de431237934c03adcddcc860263213c0c75b70c962f370a570e15c8f8
expires: Thu, 21 Jul 2022 00:18:03 GMT

POST
H2 200 log
active.cookieyes.com/api/fc386b483ff870b67ec556f2/ 2 B
175 B 87ms
26ms Ping
text/plain 46.101.13.61
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://active.cookieyes.com/api/fc386b483ff870b67ec556f2/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.13.61 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 529751.cloudwaysapps.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:03 GMT
server: nginx
age: 0
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2

GET
H2 200 382139806462476 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 49ms
48ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/382139806462476?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18fa32cb1feca60423ef6bcb082561589041d78e23ee867cb979afd5c7ffa375

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GxkXJfaYvElugnDS7LSPu42yKsH3i9IWqciNwrsiv+6dH8KWGQHFsUs+lQA9Hk1XiAy6hOzKFlive3UNzKRcPg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 00:18:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658362683525
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 266ms
266ms Script
application/javascript 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9F9GIJC77U12DDTHTN0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id: 975469f2.882511f9
date: Thu, 21 Jul 2022 00:18:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-83.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 256,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=245, origin; dur=11, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20220721001803010002006005005006003028091FCAF7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.105.83
x-tt-trace-host: 0151073e60a041ec656923d320ad767e784d3a778c808a0c7ba12098effca8936c2d4cba20b30b1bf8cda58c2acb8c8f9e838f62e3b6060507f98f457097ddb0ef903410f4e2ae5270feadb497a9c8154e9608e1db0c50d676994ee247c5cbc1e35b70f3d0c52e421dc57107c160abf8d5
expires: Thu, 21 Jul 2022 00:18:03 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 872 B
1 KB 130ms
129ms Script
application/javascript 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C9F9GIJC77U12DDTHTN0&hostname=wp-669-payment-form-update.english-improve.stage-boosters.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9F9GIJC77U12DDTHTN0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6f2ef415329868be549149327166bb020ca6c53955f85476e9aed9058115eb88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id: 7175146d.88251277
date: Thu, 21 Jul 2022 00:18:03 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 94,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=4
content-length: 351
pragma: no-cache
server: nginx
x-tt-logid: 2022072100180301000204500773500203203249425
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.105.85
x-tt-trace-host: 0151073e60a041ec656923d320ad767e784d3a778c808a0c7ba12098effca8936cdab0c7f1f5f3ed7c503d1dbdc8d7ed3274a48176e9d1c6006ee9e409383a0a9f5f04ae71c6be6e7aba92f7509ab50087a2bb93be21c5351bb179247f4ec25e75ef5c366841a43a76d75596ab3a48e4f6
expires: Thu, 21 Jul 2022 00:18:03 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 136ms
136ms Ping
application/octet-stream 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9F9GIJC77U12DDTHTN0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 60498897.88251339
date: Thu, 21 Jul 2022 00:18:03 GMT
x-cache-remote: TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 122,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=32, inner; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202207210018030100040030077350020200027BEBA
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.220.105.86
x-tt-trace-host: 0151073e60a041ec656923d320ad767e784d3a778c808a0c7ba12098effca8936c34ae2e20e6961622ba30ed5bc8336d524fd39b51308f9cc406a771496cb2eb4b94d61d5fc77816a385e5fd4c3fa5059c6b5231df96b3c1c050fd8d342c3e225f3862c20b15d4fa14d00f9c6c49c7d3b0
expires: Thu, 21 Jul 2022 00:18:03 GMT

GET
H3 200 css
fonts.googleapis.com/ 6 KB
685 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/2.67e358d4.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 00:09:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 00:18:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 00:18:04 GMT

GET
H2 200 slick.css
wp-669-payment-form-update.english-improve.stage-boosters.com/slick-carousel/slick/ 6 KB
3 KB 431ms
430ms Stylesheet
text/html 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/slick-carousel/slick/slick.css
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/main.6233b696.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01dea1c95e7f8112643ea8478fdb2a0ae8edefe21d01f2088815aeef3c559238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/main.6233b696.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 11:56:58 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 11:55:15 GMT
server: AmazonS3
age: 44467
etag: W/"a50ca0b8760bdb96e2fa300da2043e6d"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: W8-CiY8aQAAqcYZfOQnhcAFXLLZBQFPkXJDOvTgD-jOgwt-17Ldy4g==

GET
H2 200 slick-theme.css
wp-669-payment-form-update.english-improve.stage-boosters.com/slick-carousel/slick/ 6 KB
3 KB 433ms
431ms Stylesheet
text/html 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/slick-carousel/slick/slick-theme.css
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/main.6233b696.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01dea1c95e7f8112643ea8478fdb2a0ae8edefe21d01f2088815aeef3c559238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/main.6233b696.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 11:56:58 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 11:55:15 GMT
server: AmazonS3
age: 44467
etag: W/"a50ca0b8760bdb96e2fa300da2043e6d"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 59evDH0JH_0JbipqGbDTyM9sfsM3uhmUUb8Jhp3-dHEX3nwL3d7pRA==

GET
H3 200 css2
fonts.googleapis.com/ 1 KB
452 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alice&display=swap

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/main.6233b696.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fa19c7a19daa83232c5240d52b4a8ff15a728a4a1cff780e4bdd0be87374b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 00:18:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 00:18:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 00:18:04 GMT

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
676 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;500;600;700;800&display=swap

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/css/main.6233b696.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2097c3764dff95eb5c9ed4b1fe3d6fcb97127970e32c44d914680d90cde64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 23:31:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 00:18:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 00:18:04 GMT

OPTIONS
H2 204 users
api.panda.boosters.company/v1/ Frame 0
0 342ms
106ms Preflight 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.panda.boosters.company/v1/users
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-117-248.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:05 GMT
x-amz-apigw-id: Vl0xkF7joAMFhDA=
x-amzn-requestid: 0a0c0763-5bf7-4eea-ae68-5c7634a7e5aa

GET
H2 200 hotjar-0.js Show response
static.hotjar.com/c/ 4 KB
2 KB 42ms
14ms Script
application/javascript 108.157.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-0.js?sv=0

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-113.dus51.r.cloudfront.net

Software

Resource Hash

1ecdac0ec2ec9446779557bf0599bc20a9c3737fbb6104db254bfeabfae7fcad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 43
x-cache: Hit from cloudfront
date: Thu, 21 Jul 2022 00:18:04 GMT
cross-origin-resource-policy: cross-origin
content-length: 1770
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/7a44f0747d97cb24a0d29cba87bf3bbd
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 0
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: hu3ob7XbrQ0F90ZkMM6tR5sp8qsxpTN_iwaO33InIiCYIxBxCy-e2A==

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 308 B
464 B 39ms
8ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=sYULDPdGKmVy5BO
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 1872d9083123384884f0a77ba7d2cbc874d33c1b95cf9b6f654ef8020cfe8e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jul 2022 00:18:04 GMT
Content-Length: 308
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 308 B
464 B 39ms
8ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=sYULDPdGKmVy5BO
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 1872d9083123384884f0a77ba7d2cbc874d33c1b95cf9b6f654ef8020cfe8e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jul 2022 00:18:04 GMT
Content-Length: 308
Content-Type: application/json; charset=utf-8

POST
H2 201 users Show response
api.panda.boosters.company/v1/ 45 B
369 B 151ms
151ms Fetch
application/json 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.panda.boosters.company/v1/users

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-117-248.compute-1.amazonaws.com

Software

Resource Hash

f44e84bb86a9516867a6cabdcb39e082af40a34b51538b45be08de457a7a0e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
Authorization: MAOgVf4mTl7UmTphaRREtwupDRIlxDxB
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
x-amzn-requestid: 6b15b873-1e02-4183-85d8-16c2d1e73ec1
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
x-amzn-trace-id: Root=1-62d89b3d-4127617065e375d45e4bbf4b;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: Vl0xlFcLoAMFr3w=
content-length: 45
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 653ms
181ms XHR
text/html 34.209.74.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.74.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-74-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:05 GMT
trace-id: Root=1-62d89b3d-7cae112a07b5830a1aa13cdb
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 308 B
464 B 13ms
9ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=sYULDPdGKmVy5BO
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 1872d9083123384884f0a77ba7d2cbc874d33c1b95cf9b6f654ef8020cfe8e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Jul 2022 00:18:04 GMT
Content-Length: 308
Content-Type: application/json; charset=utf-8

GET
H2 200 cat_with_flags.png
wp-669-payment-form-update.english-improve.stage-boosters.com/images/firstScreenSplit/ 50 KB
50 KB 433ms
433ms Image
image/png 143.204.215.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/images/firstScreenSplit/cat_with_flags.png
Requested by: Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-45.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 300aeaa14a10117d4d955445995f90e09d5d0c009356d6c1830cf2189c606a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:06 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 11:55:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "aafbd14b7967c1b62affa681e31076bb"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 50729
x-amz-cf-id: xN09MiYyuYK4gOg2QzVq6vI6lV5h1eF11TQ0N5o4R77b1g6Sm9lgOQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 112250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 17:07:14 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 38ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 112250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 17:07:14 GMT

GET
H3 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:331925000858:web:10d7d373ea4bae78f44523/ 333 B
254 B 48ms
31ms Fetch
application/json 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:331925000858:web:10d7d373ea4bae78f44523/webConfig

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f480206dc9d6447f5a9a97521e8c8117d9e03ce991a7c5d46b14cc2395a2b753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
x-goog-api-key: AIzaSyCjmKoKYNWRcwNJzx3FPvIIaGNrPtgbgKg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 231
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:331925000858:web:10d7d373ea4bae78f44523/ Frame 0
0 60ms
22ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:331925000858:web:10d7d373ea4bae78f44523/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 21 Jul 2022 00:18:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 13 B
363 B 129ms
30ms XHR
application/json 52.19.18.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.18.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-18-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Date: Thu, 21 Jul 2022 00:18:04 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 13
Content-Type: application/json

GET
H2 200 modules.223545ebe764d5c7aceb.js Show response
script.hotjar.com/ 246 KB
64 KB 37ms
11ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.223545ebe764d5c7aceb.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-0.js?sv=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-38.dus51.r.cloudfront.net

Software

Resource Hash

162cc8cf35933243ad6d64942fbe1278f253f27e92f22f3f7bc5a0f81bb7059f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 12:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129538
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64656
access-control-allow-origin: *
last-modified: Tue, 19 Jul 2022 12:18:52 GMT
etag: "691af20fa44683dc4b6249ce8ad8fb7f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: H05OhGxfChmu3M1sG44_ehfU7BMCXafytZdWuu7qEbej01ZcCrq9zQ==

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/ten-words/ 625 B
511 B 304ms
287ms Fetch
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/ten-words/installations

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc13b953421a9e30dde94062021b6e92de1a22b002ebc79e0460304c9dbd198f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
x-goog-api-key: AIzaSyCjmKoKYNWRcwNJzx3FPvIIaGNrPtgbgKg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMjUgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjI1IGZpcmUtanMvIGZpcmUtaWlkLzAuNS45IGZpcmUtaWlkLWVzbTIwMTcvMC41LjkgZmlyZS1yYy8wLjMuOCBmaXJlLXJjLWVzbTIwMTcvMC4zLjggZmlyZS1qcy1hbGwtYXBwLzkuOC4yIGZpcmUtYXV0aC8wLjIwLjIgZmlyZS1hdXRoLWVzbTIwMTcvMC4yMC4yIGZpcmUtYW5hbHl0aWNzLzAuNy45IGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC43LjkgZmlyZS1wZXJmLzAuNS45IGZpcmUtcGVyZi1lc20yMDE3LzAuNS45IiwiZGF0ZXMiOlsiMjAyMi0wNy0yMSJdfV19
content-type: application/json

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 488
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/ten-words/ Frame 0
0 53ms
15ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/ten-words/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 21 Jul 2022 00:18:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET box-0004cb77850b00d4aa7e1e08ff61e8f0.html
vars.hotjar.com/ Frame 2090 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
62 KB 39ms
23ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-1KVYMWH3X7

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c778fa33c310a163fdeee7ec6ddfa04f7a192c87b8a0efc858e66cee254a88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63724
x-xss-protection: 0
expires: Thu, 21 Jul 2022 00:18:04 GMT

POST
H/1.1 200
OK events Show response
wa.appsflyer.com/ 82 B
574 B 128ms
29ms XHR
application/json 54.72.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=06f373ae-75e6-4e15-add1-b6f49be0026b
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2b487d2c515fc57d34fce3ade7fafdf3f20221f062567b066c65bef281ffccc9

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Date: Thu, 21 Jul 2022 00:18:05 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 82
Content-Type: application/json

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145336162-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-1KVYMWH3X7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50d1773ddcc09dc59a96938cd919266a75e364d46c5780261db691e38c7afb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42134
x-xss-protection: 0
expires: Thu, 21 Jul 2022 00:18:05 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-689496631&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-1KVYMWH3X7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aefe515bc1659abb33b55d2aed3dd4e7612ce6e48a786bc6d30eac06605104c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45697
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jul 2022 00:18:05 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
379 B 40ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1KVYMWH3X7&gtm=2oe7i0&_p=1182885943&_z=ccd.v9B&_gaz=1&_fid=flZ8xx_EM9wrqwNtJUmPpc&cid=2092389546.1658362685&ul=en-us&sr=1600x1200&_s=1&sid=1658362685&sct=1&seg=0&dl=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&dt=English%20Course&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-1KVYMWH3X7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
379 B 59ms
19ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1KVYMWH3X7&cid=2092389546.1658362685&gtm=2oe7i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-1KVYMWH3X7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1KVYMWH3X7&cid=2092389546.1658362685&gtm=2oe7i0&aip=1&z=367178591

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145336162-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4565
date: Wed, 20 Jul 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Jul 2022 01:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 51ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-689496631&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 00:18:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1182885943&t=pageview&_s=1&dl=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&ul=en-us&de=UTF-8&dt=English%20Course&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2119038877&gjid=523460739&cid=2092389546.1658362685&tid=UA-145336162-1&_gid=705822246.1658362685&_r=1&gtm=2ou7i0&z=111608781

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1182885943&t=event&_s=2&dl=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&ul=en-us&de=UTF-8&dt=English%20Course&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=gen_ab_test&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=2092389546.1658362685&tid=UA-145336162-1&_gid=705822246.1658362685&gtm=2ou7i0&z=340129474

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Jul 2022 14:18:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35955
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 51 B
548 B 31ms
30ms XHR
application/json 52.19.18.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=764766ad-a74d-4370-a2a9-adc64cc7900b-p
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.18.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-18-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7c0808b81c8ab42e8b80103d57d34e12935a5fd7a174ea9c1dd52cc37bfaec19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Date: Thu, 21 Jul 2022 00:18:05 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 51
Content-Type: application/json

POST
H/1.1 200
OK events Show response
wa.appsflyer.com/ 82 B
574 B 29ms
29ms XHR
application/json 54.72.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=06f373ae-75e6-4e15-add1-b6f49be0026b
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2b487d2c515fc57d34fce3ade7fafdf3f20221f062567b066c65bef281ffccc9

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Date: Thu, 21 Jul 2022 00:18:05 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 82
Content-Type: application/json

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/ 2 KB
2 KB 155ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/?random=1658362685111&cv=9&fst=1658362685111&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&tiba=English%20Course&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51e9bc432d5ec84c6d6b74a543bdff98abe7a9da9d447250895d33222fe9699d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/ 2 KB
1 KB 156ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/689496631/?random=1658362685113&cv=9&fst=1658362685113&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dgen_ab_test%3Bparam_name%3Duse_first_screen_ei%3Bparam_values%3Dcat_with_flags&frm=0&url=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&tiba=English%20Course&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15c58da9fff95e0f46f29bde31aac035ff6c7be83fb9b95ec2299e76ddc12d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-145336162-1&cid=2092389546.1658362685&jid=2119038877&gjid=523460739&_gid=705822246.1658362685&_u=YADAAUAAAAAAAC~&z=523223036

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jul 2022 00:18:05 GMT
content-type: text/plain
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 88ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-145336162-1&cid=2092389546.1658362685&jid=2119038877&_u=YADAAUAAAAAAAC~&z=455638326

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 89ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-145336162-1&cid=2092389546.1658362685&jid=2119038877&_u=YADAAUAAAAAAAC~&z=455638326

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 83c092c8-8330-4333-b4eb-f9781b782f9d
api.panda.boosters.company/v1/users/ Frame 0
0 105ms
105ms Preflight 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.panda.boosters.company/v1/users/83c092c8-8330-4333-b4eb-f9781b782f9d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-117-248.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:05 GMT
x-amz-apigw-id: Vl0xnG_ioAMFj8w=
x-amzn-requestid: 0101826c-6140-4d26-bf45-de9293aa3250

OPTIONS
H2 204 83c092c8-8330-4333-b4eb-f9781b782f9d
api.panda.boosters.company/v1/users/ Frame 0
0 104ms
104ms Preflight 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.panda.boosters.company/v1/users/83c092c8-8330-4333-b4eb-f9781b782f9d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-117-248.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:05 GMT
x-amz-apigw-id: Vl0xnG4jIAMFsAQ=
x-amzn-requestid: eee7a38d-08d0-46ff-9866-14086a57b94d

GET
H2 200 83c092c8-8330-4333-b4eb-f9781b782f9d Show response
api.panda.boosters.company/v1/users/ 530 B
850 B 144ms
144ms Fetch
application/json 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.panda.boosters.company/v1/users/83c092c8-8330-4333-b4eb-f9781b782f9d

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-117-248.compute-1.amazonaws.com

Software

Resource Hash

82aa3e5563b322de475fc09cc200cde978e41611d0ee03ab8632c7d674b3c3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
Authorization: MAOgVf4mTl7UmTphaRREtwupDRIlxDxB
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
x-amzn-requestid: 0a20bc53-fa85-4163-9757-13b48522d31c
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
x-amzn-trace-id: Root=1-62d89b3d-7ce3c31a1b32131455a52222;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: Vl0xoFXSoAMFnlw=
content-length: 530
x-xss-protection: 1; mode=block

GET
H2 200 83c092c8-8330-4333-b4eb-f9781b782f9d Show response
api.panda.boosters.company/v1/users/ 530 B
850 B 138ms
137ms Fetch
application/json 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.panda.boosters.company/v1/users/83c092c8-8330-4333-b4eb-f9781b782f9d

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-117-248.compute-1.amazonaws.com

Software

Resource Hash

82aa3e5563b322de475fc09cc200cde978e41611d0ee03ab8632c7d674b3c3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
Authorization: MAOgVf4mTl7UmTphaRREtwupDRIlxDxB
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
x-amzn-requestid: 86eb4106-782e-4518-9e7b-f15e292309ff
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
x-amzn-trace-id: Root=1-62d89b3d-38ea3f081866ef2d13c276e2;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: Vl0xoG1qIAMFugA=
content-length: 530
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 28ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=382139806462476&ev=PageView&dl=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&rl=&if=false&ts=1658362685282&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658362685281.281184027&it=1658362683480&coo=false&exp=u0&rqm=GET

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 21 Jul 2022 00:18:05 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 121ms
121ms Ping
application/octet-stream 23.36.163.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9F9GIJC77U12DDTHTN0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-241.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5fb03374.88251d6f
date: Thu, 21 Jul 2022 00:18:05 GMT
x-cache-remote: TCP_MISS from a23-220-105-70.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 107,23.36.161.213
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=19, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220721001805010002003005006003007001A8301
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.220.105.70
x-tt-trace-host: 0151073e60a041ec656923d320ad767e784d3a778c808a0c7ba12098effca8936c3a05315a56f8eb54c0da7f5fa8a42a66faf4eb65cf946eb5c3bd3825462aebf439821edfab96b3a005621e687a8e83f2e28833e2a564d6743e5faad6c89fe1fd0fe80ebd4b098e54070258479cc392a9
expires: Thu, 21 Jul 2022 00:18:05 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/689496631/ 42 B
64 B 38ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/689496631/?random=1658362685113&cv=9&fst=1658361600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgen_ab_test%3Bparam_name%3Duse_first_screen_ei%3Bparam_values%3Dcat_with_flags&frm=0&url=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&tiba=English%20Course&async=1&fmt=3&is_vtc=1&random=353294049&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/689496631/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/689496631/?random=1658362685113&cv=9&fst=1658361600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgen_ab_test%3Bparam_name%3Duse_first_screen_ei%3Bparam_values%3Dcat_with_flags&frm=0&url=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&tiba=English%20Course&async=1&fmt=3&is_vtc=1&random=353294049&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/689496631/ 42 B
64 B 36ms
17ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/689496631/?random=1658362685111&cv=9&fst=1658361600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&tiba=English%20Course&async=1&fmt=3&is_vtc=1&random=369952052&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/689496631/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/689496631/?random=1658362685111&cv=9&fst=1658361600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&tiba=English%20Course&async=1&fmt=3&is_vtc=1&random=369952052&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/o/app-bm?screen=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/ 11 KB
2 KB 296ms
274ms Fetch
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/firebase:fetch?key=AIzaSyCjmKoKYNWRcwNJzx3FPvIIaGNrPtgbgKg

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e95940470fc6c6c073b907b2df54b62f800a5afac94395faf31e97383982ef07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
Content-Encoding: gzip
If-None-Match: *
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: etag-ten-words-firebase-fetch--1560898828
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 2461
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/ Frame 0
0 55ms
15ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/firebase:fetch?key=AIzaSyCjmKoKYNWRcwNJzx3FPvIIaGNrPtgbgKg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 21 Jul 2022 00:18:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 C1MMOyik.json Show response
cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/ 2 KB
800 B 43ms
23ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/C1MMOyik.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30af471797ed469dd61bc958468ce75513081ebc49b007785c4b01ab29b07294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 13:27:58 GMT
server: cloudflare
etag: W/"90b-5e42873eba84c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfhfnpmBd244q3WxXQYZFiHM95QGahGFYr4ZIOWKFTGS5meBChXG6dlWSz6zWkUva1D0L5jvF%2B6pdwddrM2GRbPFn%2FQcRQ%2FO6bMFi0OgPH3hRg2nD%2FflWlo0lDDYvMvuiI75JjDtFiDhUJkt2qr7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72dfc1df7e3891d5-FRA

POST
H3 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/ 1 KB
471 B 201ms
182ms Fetch
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/fireperf:fetch?key=AIzaSyCjmKoKYNWRcwNJzx3FPvIIaGNrPtgbgKg

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6f75b3c12250324707d8b99113af7ab8a36236cabab05b10f5430dd5ae965c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MzMxOTI1MDAwODU4OndlYjoxMGQ3ZDM3M2VhNGJhZTc4ZjQ0NTIzIiwiZXhwIjoxNjU4OTY3NDg1LCJmaWQiOiJmbFo4eHhfRU05d3Jxd050SlVtUHBjIiwicHJvamVjdE51bWJlciI6MzMxOTI1MDAwODU4fQ.AB2LPV8wRgIhAMuUljKOzKpnP4dyeDLY-r4RgiGXcuGNI8bKJgAbSm9iAiEAzcJieqJ5clb3fm_Oupy3r1kQ7e3RV9EkOBAyg91fVFg
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: etag-ten-words-fireperf-fetch--1223630743
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 447
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/ten-words/namespaces/fireperf:fetch?key=AIzaSyCjmKoKYNWRcwNJzx3FPvIIaGNrPtgbgKg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 21 Jul 2022 00:18:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 result.php Show response
directory.cookieyes.com/geoip/checker/ 111 B
310 B 81ms
30ms Fetch
text/html 46.101.13.61
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://directory.cookieyes.com/geoip/checker/result.php
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.13.61 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 529751.cloudwaysapps.com
Software: nginx /
Resource Hash: cca337f6dffec84d9082a0aa7f2edbbcd6e281ec4607ff4eaeb1c7a60c51b79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 110

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 358ms
357ms XHR
text/html 34.209.74.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/2.736d1bc1.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.74.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-74-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:05 GMT
trace-id: Root=1-62d89b3d-311fb73419c74db4261b2dba
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 s-sNA5KT.json Show response
cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/config/ 29 KB
6 KB 25ms
25ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/config/s-sNA5KT.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf834776feeca39d1470e2bdc36613ac43b88a0cc8bcd7950e7e922e9957a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 13:27:58 GMT
server: cloudflare
etag: W/"75a8-5e42873ebc78c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0L3ooMLHXmTeOW%2FP2jzLxl6LsX4rCwxF6Ae%2Ft5kArO95%2BZrTTASU6gMlHs2MsVvMSjjQaR6AZG9dIjZiYV8qUwwg2%2F5J9%2FzNyD%2BJ9uUU4gJfI%2FWALAzixca1c%2BUG6MeaaMqAVtt6Wk73PYbTqO4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72dfc1e02e9a91d5-FRA

GET
H2 200 R-b3xJHk.json Show response
cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/translations/ 2 KB
1 KB 23ms
23ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/translations/R-b3xJHk.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec89db7416b889eecdd471c013a7b302ef76be235b4dc54d60b035081da6c02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 13:27:58 GMT
server: cloudflare
etag: W/"7c4-5e42873ebc78c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0AmIgvgpC%2FTM5gzx8kxgjkGRkDteRzpfqt5FeN381YcJvoHHMZzoyHTwZf%2B3euK5Vi5ftpbXOFQyJtyBD74HyyG9L2vhj%2Ba%2BErtIHvkxCCjcpHcU%2FytOSdGlzfYa1wISWGwXBpOKlBfctBz7I2U"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72dfc1e05eb291d5-FRA

PUT
H2 200 83c092c8-8330-4333-b4eb-f9781b782f9d Show response
api.panda.boosters.company/v1/users/ 45 B
364 B 149ms
148ms Fetch
application/json 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.panda.boosters.company/v1/users/83c092c8-8330-4333-b4eb-f9781b782f9d

Requested by

Host: wp-669-payment-form-update.english-improve.stage-boosters.com
URL: https://wp-669-payment-form-update.english-improve.stage-boosters.com/static/js/main.8ff6eaf6.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-117-248.compute-1.amazonaws.com

Software

Resource Hash

f44e84bb86a9516867a6cabdcb39e082af40a34b51538b45be08de457a7a0e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
Authorization: MAOgVf4mTl7UmTphaRREtwupDRIlxDxB
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 00:18:05 GMT
x-content-type-options: nosniff
x-amzn-requestid: b77fa38e-0262-47c7-9b65-d8014ff3868e
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
x-amzn-trace-id: Root=1-62d89b3d-6ea2ae1318333f02380ce97d;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: Vl0xrHCkoAMFqCg=
content-length: 45
x-xss-protection: 1; mode=block

OPTIONS
H2 204 83c092c8-8330-4333-b4eb-f9781b782f9d
api.panda.boosters.company/v1/users/ Frame 0
0 111ms
110ms Preflight 54.164.117.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.panda.boosters.company/v1/users/83c092c8-8330-4333-b4eb-f9781b782f9d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.117.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-117-248.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: PUT
Origin: https://wp-669-payment-form-update.english-improve.stage-boosters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET,PUT,POST,DELETE,PATCH,HEAD
access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:05 GMT
x-amz-apigw-id: Vl0xpEzwoAMFuJw=
x-amzn-requestid: d10a41dd-4850-49da-911c-2feec998bd9c

GET
H2 200 QyH62knh.json Show response
cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/audit-table/ 9 KB
2 KB 24ms
23ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/audit-table/QyH62knh.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6955bcbaf718eadbd73aa60c2c85bed6d3805479b8ecbcd291665069c4f30716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 13:27:58 GMT
server: cloudflare
etag: W/"2328-5e42873eba84c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aO2xlQbt8cRcw5WEfKfTLNtGnzbjX%2Bf4j2MwH0XxnGJELgGnfwkPOA43jZvkPPoRJsae4fLN%2B5O5TlGsKVHmBk5elEE33zyVW3%2F6miC5U3%2F0OUSLwNfRkLYVCqIeyH9g5GKJrzuAoAG7YfYTzJCF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72dfc1e12f4491d5-FRA

GET
H2 200 revisit.svg
cdn-cookieyes.com/assets/images/ 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:47 GMT
server: cloudflare
age: 229582
etag: W/"923-5da3a668dacc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0pozLcMdkjka1oERfte2z%2FYLz8YQEG%2FENGkk2DoXfCxmqgk%2FUr2%2FtADrSz8aiZOUiaSBi89UxVZmcpUGTRtxHZwC5TL7XZ6aj2R82NSUAsBo5MyOGa6zF%2BkENGAzemyO2ptlyXIO0rgTkIDBTy9"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72dfc1e158e19bdd-FRA

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
1 KB 14ms
13ms Image
image/svg+xml 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:50 GMT
server: cloudflare
age: 229587
etag: W/"541-5da3a66c769d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHxL%2BgjafdlljOuC%2FY6bt4P5MiIQnjzGFHe5r0Y7kb8bVzF98f3bphVRNwlnIMmv5C4Ui0jXi%2BAZCIq4ANACfV0fnJLFYvRShXwL5FzdB6RsmLfpudAxEbcHzuIOo%2F0lOivq2%2Fu9RwiM1t0kzl8K"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72dfc1e158e29bdd-FRA

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
152 B 32ms
32ms Ping
text/plain 34.247.248.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/fc386b483ff870b67ec556f2/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.248.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-248-73.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2GQAHomjLX5QyPB4

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 00:18:05 GMT
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 20ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=382139806462476&ev=Microdata&dl=https%3A%2F%2Fwp-669-payment-form-update.english-improve.stage-boosters.com%2Fo%2Fapp-bm%3Fscreen%3D0&rl=&if=false&ts=1658362685784&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22English%20Course%22%2C%22meta%3Adescription%22%3A%22Learn%20English%20Online%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22English%20Course%22%2C%22og%3Adescription%22%3A%22Learn%20English%20Online%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fenglish-improve.com%2Fimages%2Fbox.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fenglish-improve.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658362685281.281184027&it=1658362683480&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wp-669-payment-form-update.english-improve.stage-boosters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:18:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 00:18:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vars.hotjar.com
URL: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-20 14:00:58	Name: _ttp Value: 2CELEEyvf1BcoK8MqQeE2CrKSPB
.stage-boosters.com/	1970-01-20 14:00:58	Name: _tt_enable_cookie Value: 1
.stage-boosters.com/	1970-01-20 14:00:58	Name: _ttp Value: 30b35bbe-fb9d-4efd-91a3-dbcd63fdfd58
.stage-boosters.com/	1970-01-23 20:15:22	Name: amp_ddd0e2 Value: DsngpadKdOyDUxl0GcZKda...1g8f1spb6.1g8f1spba.0.1.1
.stage-boosters.com/	1970-01-20 22:10:34	Name: _ga_1KVYMWH3X7 Value: GS1.1.1658362685.1.0.1658362685.60
.stage-boosters.com/	1970-01-20 06:48:58	Name: _gcl_au Value: 1.1.295832133.1658362685
.stage-boosters.com/	1970-01-20 22:10:34	Name: _ga Value: GA1.2.2092389546.1658362685
.stage-boosters.com/	1970-01-20 04:40:49	Name: _gid Value: GA1.2.705822246.1658362685
.stage-boosters.com/	1970-01-20 04:39:22	Name: _gat_gtag_UA_145336162_1 Value: 1
.appsflyer.com/	1970-01-20 22:10:34	Name: af_id Value: 764766ad-a74d-4370-a2a9-adc64cc7900b-p
.stage-boosters.com/	1970-01-20 22:12:01	Name: afUserId Value: 764766ad-a74d-4370-a2a9-adc64cc7900b-p
.onelink.me/	1970-01-20 22:10:34	Name: af_id Value: 764766ad-a74d-4370-a2a9-adc64cc7900b-p
.stage-boosters.com/	1970-01-20 04:49:27	Name: AF_SYNC Value: 1658362685133
.doubleclick.net/	1970-01-20 04:39:23	Name: test_cookie Value: CheckForPermission
.stage-boosters.com/	1970-01-20 06:48:58	Name: _fbp Value: fb.1.1658362685281.281184027
.stage-boosters.com/	1970-01-23 20:15:22	Name: amp_ddd0e2_stage-boosters.com Value: DsngpadKdOyDUxl0GcZKda.ODNjMDkyYzgtODMzMC00MzMzLWI0ZWItZjk3ODFiNzgyZjlk..1g8f1spb6.1g8f1sqak.2.3.5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

active.cookieyes.com
analytics.tiktok.com
api.amplitude.com
api.panda.boosters.company
cdn-cookieyes.com
connect.facebook.net
directory.cookieyes.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
log.cookieyes.com
pro.ip-api.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
wp-669-payment-form-update.english-improve.stage-boosters.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
vars.hotjar.com
108.157.4.113
108.157.4.38
142.250.185.98
143.204.215.45
2001:4860:4802:34::36
23.36.163.241
2606:4700:20::ac43:44d6
2a00:1450:4001:802::2008
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9a
2a02:26f0:3500:11::215:14d5
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.209.74.230
34.247.248.73
46.101.13.61
51.77.64.70
52.19.18.85
54.164.117.248
54.72.99.35
0012c8d7388d9967beba8945f1a85f4519b58aa53cecbf89c08cd939e9e733a4
01dea1c95e7f8112643ea8478fdb2a0ae8edefe21d01f2088815aeef3c559238
0ec89db7416b889eecdd471c013a7b302ef76be235b4dc54d60b035081da6c02
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15c58da9fff95e0f46f29bde31aac035ff6c7be83fb9b95ec2299e76ddc12d4c
162cc8cf35933243ad6d64942fbe1278f253f27e92f22f3f7bc5a0f81bb7059f
1872d9083123384884f0a77ba7d2cbc874d33c1b95cf9b6f654ef8020cfe8e6c
188d407538e1c87d1f3cfd79e3110cce411be0b4ce2a983e618d7f8774ca0f12
18fa32cb1feca60423ef6bcb082561589041d78e23ee867cb979afd5c7ffa375
1ecdac0ec2ec9446779557bf0599bc20a9c3737fbb6104db254bfeabfae7fcad
1f42fb60d8bbf99689c7629140818aec2f57de15db9e3f03df5d5373de513c56
2b487d2c515fc57d34fce3ade7fafdf3f20221f062567b066c65bef281ffccc9
2e0828d80f1e2542b247915dbafaa268fcdd6f5c4ce4d6e57eccc0d37916752e
300aeaa14a10117d4d955445995f90e09d5d0c009356d6c1830cf2189c606a75
30af471797ed469dd61bc958468ce75513081ebc49b007785c4b01ab29b07294
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
4469738774ec56d829889d18a602546702e46456ef0690bd67913ff6be046797
50d1773ddcc09dc59a96938cd919266a75e364d46c5780261db691e38c7afb39
51e9bc432d5ec84c6d6b74a543bdff98abe7a9da9d447250895d33222fe9699d
55d2097c3764dff95eb5c9ed4b1fe3d6fcb97127970e32c44d914680d90cde64
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f8458f1a7e9be9c3b6aa184f58a724767507f7cc86a7719d32d934c69cf5ce1
6955bcbaf718eadbd73aa60c2c85bed6d3805479b8ecbcd291665069c4f30716
6c778fa33c310a163fdeee7ec6ddfa04f7a192c87b8a0efc858e66cee254a88a
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6f2ef415329868be549149327166bb020ca6c53955f85476e9aed9058115eb88
781d17701ea3aa5ab9169e0fff36f1c50498a82d994412dbbca11c8418b53505
7c0808b81c8ab42e8b80103d57d34e12935a5fd7a174ea9c1dd52cc37bfaec19
82aa3e5563b322de475fc09cc200cde978e41611d0ee03ab8632c7d674b3c3e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9fa19c7a19daa83232c5240d52b4a8ff15a728a4a1cff780e4bdd0be87374b91
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aefe515bc1659abb33b55d2aed3dd4e7612ce6e48a786bc6d30eac06605104c6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b883c0c869fb8f1dea9a58f7b5da610506238a21da7f93ba9b162507f4140f6d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caf834776feeca39d1470e2bdc36613ac43b88a0cc8bcd7950e7e922e9957a7c
cc8ec951b91d39b8de42faf147f485a7a6b24a2095a1e241d3d18ab2b5bb89ca
cca337f6dffec84d9082a0aa7f2edbbcd6e281ec4607ff4eaeb1c7a60c51b79f
d6f75b3c12250324707d8b99113af7ab8a36236cabab05b10f5430dd5ae965c4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95940470fc6c6c073b907b2df54b62f800a5afac94395faf31e97383982ef07
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44e84bb86a9516867a6cabdcb39e082af40a34b51538b45be08de457a7a0e31
f480206dc9d6447f5a9a97521e8c8117d9e03ce991a7c5d46b14cc2395a2b753
fc13b953421a9e30dde94062021b6e92de1a22b002ebc79e0460304c9dbd198f
fcdf51b9cf6fd06a2ceb9bdd718223a9577dccb7622a6251808a5d4f25d37ded

wp-669-payment-form-update.english-improve.stage-boosters.com Open in urlscan Pro 143.204.215.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

99 %HTTPS

57 %IPv6

20 Domains

30 Subdomains

29 IPs

5 Countries

1900 kBTransfer

6748 kBSize

16 Cookies

1 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wp-669-payment-form-update.english-improve.stage-boosters.com Open in urlscan Pro
143.204.215.45 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

99 %
HTTPS

57 %
IPv6

20
Domains

30
Subdomains

29
IPs

5
Countries

1900 kB
Transfer

6748 kB
Size

16
Cookies

85 HTTP transactions
0 data transactions