www.hotbot.com Open in urlscan Pro
2606:4700:21::681b:c660 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hotbot.com/
Effective URL:
https://www.hotbot.com/
Submission Tags: falconsandbox
Submission: On December 16 via api (December 16th 2021, 2:15:18 am UTC) from US — Scanned from DE

Summary HTTP 211 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 19 domains to perform 211 HTTP transactions. The main IP is 2606:4700:21::681b:c660, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hotbot.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.

This is the only time www.hotbot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2606:4700:21:... 2606:4700:21::681b:c660	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	18.64.79.23 18.64.79.23	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:c98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	104.21.1.165 104.21.1.165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
27	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:ac00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.88.27.164 52.88.27.164	16509 (AMAZON-02) (AMAZON-02)
211	27

30 2606:4700:21::681b:c660 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.hotbot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.hotbot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.64.79.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-23.txl50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:c98 (United States)

ASN13335 (CLOUDFLARENET, US)

io.clickguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.1.165 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hotbotvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:ac00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.27.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-27-164.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	hotbot.com 1 redirects www.hotbot.com cdn.hotbot.com	736 KB
49	stripe.com js.stripe.com q.stripe.com Failed r.stripe.com Failed m.stripe.com	615 KB
25	google.com www.google.com pay.google.com Failed play.google.com	401 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	592 KB
5	google-analytics.com www.google-analytics.com	59 KB
5	clickguard.com io.clickguard.com	7 KB
4	facebook.com www.facebook.com	416 B
4	facebook.net connect.facebook.net	226 KB
4	hotbotvpn.com api.hotbotvpn.com	61 KB
4	unpkg.com 2 redirects unpkg.com	13 KB
4	jsdelivr.net cdn.jsdelivr.net	72 KB
3	google.de www.google.de	719 B
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
2	stripe.network m.stripe.network	16 KB
2	reddit.com alb.reddit.com	220 B
2	googleadservices.com www.googleadservices.com	29 KB
2	redditstatic.com www.redditstatic.com	15 KB
2	googletagmanager.com www.googletagmanager.com	123 KB
2	googleapis.com ajax.googleapis.com	61 KB
211	19

	Domain	Requested by
30	www.hotbot.com	1 redirects www.hotbot.com cdn.hotbot.com
22	cdn.hotbot.com	www.hotbot.com cdn.hotbot.com
21	r.stripe.com	js.stripe.com
21	js.stripe.com	www.hotbot.com js.stripe.com
13	play.google.com	www.gstatic.com
10	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
8	www.google.com	www.hotbot.com www.gstatic.com www.google.com
6	q.stripe.com	www.hotbot.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.hotbot.com www.gstatic.com
5	io.clickguard.com	www.hotbot.com io.clickguard.com
4	pay.google.com	js.stripe.com pay.google.com www.hotbot.com www.gstatic.com
4	www.facebook.com	www.hotbot.com
4	connect.facebook.net	www.hotbot.com connect.facebook.net
4	api.hotbotvpn.com	unpkg.com
4	fonts.gstatic.com	cdn.hotbot.com www.google.com
4	unpkg.com	2 redirects www.hotbot.com
4	cdn.jsdelivr.net	www.hotbot.com
3	www.google.de	www.hotbot.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	googleads.g.doubleclick.net	www.googleadservices.com
2	alb.reddit.com	www.hotbot.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.redditstatic.com	www.googletagmanager.com
2	www.googletagmanager.com	www.hotbot.com
2	ajax.googleapis.com	www.hotbot.com
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	www.google-analytics.com
211	27

This site contains links to these domains. Also see Links.

Domain
help.hotbot.com
dashboard.hotbot.com
play.google.com
hotbotvpn.page.link
www.facebook.com
www.instagram.com
twitter.com
www.epoch.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
cdn.hotbot.com R3	`2021-10-20` - `2022-01-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-25` - `2021-12-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.hotbot.com/
Frame ID: 4E54819DC33C6E6680C864C3D51DD50E
Requests: 103 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 99E6460B04D150A33D9DF0883D7AECE2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html
Frame ID: 023877FDF5ADC7113CB9B0B910CF9073
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html
Frame ID: CC6915AB10965EC194CE4ABBB6E3F79C
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html
Frame ID: 23392B3B94AD652E028A1E243A9AF456
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 151C408B2CDCB9F5A68BA4D57165605D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7&co=aHR0cHM6Ly93d3cuaG90Ym90LmNvbTo0NDM.&hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=hnufn33tq3of
Frame ID: 0D1074C544E8C464954A5E70711083F7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6AAA06854144CE03A3C1F2B225FB7910
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html
Frame ID: A30961D23AE8840F5F684D87239FC8D0
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html
Frame ID: E457FDBFDA228FCA21A2556D7D55BD05
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html
Frame ID: B420D92F410C6B03DC708AF88A56F3C1
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 712473D3F070DB8D5BC5FB4F1E358B1F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7&co=aHR0cHM6Ly93d3cuaG90Ym90LmNvbTo0NDM.&hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=81fpweyxr4tr
Frame ID: 41A488395159D2722C8E3B3B6FE7A641
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 4A79C05FE7B6E4272FE46079E4AF2513
Requests: 16 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DED59E117A71854718F00182B7757F36
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HotBot VPN: Fast, Anonymous, Unlimited, VPN Service

Page URL History Show full URLs

http://www.hotbot.com/ HTTP 301
https://www.hotbot.com/ Page URL
https://www.hotbot.com/ Page URL

Page Statistics

211
Requests

87 %
HTTPS

73 %
IPv6

19
Domains

27
Subdomains

27
IPs

5
Countries

3030 kB
Transfer

9744 kB
Size

17
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://help.hotbot.com/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://dashboard.hotbot.com/
Title: Login

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hotbotvpn&referrer=utm_source%3Dhotbot.com%26utm_medium%3Dwebsite%26utm_content%3Dbadge%26utm_campaign%3Ddirect-website

Search URL Search Domain Scan URL

URL: https://hotbotvpn.page.link/?link=https://apps.apple.com/us/app/hotbotvpn/id1488136863&apn=com.hotbotvpn&isi=1488136863&ibi=com.hotbot.vpn&utm_campaign=direct-website&utm_medium=website&utm_source=hotbot.com&utm_content=badge&efr=1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeyHotBot/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heyhotbot/

Search URL Search Domain Scan URL

URL: https://twitter.com/HeyHotBot

Search URL Search Domain Scan URL

URL: https://www.epoch.com/
Title: Epoch Billing Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hotbot.com/ HTTP 301
https://www.hotbot.com/ Page URL
https://www.hotbot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.hotbot.com/ HTTP 301
https://www.hotbot.com/

Request Chain 9

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@0.24.0/dist/axios.min.js

Request Chain 96

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@0.24.0/dist/axios.min.js

211 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.hotbot.com/
Redirect Chain

http://www.hotbot.com/
https://www.hotbot.com/

133 KB
24 KB

209ms
168ms

Document
text/html

2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbbf1a2aa222513d090009c6c5d5c71aab266eade7d9343cdcf8ea96757f072

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-type: text/html; charset=UTF-8
link: <https://www.hotbot.com/wp-json/>; rel="https://api.w.org/" <https://www.hotbot.com/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json" <https://www.hotbot.com/>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY0rsWENpr8cF2Kw8QYt5gnGVxnrGanlOreR6gXu%2Bzq%2B%2F1ehFWoFlj0LXDwlvNa%2FQaqb31bvAC3d00lmx4qmoZLQIc8bLuGAMIQU30vRGxYKWVSU3tdR14fddBTNieYFMbyCOnXHfNEd5Lpq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6be466ffac5871ed-LHR
content-encoding: br

Redirect headers

Date: Thu, 16 Dec 2021 02:15:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 16 Dec 2021 03:15:09 GMT
Location: https://www.hotbot.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pae8v2he35L4bgJhSt9kBzFdxCKO6G1qFsxr1g4vGFYo8v2xaHYlzas0qc3dsk1avFQd309n%2B6wj%2Fdzu8fGXZB6fgCxg8XptGTurAaox9H%2FVyRRig063L4IgpKcvJwYQ0x8pDMlSm1axJhPg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6be466ff2e9c7599-LHR

GET
H2 200 styles.css
cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 81ms
12ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC3UULmmds4qplqRAXL%2Bxbo9NUC1g4ugRDX6Fo8ROpCD%2BmduIDq0ikVoIFxn0h%2FnYgnR2OqoLzYdPeaJC2jTI1NN5xqrYxFEXhLUFQQYC5LWFtUHP%2B%2F%2Bo2%2FeEjr9hg8f"}],"group":"cf-nel","max_age":604800}
content-length: 1051
last-modified: Fri, 29 Oct 2021 06:16:08 GMT
server: cloudflare
etag: W/"617b91a8-aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds156.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2881
accept-ranges: bytes
cf-ray: 6a5a474d6a822798-PRG

GET
H2 200 style.min.css
cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 2 KB
1 KB 81ms
13ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a997bd51a3a1ad45ca16653c6044aa62fe3e120816276195538914db2c1dfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d56m8%2FZiaWss1P6zTfe6BBlkS8ywUCUv7f4qn4vZCNFIaghX%2FdYppGs2lx5U83cXH5brUzvi%2BcIWS6JNm8M46bv8rIOr%2FQnf7NaGNMZ%2BAexroNpq9S8B0oxOfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length: 617
cf-request-id: 0ad5c298290000412b612ca000000001
last-modified: Tue, 15 Jun 2021 17:23:32 GMT
server: cloudflare
etag: W/"60c8e214-6df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds273.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=908
accept-ranges: bytes
cf-ray: 66363a06adf3412b-PRG

GET
H2 200 style.css
cdn.hotbot.com/wp-content/themes/hb/ 133 KB
28 KB 94ms
25ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2960ac72bc348253f08abe240e403d0e1f394aa032ccb8ead9ab3b9efe33d890

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCNAz%2FrxdQNOIBj18SzIFNuTvxes0dgj80hLtskO%2FXPnkNXodDff4YU0JAnhkIzq%2BsFLui6aE0O%2B%2FsQKgd%2BWwM5HsStMTe5cPQQzixqrGKANM26T1T4hNIU0uKUfGEhF"}],"group":"cf-nel","max_age":604800}
content-length: 28260
last-modified: Thu, 09 Dec 2021 12:00:56 GMT
server: cloudflare
etag: W/"61b1eff8-212c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds108.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2418
accept-ranges: bytes
cf-ray: 6bae28029f1fe007-FRA

GET
H2 200 script.min.js Show response
cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 449 B
673 B 106ms
38ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5fc18167c9bb2e3e5a3c27a8cf951a5d32770462a143b87989a5853d034dc8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0ah%2BCotY2Kg%2BOYmszlD%2Bq7a3Im5lM%2FJtMLfeSJnxkYzJN1d95RHFvr2e4lrl42h6AA4GKYG%2Fb5ZcqwORgRyoaWjDw8vsH87fmP8YkxG%2F4EkMdWtI9bzOZ%2FMWSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length: 306
cf-request-id: 0ad5c2982f0000413e9f27e000000001
last-modified: Tue, 15 Jun 2021 17:23:32 GMT
server: cloudflare
etag: W/"60c8e214-1c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds222.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=908
accept-ranges: bytes
cf-ray: 66363a06bd97413e-PRG

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 56ms
31ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 10:46:56 GMT

GET
H2 200 app.js Show response
cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/ 173 KB
61 KB 99ms
31ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js?ver=4.4.10
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af47a9b678180535c1d5b56fee5bf534f87eeea8ab328bc9a323b943fa28c51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuxzxW3N1n3MCAgLtiPxuWKXriAwSXjhL82SP9Md6NF6L%2Fr%2BrwRyTKV1XBY7HdVDPBiue4RxvcN3zU0xN8yBkLBfYOatG9798B9X2vy3IlKbLH8uYeLtUL7UJg0oKIJs"}],"group":"cf-nel","max_age":604800}
content-length: 61613
last-modified: Tue, 15 Jun 2021 17:23:43 GMT
server: cloudflare
etag: W/"60c8e21f-2b445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds005.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2418
accept-ranges: bytes
cf-ray: 6b009ae99d3a4107-PRG

GET
H2 200 api.js Show response
www.hotbot.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 22ms
20ms Script
text/javascript 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotbot.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDVtVAJKPjZAQnAKmuNM2vSM7t%2BdsKC4s%2B5ybseA7%2BEgKbNFbSHiP%2BNGbIW%2FtcAei70FApLcNW%2BAxKmhRrlnbpjEv53bopb1wLU1SH%2FUaPDOoG9TXEQ80FOGccIlkxXPxBA6gxVflpYTjziT"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6be46701bdc271ed-LHR

GET
H2 200 vue Show response
cdn.jsdelivr.net/npm/ 92 KB
35 KB 42ms
23ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22670
x-jsd-version: 2.6.14
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6be46700e82d6925-FRA

GET
H2

200

axios.min.js Show response
unpkg.com/axios@0.24.0/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@0.24.0/dist/axios.min.js

17 KB
6 KB

20ms
19ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.24.0/dist/axios.min.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4436477
fly-request-id: 01FJW9CNVMT9N4FTJ5R4ENDR12
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"45b3-NFbQ0Q5mnZV1R20jcsWI1sj3wos"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6be4670118184ea4-FRA

Redirect headers

date: Thu, 16 Dec 2021 02:15:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FQ0FV97FSKJNADZ1VHBSC31M
server: cloudflare
age: 522
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /axios@0.24.0/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6be46700fffc4ea4-FRA
access-control-allow-origin: *

GET
H2 200 logo-light-bg.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 6 KB
3 KB 28ms
26ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/logo-light-bg.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f69bee70be15115852b73d34bc77d06e951cf3db33c16124c1a97e3d4e9750a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 05:02:22 GMT
server: cloudflare
age: 5481
etag: W/"60348c5e-19d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq%2BzAnIqc2SQoF7d5Hsk83%2Bdq%2F2eWwSuFdiQkhstiFVMiHqayu48epj9RzW5PplAWabjTNEgp%2BiYI77R0OkkbIvm%2BFe9wfuAxA%2BCg%2BDnhQ%2BTyA37TBfOe5XVLYDY%2BggRRf6VhlMXTBpCiCNT"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdc471ed-LHR

GET
H2 200 index_hero_desktop.png
cdn.hotbot.com/wp-content/themes/hb/assets/img/ 42 KB
42 KB 1563ms
1561ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/assets/img/index_hero_desktop.png
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:11 GMT
cf-cache-status: BYPASS
last-modified: Mon, 05 Jul 2021 07:50:58 GMT
server: cloudflare
etag: "60e2b9e2-a7d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtQ3lGfnFnd6OXgMnTIASr0JAhD8iWvIRXqhvzm07QmJUCXnaKCeEnOn3OqzonPVeq0VNVvH8lhkykMauxSuFOlSHTH8RKp4t4OWdWD%2FPYxRNDmnKFUESdjhCKLm7PuF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6be4670b399b701f-FRA
content-length: 42969
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds167.fr8.sc,1639620911.cds167.fr8.pr

GET
H2 200 hero-connect-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 524 B
633 B 27ms
25ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-connect-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 709a80a72f8463fd56a736af129dd59907438f8e5b9442451b192a5e2fc57f36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-20c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClvthHDrc7aM7J9J5mw%2BJFm82DyBEPa4l3rDKkirhTP5X9jsGg4KUo1%2Fk93yt8DFt9TeEhh2Z3wkcEtfAmZ6za%2BxawhvSfV0qYqLMTuinv8pHnIwvdSiEokVJQzU8KKOQ1TxAMKZGffMVDWC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdc571ed-LHR

GET
H2 200 hero-settings-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 733 B
632 B 26ms
24ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-settings-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff0bee5046ebfb2949c27d9b49bd7a0faad93f8a00068c1e45de42650a9a701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJK4BmL7Qirw1EHH8wWpsHLKwM%2BnaIAgcZJKq7RgC13bIVeWGPHC3L%2B3%2FGINoqNP2%2F%2B3fs7P8pzDSnf1MW%2BtviqF%2FN4FSWCbqR3FDXoFe%2B%2FfxJH%2BgkSzvLXqpRIiM0Dl3d4SFOoi7Hn4QcOY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdc671ed-LHR

GET
H2 200 hero-cloud-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 400 B
693 B 31ms
29ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-cloud-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b3143c8fde5fd9482e5ce5f8c84203f36bff7b7ad19989cbbc6ed56bd2877f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6ICFDpYEy5KYYyHUKNsmXc%2F90kujfQgrSgtVyNaUtshqkXq6Mjf0CqXbSwPWzEx1Me6O94RshGY1S2mkpRQczAP5oznsoUGcztQ8TBZOnXpsWbmmtlG6u6MSrDGyhHsSQ4D5qFSsRZz1wfp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdc971ed-LHR

GET
H2 200 hero-shield-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 351 B
531 B 28ms
27ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-shield-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c36898df73761cd92547d3000354e04c2aa6600d597ae1f83c5275f329a93d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-15f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePZBGtS57K1TyTrriG7qlNGJYtwBRE0CAEtt8Bv1xKQ4VUXwcFjt%2BWu8WZIXvU9Hp7JBHn3jUoI2KULbpptiNVL4KCQFJA0G9QODdXzm4s81XsCC7PznbdoD4r3n8ld7hJoRhIMCcEHFe1Lu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdcb71ed-LHR

GET
H2 200 hero-signal-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 513 B
592 B 27ms
26ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-signal-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fe996b58d5f02dd760c966d585b49625c7f2b11fda626aeb5c43ef7dc2291c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Hnj1Dw%2BvyVzTrhYbCm4KFJPSlbklbALxioTFr2eoCbc%2F%2BkqXC4FVxzx2wghXu7hJKtpwu9E5TyjInFVmWSJJTEtf5U1NOVrvoW1oeNn2Xrgw0Kz3L0c6aFhX7VinaeepqsVC3ZDxLBkNUig"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdcc71ed-LHR

GET
H2 200 section-bg.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 9 KB
3 KB 30ms
29ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/section-bg.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c82f3893f663c65b8c85c05e601d98db40000ee784a303e01d1d128e3e236dbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 2892
etag: W/"5ffbe278-24d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLC4PPppmhVzARwcL3c0JsnNnpTX%2FBTM3sTFN1Jn3gIwa3RxD3cxiShjgUfSg7R8%2FG7OG%2B2Tz381htv87p2pEbyvbm0GzblJs3EN7r8CGUaATVzEuLWauFaWqn2TmrnAJBIQEnaLasgj7G2%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdcd71ed-LHR

GET
H2 200 / Show response
js.stripe.com/v3/ 268 KB
71 KB 948ms
654ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1724d2d2457ffac005ef96ec0460096bbf48e40e79458889e208cbc00aa9696e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 19:40:05 GMT
server: Cloudfront
etag: W/"bda7c789ac266a34f85620c92d92b3ea"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: TKEx40KPo1_nUWaNzyFG_1DUSrjq8WQoEifS5qtHiSO3QfYxNlkPDw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 51ms
19ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0550aebb033eb335c25cfb327b557a262687a4d34967517cb8930b3f0cb24ecb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Thu, 16 Dec 2021 02:15:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
62 KB 61ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f247f38600a45372deb45935431309ab013368119d7299dfa6ce5a38e9b6b1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62900
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 01:06:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 02:15:10 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.hotbot.com/wp-includes/js/ 14 KB
5 KB 43ms
42ms Script
application/x-javascript 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotbot.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Jun 2021 06:44:19 GMT
server: cloudflare
etag: W/"60c06343-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItlAx16lVamCAigV%2F%2FqRw%2BmENjlcjjTZi64pyeXaYuxdE5plau8wJnTcghYTZF3mZ7bd3I1ACDo82ijAQ%2B5gsz6iOFl8hpukdqxze0M2XANy06l8QTwPojJIIaELSuS5BzguQMAJbTYMwKhE"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be46701bdce71ed-LHR

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@rc/dist/ 2 KB
945 B 15ms
12ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19597
x-jsd-version: 3.0.0-rc.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"695-pXILqyxk6ej3gkrdagCqNfKaZZQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6be46701a9626925-FRA

GET
H2 200 wp-polyfill.min.js Show response
cdn.hotbot.com/wp-includes/js/dist/vendor/ 97 KB
39 KB 16ms
14ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKWYJtEsXqlbd52STS4nOYDudlSqWh5KT8pBsORoKpqgbodtsrZ4UULJFio5W1bxTDqmysrXLqkb8AUhKQCNDMrygI6AgQVyyQOIeAVSbWQxirtk1o38vjbMoVrmUzNS"}],"group":"cf-nel","max_age":604800}
content-length: 39279
last-modified: Mon, 25 Jan 2021 19:45:50 GMT
server: cloudflare
etag: W/"600f1fee-183ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds228.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2881
accept-ranges: bytes
cf-ray: 6a5a474af9744107-PRG

GET
H2 200 index.js Show response
cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 19ms
16ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUUZDdcgLVYLZ5f3KIG3yGDb1yRfgZLX3Dhf2un0o174zoDDu68iOlkKzWnZVFAMW95mtaFoHV79vLqQvoNM1WAOy0tCU7Zgl7Gex%2BI0Ci6WOBVU6MloxdXiUkiFDRgV"}],"group":"cf-nel","max_age":604800}
content-length: 4196
last-modified: Fri, 29 Oct 2021 06:16:08 GMT
server: cloudflare
etag: W/"617b91a8-2e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds163.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=299
accept-ranges: bytes
cf-ray: 6a5a4750bd7e27b8-PRG

GET
H2 200 common.min.js Show response
cdn.hotbot.com/wp-content/themes/hb/assets/js/ 92 KB
35 KB 19ms
16ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/assets/js/common.min.js?ver=1.0.0
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db6dd2f24c66ef13fef09bffe3243e67b1d614d5eaa891ba8f336e82a877f8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxKDz75bd5KUHXSVgr6%2FLKW1kcqm0fi9T4%2Bd4as4n268uVCp2Qrp%2BbwXVSg4Hl4U6u7kyf69L5mOYVAAHCW9lkbKrdWgcqkof%2BJrIloOw1lRJDlxbBMEyZPzUj0wnxtw"}],"group":"cf-nel","max_age":604800}
content-length: 35337
last-modified: Tue, 07 Dec 2021 02:58:03 GMT
server: cloudflare
etag: W/"61aecdbb-1714a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds054.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2881
accept-ranges: bytes
cf-ray: 6b9accb55b3e42ee-FRA

GET
H2 200 wp-embed.min.js Show response
cdn.hotbot.com/wp-includes/js/ 1 KB
1 KB 20ms
18ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-includes/js/wp-embed.min.js?ver=5.7.4
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6HTjGSplPAmIWJpw5T2yMP4X%2B8%2BJc9QDvatZee4oVL3VXNizhBdDYuW6C4Nll%2Fj6kzq5yeoHJ%2FOg0LMr3cYSw9YRYdVANslzXPJTst2065AEUb34q9d2Rps5HLWuZya"}],"group":"cf-nel","max_age":604800}
content-length: 779
last-modified: Wed, 09 Jun 2021 06:44:19 GMT
server: cloudflare
etag: W/"60c06343-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620910.cds155.fr8.hn,1639620910.cds138.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2881
accept-ranges: bytes
cf-ray: 6ac3fbe3ae6b2794-PRG

GET
H/1.1 200
OK fb0ndRqL Show response
io.clickguard.com/s/cHJvdGVjdG9y/ 8 KB
3 KB 164ms
129ms Script
application/javascript 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/s/cHJvdGVjdG9y/fb0ndRqL
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b4dbd700d8a25e7acaa6057c0b9b27a99610c8f930bb77d324ae505fe29e3e4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 02:15:10 GMT
Via: 1.1 google
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: Express
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: br
Server: cloudflare
ETag: W/"1e8f-Gz7SgHZ/MGb+KMCpWdYcMXJuy40"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOH%2FqjjwbrSHFOyYb%2BHcQ7kudfc3r9oWiSVWFrtL1YaBzfKEhw1JZLLfn71bW%2FIB5TU7z0RTLI%2FWpqVkISvtAEa1ElQYoemuDp6Sepzf8C12C%2FjwGnmuVYyzLZ7KUYwnf17MrB0d5wMtBZkJELMs"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
CF-RAY: 6be46701e9150614-FRA
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 notosans-regular-webfont.woff2
cdn.hotbot.com/wp-content/themes/hb/assets/fonts/ 18 KB
18 KB 28ms
11ms Font
application/font-woff2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/assets/fonts/notosans-regular-webfont.woff2
Requested by: Host: cdn.hotbot.com
URL: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6832e2945d8f31734a550b7926a27807488c6c6f9baa7358213e42148da57a08

Request headers

Referer: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0
Origin: https://www.hotbot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
cf-cache-status: BYPASS
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
etag: "5ffbe278-46bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nls07XocKRWgmXY5e50IYDP5UWp9Z0fn739Xl0OcE9ntG2cqWYWFy9Pi6lUub3QkH%2BzkcGCbNKSIn7a9eWO%2B0b%2BVxMrdYCsCEYcaBS0mvSX3sYMx6MgIZy0HHKNZOspx"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3041
accept-ranges: bytes
cf-ray: 6bb3c4cce8092778-PRG
content-length: 18108
x-hw: 1639620910.cds012.fr8.hn,1639620910.cds250.fr8.c

GET
H2 200 NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSusdUmg7UiCXB5W.woff
fonts.gstatic.com/s/heebo/v10/ 13 KB
14 KB 41ms
12ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v10/NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSusdUmg7UiCXB5W.woff

Requested by

Host: cdn.hotbot.com
URL: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a93e6a0e45a9766c2aeca2b3ea6eef5a87819f50172bed09900d9472ef40e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.hotbot.com/
Origin: https://www.hotbot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:08:31 GMT
x-content-type-options: nosniff
age: 18399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13328
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 19:04:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 21:08:31 GMT

GET
H2 200 getPlanLocalCurrency Show response
api.hotbotvpn.com/api/v1/superadmin/ 147 KB
15 KB 134ms
79ms XHR
application/json 104.21.1.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hotbotvpn.com/api/v1/superadmin/getPlanLocalCurrency

Requested by

Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.1.165 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

128f0a391a0d323fc665fd100272bedf75e38c9cc6708cadd10254fb59e601e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-ray: 6be467023bc96958-FRA
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"24dfd-vUGI5+L4IjbYVbMGrBbf4VS/f8Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYQ91c905cqc%2BsegYhpnOtCiGjYJs6a9svaWU1Z08eSYWpyfwbhlyVSBOYiN17js4Htzp7c%2BcvzzomJBNLz8MOBTlXHTGhQxrKCbiKSC2n%2FsEnI0P6ezYrLridwXPdTSKVrBrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H2 200 stable-connection.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 343 KB
77 KB 33ms
32ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/stable-connection.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082e23a8604a4438618452f2d745477d3d0adc9cc65b588c5bb331a22a491b63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-55a1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcmcQ0gBUkQagJPvUsgm2tjN4WZntahpThcs775zaRIk3tYOiqhAyhB3%2BWwuqlN80534knxqzCdi4Hk%2BWP2Tf%2FiFqpreL0IdDxOPtEpnHoLAc1FinwcWaUEwArEauK9ZH%2BciyhkV5xy6AmrU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be467020e1c71ed-LHR

GET
H2 200 secure-internet.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 10 KB
3 KB 26ms
26ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/secure-internet.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b529cab3a6cca2e0d02e07f8cd6e70d31af56aa9a7c5b78252f67302480ae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-2775"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgMItf%2FJaIcnX0%2Fx59gMzzB8m5qJ3pdGMg07g6GfbGojH8xNh7pKapp71RL6hRdcwdXq8KPPexhih3nmw5rjNpzKtMXrqzzyfvRL92GUIMNzQud6kOeDvSDc2pDpjLAaSxAPQnjx5SHPbPQf"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be467020e2071ed-LHR

GET
H2 200 internet-restrictions.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 17 KB
5 KB 26ms
25ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/internet-restrictions.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9bc66ab6746487040058aef86469c62bef4e2aa23e747ba0c4611a628e138c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 469
etag: W/"5ffbe278-4288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUhB6Vbk1c8Ez930l40xufFZinMvWObbnUZc1nt7M0%2FDCVfekwG0BSPUo%2F31yKoWD2yu7seEhpzk6nzDwMy4bnSYY3id1ZoNQckMYvJxywC4Nv%2Fyv2Wx3oy4ClahzNSHa3CiXG5LQoFeLB4K"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be467020e2171ed-LHR

GET
H2 200 money-back-guarantee.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 14 KB
6 KB 44ms
43ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/money-back-guarantee.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ed2f096a34c2c82b88f441492d3666cf348be21154ac56c37d1b639e7dfc68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
etag: W/"5ffbe278-378a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tveKms2WtjKWXeXBmR5Phgn2bjryPDjOtS%2F8EB2UVOtJCHhWG6rUYIMwhzGRpIP0NvcFRU4TMNBCcEKBayU4gEVjtyu%2FvIKQVEe0UgG8muY9Aedpvn%2FhdNIu9qM%2BnDv6UHX8Posx4ZUK3pP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be467020e2271ed-LHR

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 51ms
7ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: dvDF4zlGQSnt3rclK+hiT9l735zmiScvr4l9jYBG31aLAegcQL2JM0wiyiW22XCJq+ErWvdUK/oTE49X4j8tbQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Dec 2021 02:15:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4444
date: Thu, 16 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 03:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 50ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 02:15:10 GMT

GET
H3 200 238878021035107 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 58ms
49ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238878021035107?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2024aef946c9511bc14aba3096ef2697d92e601d04ab5a9055a56c82b294282

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: nvOrlC5dldVfGNIbwOxcUaoefChz1t3sLJq6x5uDlJtdVFQXYEjlOqKVrcFeqieCTNtNbBbbwsItGoG4qSdEkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Dec 2021 02:15:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 37ms
17ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1092115367&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hotbot.com%2F&ul=en-us&de=UTF-8&dt=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1228757786&gjid=598078807&cid=430356508.1639620911&tid=UA-117029043-1&_gid=189725532.1639620911&_r=1&gtm=2wgc10MTR73FB&z=2088204168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hotbot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 152ms
105ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1639620910545&id=t2_34fm6euv&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=9fc0aee5-6c3e-418a-892b-955bfd698f69&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/452078959/ 2 KB
2 KB 63ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/452078959/?random=1639620910547&cv=9&fst=1639620910547&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.hotbot.com%2F&tiba=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2cd48c792c277786dc203d956043be9b043628bd28d3a55cd89ea6a1eb7b395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 51ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-117029043-1&cid=430356508.1639620911&jid=1228757786&gjid=598078807&_gid=189725532.1639620911&_u=YEBAAEAAAAAAAC~&z=1380020849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 02:15:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.hotbot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/452078959/ 42 B
64 B 38ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/452078959/?random=1639620910547&cv=9&fst=1639620000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.hotbot.com%2F&tiba=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&async=1&fmt=3&is_vtc=1&random=1587309539&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/452078959/ 42 B
154 B 59ms
27ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/452078959/?random=1639620910547&cv=9&fst=1639620000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.hotbot.com%2F&tiba=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&async=1&fmt=3&is_vtc=1&random=1587309539&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-117029043-1&cid=430356508.1639620911&jid=1228757786&_u=YEBAAEAAAAAAAC~&z=1886255362

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 49ms
25ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-117029043-1&cid=430356508.1639620911&jid=1228757786&_u=YEBAAEAAAAAAAC~&z=1886255362

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 40ms
13ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238878021035107&ev=PageView&dl=https%3A%2F%2Fwww.hotbot.com%2F&rl=&if=false&ts=1639620910642&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639620910641.228002594&it=1639620910520&coo=false&rqm=GET

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 16 Dec 2021 02:15:10 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 99E6 0
18 B 28ms
13ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.hotbot.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.hotbot.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 02:15:11 GMT

GET
H2 200 recaptcha__de.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 347 KB
136 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotbot.com/
Origin: https://www.hotbot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139000
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 15 Dec 2022 21:13:43 GMT

GET
H2 200 controller-636d35151fd98c4338a43da6e536c33c.html
js.stripe.com/v3/ Frame 0238 349 B
1 KB 17ms
16ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 349
last-modified: Wed, 15 Dec 2021 19:17:28 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:14:16 GMT
cache-control: max-age=60
etag: "636d35151fd98c4338a43da6e536c33c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: s8CWPS2Cdw841YWMRXVVfqWrMPVa7LX9fODXFuw90WMROnG0IEIbjw==
age: 57

GET
H3 200 getPlanLocalCurrency
api.hotbotvpn.com/api/v1/superadmin/ 147 KB
15 KB 98ms
84ms XHR
application/json 104.21.1.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hotbotvpn.com/api/v1/superadmin/getPlanLocalCurrency

Requested by

Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.1.165 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-ray: 6be4670a4d71dfc7-FRA
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"24dfd-vUGI5+L4IjbYVbMGrBbf4VS/f8Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di33mGrpLFHScQPq8skHnhHRzHgmvGFYPm%2FqYGdDAKuMZNVqquyJAOf9uGpAhWnI9d%2FFV0ff3UcLB16C6grnYyt2KIJrP58xUmxCFPBnqLjMXJSif2SfVAiQZar%2FW2nROGTyXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H2 200 payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html
js.stripe.com/v3/ Frame CC69 434 B
1 KB 71ms
70ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 434
last-modified: Wed, 15 Dec 2021 19:17:28 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:15:11 GMT
cache-control: max-age=60
etag: "18e5de637bcca3a86fe6eb1068384a34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: LGhpZcGEnFQX7evUC9c2iJ7aoXCcS5DtSfqzKn6Xb8dU-pa9YO0NAg==

GET
H2 200 payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html
js.stripe.com/v3/ Frame 2339 370 B
1 KB 31ms
31ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 370
last-modified: Wed, 15 Dec 2021 19:17:34 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:15:11 GMT
cache-control: max-age=60
etag: "71791a8dda141e84aaec07b0ca78da70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: DGncwsI9MQSp0Q3LWJK8g7d79ShPY7msqo9ntEJlTruzl8nJY-Tlqg==

GET
H2 200 Primary Request / Show response
www.hotbot.com/ 133 KB
24 KB 150ms
149ms Document
text/html 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotbot.com/
Requested by: Host: cdn.hotbot.com
URL: https://cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js?ver=4.4.10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ecd91757a0ebd62476c07a3e29ea31c56116eafdf591c12375c39abf8d3f2b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

date: Thu, 16 Dec 2021 02:15:11 GMT
content-type: text/html; charset=UTF-8
link: <https://www.hotbot.com/wp-json/>; rel="https://api.w.org/" <https://www.hotbot.com/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json" <https://www.hotbot.com/>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlDw3aQClrDxadq4cIw0l23FlU8CbC7haeGrbtXGsRuP7LRbR7mF8KtqmfRvwY9WaC1UL1ByejIvSGSwXOaANV1G%2FkpE57YeDHQEraHp%2B74E4%2Fty%2FJxkd7y1%2FnZIwlqvya2V%2BMQSarwAefpk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6be4670a8c1571ed-LHR
content-encoding: br

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html
js.stripe.com/v3/ Frame 151C 240 B
958 B 16ms
16ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:14:50 GMT
cache-control: max-age=60
etag: "f7902241893e7a497417843cb15dc858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: IrVdebHcUYUH0revZCPAw2uWiEFpa6Dq-AZhYesuxk2gTeERTagsxA==
age: 45

POST csp-report
q.stripe.com/ Frame 0238 0
0

POST csp-report
q.stripe.com/ Frame 2339 0
0

GET
H2 200 shared-d6627284bba2daff3f6dbb97e6e03969.js
js.stripe.com/v3/fingerprinted/js/ Frame 0238 200 KB
54 KB 21ms
20ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
x-cache: Hit from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 19:17:29 GMT
server: Cloudfront
etag: W/"0ed5dc636826dba0d13dea5a5c024b43"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: r4N-LOvVlxvZKgoqwm4RECk-fi6xZ8crLj9_kf28EhUVftijFr_cFQ==

GET
H2 200 controller-a444daaa0d464c5114dcb9183faf2d65.js
js.stripe.com/v3/fingerprinted/js/ Frame 0238 308 KB
85 KB 18ms
17ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a444daaa0d464c5114dcb9183faf2d65.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 41
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:14:32 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 19:41:38 GMT
server: Cloudfront
etag: W/"50e91a6dab7520ae711c5e4caa1f8fe2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: FCGklFincf9BSaqrYE_8U5IZshT5qGxQIqhOJdQnx3AjnlitbVh8Xw==

GET
H2 200 shared-d6627284bba2daff3f6dbb97e6e03969.js
js.stripe.com/v3/fingerprinted/js/ Frame 2339 200 KB
54 KB 18ms
17ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
x-cache: Hit from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 19:17:29 GMT
server: Cloudfront
etag: W/"0ed5dc636826dba0d13dea5a5c024b43"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: WaNWsCi1qC1LaVeTPgk0fyHV1-Q57z8KlAOdlShNMSL2baPa5b5tJA==

GET
H2 200 payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js
js.stripe.com/v3/fingerprinted/js/ Frame 2339 11 KB
5 KB 18ms
17ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:14:53 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:22 GMT
server: Cloudfront
etag: W/"10d818482d8e44820136b10d6f9b02e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: gbs997__I0FOGM8ZfIw5Hzr6sftT1AwfkHwBPjzjtpv7SbXQAw0Bog==

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 0D10 0
0 44ms
43ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7&co=aHR0cHM6Ly93d3cuaG90Ym90LmNvbTo0NDM.&hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=hnufn33tq3of

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E1rvf4JrFCjdbM4bSOStoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Dec 2021 02:15:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-E1rvf4JrFCjdbM4bSOStoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20252
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST csp-report
q.stripe.com/ Frame 151C 0
0

POST csp-report
q.stripe.com/ Frame CC69 0
0

GET m-outer-639174098ea8fe7fede6fa654790e8ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 151C 0
0

GET pay.js
pay.google.com/gp/p/js/ Frame CC69 0
0

GET shared-d6627284bba2daff3f6dbb97e6e03969.js
js.stripe.com/v3/fingerprinted/js/ Frame CC69 0
0

GET payment-request-inner-google-pay-5e439d520ede429b331d0ce50c30566f.js
js.stripe.com/v3/fingerprinted/js/ Frame CC69 0
0

POST result
www.hotbot.com/cdn-cgi/bm/cv/ 0
0

POST 0
r.stripe.com/ Frame 0238 0
0

POST fb0ndRqL
io.clickguard.com/r/cHJvdGVjdG9y/ 0
0

OPTIONS
H/1.1 200
OK fb0ndRqL
io.clickguard.com/r/cHJvdGVjdG9y/ Frame 0
0 136ms
119ms Preflight
text/html 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/r/cHJvdGVjdG9y/fb0ndRqL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hotbot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 16 Dec 2021 02:15:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: POST
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlkzXNa5D5NdLNDj2IoTR8MDajXBE220lPEUG3VQsnoPzksNROZsDjmiubWIrUV4%2FhM%2BV3QW9rwcvEQVzPwgsMnnMiqmYPoI%2FVmz4tLMcxS5Q%2F2MjBGwNihogH%2BAIrVbVZq2RGzczL%2FfVT7I%2FRoh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6be4670bdc8c4e0d-FRA
Content-Encoding: br

GET
H2 200 styles.css
cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 13ms
12ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.2
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC3UULmmds4qplqRAXL%2Bxbo9NUC1g4ugRDX6Fo8ROpCD%2BmduIDq0ikVoIFxn0h%2FnYgnR2OqoLzYdPeaJC2jTI1NN5xqrYxFEXhLUFQQYC5LWFtUHP%2B%2F%2Bo2%2FeEjr9hg8f"}],"group":"cf-nel","max_age":604800}
content-length: 1051
last-modified: Fri, 29 Oct 2021 06:16:08 GMT
server: cloudflare
etag: W/"617b91a8-aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620911.cds155.fr8.hn,1639620911.cds156.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2880
accept-ranges: bytes
cf-ray: 6a5a474d6a822798-PRG

GET
H2 200 style.min.css
cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 2 KB
728 B 14ms
12ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.min.css?ver=1
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a997bd51a3a1ad45ca16653c6044aa62fe3e120816276195538914db2c1dfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d56m8%2FZiaWss1P6zTfe6BBlkS8ywUCUv7f4qn4vZCNFIaghX%2FdYppGs2lx5U83cXH5brUzvi%2BcIWS6JNm8M46bv8rIOr%2FQnf7NaGNMZ%2BAexroNpq9S8B0oxOfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length: 617
cf-request-id: 0ad5c298290000412b612ca000000001
last-modified: Tue, 15 Jun 2021 17:23:32 GMT
server: cloudflare
etag: W/"60c8e214-6df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620911.cds155.fr8.hn,1639620911.cds273.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=907
accept-ranges: bytes
cf-ray: 66363a06adf3412b-PRG

GET
H2 200 style.css
cdn.hotbot.com/wp-content/themes/hb/ 133 KB
28 KB 37ms
35ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2960ac72bc348253f08abe240e403d0e1f394aa032ccb8ead9ab3b9efe33d890

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCNAz%2FrxdQNOIBj18SzIFNuTvxes0dgj80hLtskO%2FXPnkNXodDff4YU0JAnhkIzq%2BsFLui6aE0O%2B%2FsQKgd%2BWwM5HsStMTe5cPQQzixqrGKANM26T1T4hNIU0uKUfGEhF"}],"group":"cf-nel","max_age":604800}
content-length: 28260
last-modified: Thu, 09 Dec 2021 12:00:56 GMT
server: cloudflare
etag: W/"61b1eff8-212c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds108.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2416
accept-ranges: bytes
cf-ray: 6bae28029f1fe007-FRA

GET
H2 200 script.min.js Show response
cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 449 B
418 B 38ms
36ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js?ver=1
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5fc18167c9bb2e3e5a3c27a8cf951a5d32770462a143b87989a5853d034dc8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0ah%2BCotY2Kg%2BOYmszlD%2Bq7a3Im5lM%2FJtMLfeSJnxkYzJN1d95RHFvr2e4lrl42h6AA4GKYG%2Fb5ZcqwORgRyoaWjDw8vsH87fmP8YkxG%2F4EkMdWtI9bzOZ%2FMWSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length: 306
cf-request-id: 0ad5c2982f0000413e9f27e000000001
last-modified: Tue, 15 Jun 2021 17:23:32 GMT
server: cloudflare
etag: W/"60c8e214-1c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds222.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=906
accept-ranges: bytes
cf-ray: 66363a06bd97413e-PRG

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
30 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 10:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 10:46:56 GMT

GET
H2 200 app.js Show response
cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/ 173 KB
60 KB 39ms
38ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/sitepress-multilingual-cms/dist/js/browser-redirect/app.js?ver=4.4.10
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af47a9b678180535c1d5b56fee5bf534f87eeea8ab328bc9a323b943fa28c51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuxzxW3N1n3MCAgLtiPxuWKXriAwSXjhL82SP9Md6NF6L%2Fr%2BrwRyTKV1XBY7HdVDPBiue4RxvcN3zU0xN8yBkLBfYOatG9798B9X2vy3IlKbLH8uYeLtUL7UJg0oKIJs"}],"group":"cf-nel","max_age":604800}
content-length: 61613
last-modified: Tue, 15 Jun 2021 17:23:43 GMT
server: cloudflare
etag: W/"60c8e21f-2b445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds005.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2416
accept-ranges: bytes
cf-ray: 6b009ae99d3a4107-PRG

GET
H2 200 api.js Show response
www.hotbot.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 25ms
21ms Script
text/javascript 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotbot.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWWaD5WmMSg4Nz687%2BgQZjsrrDKGKrry%2FfhI%2FVq3oCmONUI12TNbWEzLnDwTTBJp5RRqqShd1YMIKxzHBTNuavnl8Ml%2FTvDd3np%2FLMfddNqrfOGetRZ38SsM%2BJE62253uVoOBtIaX9u2uEPk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6be4670c5d6271ed-LHR

GET
H3 200 vue Show response
cdn.jsdelivr.net/npm/ 92 KB
35 KB 43ms
42ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22671
x-jsd-version: 2.6.14
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6be4670bef45c290-FRA

GET
H2

200

axios.min.js Show response
unpkg.com/axios@0.24.0/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@0.24.0/dist/axios.min.js

17 KB
6 KB

18ms
18ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.24.0/dist/axios.min.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4436479
fly-request-id: 01FJW9CNVMT9N4FTJ5R4ENDR12
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"45b3-NFbQ0Q5mnZV1R20jcsWI1sj3wos"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6be4670c08734ea4-FRA

Redirect headers

date: Thu, 16 Dec 2021 02:15:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FQ0FV97FSKJNADZ1VHBSC31M
server: cloudflare
age: 523
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /axios@0.24.0/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6be4670be8674ea4-FRA
access-control-allow-origin: *

GET
H2 200 logo-light-bg.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 6 KB
3 KB 31ms
27ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/logo-light-bg.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f69bee70be15115852b73d34bc77d06e951cf3db33c16124c1a97e3d4e9750a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Feb 2021 05:02:22 GMT
server: cloudflare
age: 5483
etag: W/"60348c5e-19d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=divccasrVDzUFnwjna%2F6cTvHNcpniTISRRIv5eDrcJ94ocWEDPqm%2BorSt22MdApvvSu8foNrTAuJbDDPWKftkRfCFn%2F8oLTZ1NAUrBR5QHCHJhiUQocasvwk8afPGGpEyjj1IRvk%2BZsQmmxO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6471ed-LHR

GET
H2 200 index_hero_desktop.png
cdn.hotbot.com/wp-content/themes/hb/assets/img/ 42 KB
42 KB 25ms
22ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/assets/img/index_hero_desktop.png
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 593f8197a19220998c57519dc9dfe16ba89d676400447162e4c7e655a4fbc805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
cf-cache-status: BYPASS
last-modified: Mon, 05 Jul 2021 07:50:58 GMT
server: cloudflare
etag: "60e2b9e2-a7d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BelriKr8BWzgQYstdDIN6hEM03nHZcN8f7fa7nZQzASRJ0No5D6wrRqjT9J%2F1cDVc5iHGigvFlJouaOFJsNOQRgCdjEjJtFY3iKutwYNV66mFCCfEeJFpG5v82haRGF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3599
accept-ranges: bytes
cf-ray: 6be37d9d79cc2c4a-FRA
content-length: 42969
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds167.fr8.c

GET
H2 200 hero-connect-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 524 B
631 B 30ms
27ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-connect-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 709a80a72f8463fd56a736af129dd59907438f8e5b9442451b192a5e2fc57f36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-20c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZfbXlExQLVgpVCNon0i0vr9u62ZZWujx4y9oGitu1crwWUyEevUpIiWwkQC5BuDAGCl3td39nlpgbtI%2B49VnLWdi5QyecuLMSJK5Uj0mFFG2ajqIiv7ZcJsFSZe3MEiq3XjwDzyL%2BTtv2hw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6571ed-LHR

GET
H2 200 hero-settings-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 733 B
568 B 29ms
26ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-settings-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff0bee5046ebfb2949c27d9b49bd7a0faad93f8a00068c1e45de42650a9a701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-2dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSt%2FRzBZ6L6mcScjsketBGOrIZXGG0jrDge2SPf8d2XfV0%2BlcpVMGmXIJpjlvE9TsziZIMyWExordzvX%2BBiur8RO2BLEimllv0XbzyUOic3rThK%2BR7mvH9U5wcJxnOMLweNwCo%2BDnmBjna3a"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6671ed-LHR

GET
H2 200 hero-cloud-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 400 B
555 B 29ms
26ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-cloud-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b3143c8fde5fd9482e5ce5f8c84203f36bff7b7ad19989cbbc6ed56bd2877f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OR1JD3PeaGaDh4Hsk5BIcqJMY1dW3ymdke85v8uwgElUHz4dVlvE0JijCjtMB8emajovrS%2BSAKXhI%2FIKkBz0CCy4BJnpZ4mUSnbxc250EN50e8loGLgdJd8KZPoC2pc22Nt903p5E2QwY4N4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6771ed-LHR

GET
H2 200 hero-shield-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 351 B
596 B 28ms
25ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-shield-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c36898df73761cd92547d3000354e04c2aa6600d597ae1f83c5275f329a93d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-15f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zztmuw54s6dtvZnJTmUe8jDhZUGAnpgdjG%2BOcklhTzrQjrY%2Bx0TQ4aURghoY%2FTHeE8RJfJ0P9Qv5dMXKK8nVcGxomQB%2FkGBKB05TxYwfEcM8GDKqim7Dy7XGyX4y7%2BjQA7z98q6F3ywfq7cq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6871ed-LHR

GET
H2 200 hero-signal-app.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 513 B
591 B 29ms
26ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/hero-signal-app.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fe996b58d5f02dd760c966d585b49625c7f2b11fda626aeb5c43ef7dc2291c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X%2FblW6dg%2FvHOWsPmsth9KuUVD6yhcqDkeIb6sjQEhYJ1AjcwejwgI8jcXdWyJiBRyECwlfS9yKhnR1pJOIG16CYbPCDXs8XZlB5n18K6F2VvYU4pp3wGk09Wbj9dOVDIsinhCSpA0n4aNgq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6a71ed-LHR

GET
H2 200 section-bg.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 9 KB
3 KB 30ms
28ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/section-bg.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c82f3893f663c65b8c85c05e601d98db40000ee784a303e01d1d128e3e236dbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 2894
etag: W/"5ffbe278-24d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIEaG70fQk1QhUKXEdHL09xlC%2FIhOtn%2FnERDqaHN7%2Fc1hk30jtmMfN6eqB8ww4c3cPoYVC0gMKp4Nmm4OBb86w67N%2FF%2FIyhcKDetXgq9b4ryodLsRj3sWhoZCEgLUagFYwhm9rE2pPmptpyb"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6b71ed-LHR

GET
H2 200 / Show response
js.stripe.com/v3/ 268 KB
71 KB 665ms
664ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1724d2d2457ffac005ef96ec0460096bbf48e40e79458889e208cbc00aa9696e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 19:40:05 GMT
server: Cloudfront
etag: W/"bda7c789ac266a34f85620c92d92b3ea"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: IubEvMpzTXV6kGTRSuVuj6JtiXl4YdxCZlGgdAhJfeRzxqwWccfuYw==

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 884 B
606 B 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0550aebb033eb335c25cfb327b557a262687a4d34967517cb8930b3f0cb24ecb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Thu, 16 Dec 2021 02:15:12 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
61 KB 36ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f247f38600a45372deb45935431309ab013368119d7299dfa6ce5a38e9b6b1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62900
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 01:06:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Dec 2021 02:15:12 GMT

GET
H3 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@rc/dist/ 2 KB
1 KB 42ms
39ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19599
x-jsd-version: 3.0.0-rc.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"695-pXILqyxk6ej3gkrdagCqNfKaZZQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6be4670c5f86c290-FRA

GET
H2 200 wp-emoji-release.min.js Show response
www.hotbot.com/wp-includes/js/ 14 KB
5 KB 42ms
40ms Script
application/x-javascript 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotbot.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.4
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Jun 2021 06:44:19 GMT
server: cloudflare
etag: W/"60c06343-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LScF6Q9WMXR2%2BS6KnRynuP9S24PHcSDDG3Cxahhe1hsJdy5hHadly0UWNXbWh8heF0krZdhdO%2F1SiXrBfS4XYaczOV1fxvB4COhmT3v1WH7RdUrfacvxPxZPcEyprZnGZs76A4fX6SkxablG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670c5d6c71ed-LHR

GET
H2 200 wp-polyfill.min.js Show response
cdn.hotbot.com/wp-includes/js/dist/vendor/ 97 KB
38 KB 19ms
14ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKWYJtEsXqlbd52STS4nOYDudlSqWh5KT8pBsORoKpqgbodtsrZ4UULJFio5W1bxTDqmysrXLqkb8AUhKQCNDMrygI6AgQVyyQOIeAVSbWQxirtk1o38vjbMoVrmUzNS"}],"group":"cf-nel","max_age":604800}
content-length: 39279
last-modified: Mon, 25 Jan 2021 19:45:50 GMT
server: cloudflare
etag: W/"600f1fee-183ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds228.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2879
accept-ranges: bytes
cf-ray: 6a5a474af9744107-PRG

GET
H2 200 index.js Show response
cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 21ms
17ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.2
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUUZDdcgLVYLZ5f3KIG3yGDb1yRfgZLX3Dhf2un0o174zoDDu68iOlkKzWnZVFAMW95mtaFoHV79vLqQvoNM1WAOy0tCU7Zgl7Gex%2BI0Ci6WOBVU6MloxdXiUkiFDRgV"}],"group":"cf-nel","max_age":604800}
content-length: 4196
last-modified: Fri, 29 Oct 2021 06:16:08 GMT
server: cloudflare
etag: W/"617b91a8-2e56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds163.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=297
accept-ranges: bytes
cf-ray: 6a5a4750bd7e27b8-PRG

GET
H2 200 common.min.js Show response
cdn.hotbot.com/wp-content/themes/hb/assets/js/ 92 KB
35 KB 24ms
19ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/assets/js/common.min.js?ver=1.0.0
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db6dd2f24c66ef13fef09bffe3243e67b1d614d5eaa891ba8f336e82a877f8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxKDz75bd5KUHXSVgr6%2FLKW1kcqm0fi9T4%2Bd4as4n268uVCp2Qrp%2BbwXVSg4Hl4U6u7kyf69L5mOYVAAHCW9lkbKrdWgcqkof%2BJrIloOw1lRJDlxbBMEyZPzUj0wnxtw"}],"group":"cf-nel","max_age":604800}
content-length: 35337
last-modified: Tue, 07 Dec 2021 02:58:03 GMT
server: cloudflare
etag: W/"61aecdbb-1714a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds054.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2879
accept-ranges: bytes
cf-ray: 6b9accb55b3e42ee-FRA

GET
H2 200 wp-embed.min.js Show response
cdn.hotbot.com/wp-includes/js/ 1 KB
885 B 26ms
21ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-includes/js/wp-embed.min.js?ver=5.7.4
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6HTjGSplPAmIWJpw5T2yMP4X%2B8%2BJc9QDvatZee4oVL3VXNizhBdDYuW6C4Nll%2Fj6kzq5yeoHJ%2FOg0LMr3cYSw9YRYdVANslzXPJTst2065AEUb34q9d2Rps5HLWuZya"}],"group":"cf-nel","max_age":604800}
content-length: 779
last-modified: Wed, 09 Jun 2021 06:44:19 GMT
server: cloudflare
etag: W/"60c06343-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hw: 1639620912.cds155.fr8.hn,1639620912.cds138.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2879
accept-ranges: bytes
cf-ray: 6ac3fbe3ae6b2794-PRG

GET
H/1.1 200
OK fb0ndRqL Show response
io.clickguard.com/s/cHJvdGVjdG9y/ 8 KB
3 KB 127ms
125ms Script
application/javascript 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/s/cHJvdGVjdG9y/fb0ndRqL
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 462662e6b43ec8641723893f83a11a20feb631cec7a9a9a4fff9c6daefa85a91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 02:15:12 GMT
Via: 1.1 google
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: Express
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: br
Server: cloudflare
ETag: W/"1e8f-TDA+sPLtoI6lOEyMTke/Op7BIR0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1541J1NOmuHaMzSXF4cbZwfGpkgu8UnSgUabnMiMT8%2FbPKPkkCpc0pKlBWVMwBZwl1qi140WkNfM4IL2ToxN5nn%2Bsnw%2BM5wz6B0e6Z5KsoHzAGBgAUBnM8QI3WaE6SsrZNnk11nO8AbDdVZYbXH9"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
CF-RAY: 6be4670c5a8d0614-FRA
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 getPlanLocalCurrency Show response
api.hotbotvpn.com/api/v1/superadmin/ 147 KB
15 KB 53ms
53ms XHR
application/json 104.21.1.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hotbotvpn.com/api/v1/superadmin/getPlanLocalCurrency

Requested by

Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.1.165 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

128f0a391a0d323fc665fd100272bedf75e38c9cc6708cadd10254fb59e601e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-ray: 6be4670c9e9fdfc7-FRA
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"24dfd-vUGI5+L4IjbYVbMGrBbf4VS/f8Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFq0QxGsk1bB0mVxiUSqPjqwe89ansDrVZXo%2Fn6bajvFxPE4YsnWloxXwG02pG6dh%2FhJsYNOnRcL3D%2F8rXb6mYGq%2BCSOEd3Dbk1NQmOD2s6eIY%2FEYAmX0NKT6BLlJcCwX3vEtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H3 200 NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSusdUmg7UiCXB5W.woff
fonts.gstatic.com/s/heebo/v10/ 13 KB
13 KB 26ms
9ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v10/NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSusdUmg7UiCXB5W.woff

Requested by

Host: cdn.hotbot.com
URL: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a93e6a0e45a9766c2aeca2b3ea6eef5a87819f50172bed09900d9472ef40e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.hotbot.com/
Origin: https://www.hotbot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:08:31 GMT
x-content-type-options: nosniff
age: 18401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13328
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 19:04:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 21:08:31 GMT

GET
H2 200 notosans-regular-webfont.woff2
cdn.hotbot.com/wp-content/themes/hb/assets/fonts/ 18 KB
18 KB 11ms
10ms Font
application/font-woff2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hotbot.com/wp-content/themes/hb/assets/fonts/notosans-regular-webfont.woff2
Requested by: Host: cdn.hotbot.com
URL: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6832e2945d8f31734a550b7926a27807488c6c6f9baa7358213e42148da57a08

Request headers

Referer: https://cdn.hotbot.com/wp-content/themes/hb/style.css?ver=1.0.0
Origin: https://www.hotbot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
cf-cache-status: BYPASS
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
etag: "5ffbe278-46bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nls07XocKRWgmXY5e50IYDP5UWp9Z0fn739Xl0OcE9ntG2cqWYWFy9Pi6lUub3QkH%2BzkcGCbNKSIn7a9eWO%2B0b%2BVxMrdYCsCEYcaBS0mvSX3sYMx6MgIZy0HHKNZOspx"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=3039
accept-ranges: bytes
cf-ray: 6bb3c4cce8092778-PRG
content-length: 18108
x-hw: 1639620912.cds012.fr8.hn,1639620912.cds250.fr8.c

GET
H2 200 stable-connection.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 343 KB
77 KB 32ms
31ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/stable-connection.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082e23a8604a4438618452f2d745477d3d0adc9cc65b588c5bb331a22a491b63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-55a1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZ6jj8uIrB%2F5JrGc4kFraMssS9urfZPavkIVgmC60sKW6g%2FXR%2BfS1EGq2RKl6ShVHG7TOAXV1lzpJ7oe7MAb1ag7n4ymryW8x5zbKUQWqP4Jm4bkJQKewII3Stj9jcLBRcse%2F7xiy41M1xss"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670cbdaa71ed-LHR

GET
H2 200 secure-internet.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 10 KB
3 KB 26ms
25ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/secure-internet.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b529cab3a6cca2e0d02e07f8cd6e70d31af56aa9a7c5b78252f67302480ae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-2775"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe2yt%2BXms25ZCFOwc43TmWKQFNzWjW4TspJ6EgUNbes2UNyTR5XZNoT044PGttKqTv3J0eFvGPwxmnb3awTsCMUB8YS5n69btJcykVw6V7FYr7g9%2FllKHu7JlyR1HjE3N%2Bv1Xx0XjO4ODY8J"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670cbdab71ed-LHR

GET
H2 200 internet-restrictions.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 17 KB
5 KB 25ms
25ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/internet-restrictions.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9bc66ab6746487040058aef86469c62bef4e2aa23e747ba0c4611a628e138c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 471
etag: W/"5ffbe278-4288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4xN96YBNOoAWwYpSy8HXYjNG3CndXvXozWaVLbj11MdLv1lJ8or1dtmkJe4kiByIz%2Fw0GuI7prR0csSCoQQpdeeGqZm5JJL6Cv068f8x4xr%2BqwrucZX0%2BDxTi1YglCGlk03hZZbOw4ECKiv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670cbdad71ed-LHR

GET
H2 200 money-back-guarantee.svg
www.hotbot.com/wp-content/themes/hb/assets/img/ 14 KB
6 KB 26ms
26ms Image
image/svg+xml 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hotbot.com/wp-content/themes/hb/assets/img/money-back-guarantee.svg
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ed2f096a34c2c82b88f441492d3666cf348be21154ac56c37d1b639e7dfc68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jan 2021 05:30:32 GMT
server: cloudflare
age: 2
etag: W/"5ffbe278-378a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHiU6R%2BS0nuDZIWIS3maRY5IT1lPb9ZGFVplPi7g2Cc7aCTrQUx3RYsxU0ULnkRhZf7v6302y5x5ucR7JJzIU6dj1Za7ZnSoerRq7IRBucCLaOR6NgPBoWPhFnGogytNjGdsKMoCpKYrrLXZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6be4670cbdae71ed-LHR

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 7ms
6ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: dvDF4zlGQSnt3rclK+hiT9l735zmiScvr4l9jYBG31aLAegcQL2JM0wiyiW22XCJq+ErWvdUK/oTE49X4j8tbQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Dec 2021 02:15:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4446
date: Thu, 16 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 03:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 325ms
23ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTR73FB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 02:15:12 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
95 B 102ms
102ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1639620912124&id=t2_34fm6euv&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=9fc0aee5-6c3e-418a-892b-955bfd698f69&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H3 200 238878021035107 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238878021035107?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2024aef946c9511bc14aba3096ef2697d92e601d04ab5a9055a56c82b294282

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88908
x-xss-protection: 0
pragma: public
x-fb-debug: nvOrlC5dldVfGNIbwOxcUaoefChz1t3sLJq6x5uDlJtdVFQXYEjlOqKVrcFeqieCTNtNbBbbwsItGoG4qSdEkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Dec 2021 02:15:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2133642250&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hotbot.com%2F&ul=en-us&de=UTF-8&dt=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=430356508.1639620911&tid=UA-117029043-1&_gid=189725532.1639620911&gtm=2wgc10MTR73FB&z=1473029235

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:46:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34125
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
13ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238878021035107&ev=PageView&dl=https%3A%2F%2Fwww.hotbot.com%2F&rl=https%3A%2F%2Fwww.hotbot.com%2F&if=false&ts=1639620912202&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639620910641.228002594&it=1639620912130&coo=false&rqm=GET

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 16 Dec 2021 02:15:12 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/452078959/ 2 KB
1 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/452078959/?random=1639620912445&cv=9&fst=1639620912445&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.hotbot.com%2F&ref=https%3A%2F%2Fwww.hotbot.com%2F&tiba=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6954406d57ccf441a6b4cdd9b482f7bf735aa5123d19751e65aca388cb04dbeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1033
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/452078959/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/452078959/?random=1639620912445&cv=9&fst=1639620000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.hotbot.com%2F&ref=https%3A%2F%2Fwww.hotbot.com%2F&tiba=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&async=1&fmt=3&is_vtc=1&random=1826453321&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/452078959/ 42 B
64 B 40ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/452078959/?random=1639620912445&cv=9&fst=1639620000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.hotbot.com%2F&ref=https%3A%2F%2Fwww.hotbot.com%2F&tiba=HotBot%20VPN%3A%20Fast%2C%20Anonymous%2C%20Unlimited%2C%20VPN%20Service&async=1&fmt=3&is_vtc=1&random=1826453321&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 02:15:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6AAA 0
15 B 13ms
12ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.hotbot.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.hotbot.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Dec 2021 02:15:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 347 KB
136 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hotbot.com/
Origin: https://www.hotbot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139000
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 15 Dec 2022 21:13:43 GMT

GET
H2 200 controller-636d35151fd98c4338a43da6e536c33c.html Show response
js.stripe.com/v3/ Frame A309 349 B
1 KB 18ms
17ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1a4c74b39488e7dd6c90aa9d68b42dc1a4243b37e8afaea31c874cd924e39c1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 349
last-modified: Wed, 15 Dec 2021 19:17:28 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: max-age=60
etag: "636d35151fd98c4338a43da6e536c33c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: ni3HPDI_B5mjiYKZk4KIcf8gIEAH7l1yFbRHr1HNZLumJBHQEMGF6g==

GET
H3 200 getPlanLocalCurrency Show response
api.hotbotvpn.com/api/v1/superadmin/ 147 KB
15 KB 80ms
80ms XHR
application/json 104.21.1.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hotbotvpn.com/api/v1/superadmin/getPlanLocalCurrency

Requested by

Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.1.165 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

128f0a391a0d323fc665fd100272bedf75e38c9cc6708cadd10254fb59e601e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-ray: 6be4671329cddfc7-FRA
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"24dfd-vUGI5+L4IjbYVbMGrBbf4VS/f8Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvUvy2L6tJEhb8V9v4b9z%2BTlnq2Pohh8SM3vub6vBzuU%2BM2ZGgXLpbQbBfc1WosdJaBg77LTaIRfXnKg8uY%2FYiXu55YSz7L2FCmVyfUFXfXobyGrV%2B%2BkkOdgqe8z4i8AoSjzBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H2 200 payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html Show response
js.stripe.com/v3/ Frame E457 434 B
1 KB 17ms
17ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8e6a329ada085770ba87fdf86f6209061b596bf59ffde8f2d77a726853d61576

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 434
last-modified: Wed, 15 Dec 2021 19:17:28 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:15:11 GMT
cache-control: max-age=60
etag: "18e5de637bcca3a86fe6eb1068384a34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: m4fTJxU78Y11VoXW67krhM20HC9VQjj47C1zubAlfuBSXCA3FdSw6g==
age: 26

GET
H2 200 payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html Show response
js.stripe.com/v3/ Frame B420 370 B
1 KB 16ms
16ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

25bd32e3e0df53001cd862c6253babb23337c0e9313f508eff667802a658878a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 370
last-modified: Wed, 15 Dec 2021 19:17:34 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:15:11 GMT
cache-control: max-age=60
etag: "71791a8dda141e84aaec07b0ca78da70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: Nowx01eRmzSRVafv3Fp4fAFQiB05fVtMbt9qMcmow_h6_4aQ2WYykQ==
age: 4

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame 7124 240 B
959 B 16ms
16ms Document
text/html 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 16 Dec 2021 02:14:50 GMT
cache-control: max-age=60
etag: "f7902241893e7a497417843cb15dc858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: 8kITk0ehSySf3sW68U2yCSJn3DSNQpuq1zhekRLbblboMciomGWwZg==
age: 47

POST
H2 200 csp-report
q.stripe.com/ Frame A309 0
347 B 199ms
198ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 19
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E457 0
347 B 199ms
199ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 20
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B420 0
347 B 203ms
202ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 23
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7124 0
347 B 203ms
203ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 24
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 shared-d6627284bba2daff3f6dbb97e6e03969.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A309 200 KB
54 KB 17ms
16ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c4cb839bfbdb8f6c0a9b79555f2aa04c3258f4b06a32e2210612ed6a38787e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 56
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:15:11 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 19:17:29 GMT
server: Cloudfront
etag: W/"0ed5dc636826dba0d13dea5a5c024b43"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: _SFkWxP4_eU7T8aJ9oxvSYfC01R_of4WUbOIrra-rkG-lbHfZtzl4w==

GET
H2 200 controller-a444daaa0d464c5114dcb9183faf2d65.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A309 308 KB
85 KB 23ms
22ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a444daaa0d464c5114dcb9183faf2d65.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

beacc3ecc4d78981f9d61e044b6bd41f30032050ccf7f2a3cae84b33a0849f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-636d35151fd98c4338a43da6e536c33c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P2
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:15:13 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 19:41:38 GMT
server: Cloudfront
etag: W/"50e91a6dab7520ae711c5e4caa1f8fe2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: TqFMuidOcDJ67CDOppP8BVA6tsISMJQo48vvO3FrxO_5KqTUnO5sUw==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame E457 95 KB
31 KB 67ms
66ms Script
application/javascript 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

111f1700ccb35898fa18b3bbf8eb1d0b0f6e7f744cf9fa6e59e5a2723dd9f20f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jdUsYR9VPZfnye80xKqing' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-jdUsYR9VPZfnye80xKqing' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-jdUsYR9VPZfnye80xKqing' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-jdUsYR9VPZfnye80xKqing' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

GET
H2 200 shared-d6627284bba2daff3f6dbb97e6e03969.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E457 200 KB
54 KB 20ms
19ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c4cb839bfbdb8f6c0a9b79555f2aa04c3258f4b06a32e2210612ed6a38787e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 56
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:15:11 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 19:17:29 GMT
server: Cloudfront
etag: W/"0ed5dc636826dba0d13dea5a5c024b43"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: bVbOHmI4_8YnupsTW5m5yHuAniN4eO-uRcixkp_mAgFiVHNaq_GesQ==

GET
H2 200 payment-request-inner-google-pay-5e439d520ede429b331d0ce50c30566f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E457 13 KB
5 KB 29ms
28ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5e439d520ede429b331d0ce50c30566f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7a1932aa34ccfff4e12c70801d4552b48dd2ba496538bfba9ed6decbc6969ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-18e5de637bcca3a86fe6eb1068384a34.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:15:11 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 19:41:48 GMT
server: Cloudfront
etag: W/"644c0a539378705d2075a532d38f5e6e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: J1aGuSAnbUGSkOp-yNQ0-BbzGRJGWdcavCy7bYn6hnSr73e-1uhk3A==

GET
H2 200 shared-d6627284bba2daff3f6dbb97e6e03969.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B420 200 KB
54 KB 26ms
26ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c4cb839bfbdb8f6c0a9b79555f2aa04c3258f4b06a32e2210612ed6a38787e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 56
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:15:11 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 19:17:29 GMT
server: Cloudfront
etag: W/"0ed5dc636826dba0d13dea5a5c024b43"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: hNfwZB13u3h_Gc25o2FZA9dq807TMZyl7pYXjaiVorGhPN1CdKe8Rg==

GET
H2 200 payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B420 11 KB
5 KB 29ms
28ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-71791a8dda141e84aaec07b0ca78da70.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:14:53 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:22 GMT
server: Cloudfront
etag: W/"10d818482d8e44820136b10d6f9b02e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: TXL50-P2
timing-allow-origin: *
x-amz-cf-id: Lf1ASuF-54Cfxzw0A50kVljLaiFgg3boX65vCvMG6_hW8BR6Rcm8iA==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 41A4 41 KB
21 KB 28ms
28ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7&co=aHR0cHM6Ly93d3cuaG90Ym90LmNvbTo0NDM.&hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=81fpweyxr4tr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7dfe94fdc9e2acd5a9317e05303593968cedf1174ed90d4d5e97be77fbfcbd6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nPepGTvDFFUrq40rhn8TQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hotbot.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Dec 2021 02:15:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-nPepGTvDFFUrq40rhn8TQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21431
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7124 1 KB
1 KB 655ms
655ms Script
application/javascript 18.64.79.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.79.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-23.txl50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P2
x-cache: RefreshHit from cloudfront
date: Thu, 16 Dec 2021 02:15:14 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Cloudfront
etag: W/"5213886b88cd72e6d0aebc89868e5d13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: za8-v3wSoyFLCVQxBuInUcXgJeWhDI9BhsxMWwH-PG3Pm73YArjpKA==

POST
H2 204 result Show response
www.hotbot.com/cdn-cgi/bm/cv/ 0
510 B 20ms
20ms XHR
text/plain 2606:4700:21::681b:c660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hotbot.com/cdn-cgi/bm/cv/result?req_id=6be4670a8c1571ed
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6be46713ead571ed-LHR
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baeMn9uUgV0VstntTXcNWPM%2B%2BIUFvqi%2FaWovuuZBS%2FlFa3SyJxBpri5fVDLK%2F1bnAmkrT3hVflorb4DLCCHCZjnZM5xg4tV4nGu4phTCXTBGpDZu2dqiV25BfiBBHIq7aJhOOdkmmKD35KPB"}],"group":"cf-nel","max_age":604800}

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
214 B 181ms
181ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 41A4 51 KB
24 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7&co=aHR0cHM6Ly93d3cuaG90Ym90LmNvbTo0NDM.&hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=81fpweyxr4tr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 15 Dec 2022 16:09:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 41A4 347 KB
136 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139000
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 05:02:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 15 Dec 2022 21:13:43 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 180ms
180ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 181ms
181ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 182ms
181ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 181ms
181ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 181ms
181ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 334ms
333ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 334ms
334ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 333ms
333ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 333ms
333ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 333ms
333ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 333ms
333ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 333ms
333ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 333ms
332ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 332ms
332ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4A79 17 KB
7 KB 141ms
95ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5491f97bf1e04ad9a3f9c51d1154774729a3e3dd5aad5e82a42157bd172dc06b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KSlr+ziLiW7ad2AevMcAlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-KSlr+ziLiW7ad2AevMcAlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Thu, 16 Dec 2021 02:15:13 GMT
date: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-KSlr+ziLiW7ad2AevMcAlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-KSlr+ziLiW7ad2AevMcAlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK fb0ndRqL Show response
io.clickguard.com/r/cHJvdGVjdG9y/ 0
764 B 129ms
128ms XHR
text/plain 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/r/cHJvdGVjdG9y/fb0ndRqL
Requested by: Host: io.clickguard.com
URL: https://io.clickguard.com/s/cHJvdGVjdG9y/fb0ndRqL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hotbot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 16 Dec 2021 02:15:13 GMT
Via: 1.1 google
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Powered-By: Express
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JeWbbomlMVlqp1yaMWNEYqLc76rYYleFDRTmxkWczjcynHkzIe8RQbnhTFEohzO%2FlozOCktrlaGh1HNoIqvQaZml8%2BqB%2F6IRAKZTaDy0gAa202WMa6zOzBAv2FxvnrEkWbyk9oCnsRQlw28peQC"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 6be467151d594e0d-FRA
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0

OPTIONS
H/1.1 200
OK fb0ndRqL
io.clickguard.com/r/cHJvdGVjdG9y/ Frame 0
0 129ms
129ms Preflight
text/html 2606:4700:20::681a:c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.clickguard.com/r/cHJvdGVjdG9y/fb0ndRqL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hotbot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 16 Dec 2021 02:15:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: POST
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Apof0EmEvLAmS2%2BR0c8PlrFBK85yDDcPyuDJcsdRS3RJh1PurgQLOTlrLaRqR7zm2J%2BNQUQ2Piw4KF%2BWcHecMec1C2L3wzMVJbq7QMAunyObXF6oXTG7iyy02W%2BXE%2BmJb%2Fa6jCvJl74xw2w4xUJC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6be467144c954e0d-FRA
Content-Encoding: br

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 41A4 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 501114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 17 Dec 2021 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 41A4 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 140228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 41A4 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 06:37:08 GMT
x-content-type-options: nosniff
age: 502685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 06:37:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 41A4 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

349ce09d0aceb7ea96173c1d73dec16b8405b89453da98274e098491d9bbc180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeB608cAAAAAOkcvlx0FrJ8Zh2rD81hzUit_Ry7&co=aHR0cHM6Ly93d3cuaG90Ym90LmNvbTo0NDM.&hl=de&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=81fpweyxr4tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 16 Dec 2021 02:15:13 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4A79 2 KB
2 KB 44ms
44ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.hotbot.com
URL: https://www.hotbot.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 4A79 147 KB
52 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a148e1b9d6521e624ac4a4019a30a1095aaa74e0d45b419d858d6db4ca06f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52724
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 03:35:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Wed, 14 Dec 2022 18:29:50 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 4A79 36 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d9f427387d66c1e47f6fc9338e3877a8493526fbcf277cdb7f3e55d77cd85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 18:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sun, 11 Dec 2022 18:26:59 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 4A79 73 KB
27 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058d6bb45f407a87de0e1aafd110a5e3422d7d35f6c8b33b4f43e577fd1e0281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 04:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27350
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Wed, 14 Dec 2022 04:01:43 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4A79 49 KB
20 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4447
date: Thu, 16 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 03:01:06 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4A79 1 MB
338 KB 99ms
98ms XHR
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecd6ac36f9286adc3730c5b8cbf06ded5a132a983e72dd478711d984a060d8a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7pYSxb2l2tJ3BKHZXTZ9+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-7pYSxb2l2tJ3BKHZXTZ9+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-7pYSxb2l2tJ3BKHZXTZ9+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-7pYSxb2l2tJ3BKHZXTZ9+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 16 Dec 2021 02:15:13 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4A79 131 B
155 B 38ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
17ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 16 Dec 2021 02:15:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4A79 131 B
155 B 38ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
18ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 16 Dec 2021 02:15:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4A79 131 B
155 B 39ms
21ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
17ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 16 Dec 2021 02:15:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4A79 131 B
155 B 38ms
19ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 24ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 16 Dec 2021 02:15:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 4A79 131 B
155 B 40ms
21ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 18ms
17ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 16 Dec 2021 02:15:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 4A79 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8664390f269923cfc07cec5a2f94704ff85786a0ee80ebf564654041e822fd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 18:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7265
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Mon, 12 Dec 2022 18:36:00 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 4A79 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a3be1a3422a8d3afc05bc4cf5b8a559ccc414022040153343dac7060335c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 16:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3333
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sun, 11 Dec 2022 16:05:47 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4A79 131 B
155 B 34ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 16ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 16 Dec 2021 02:15:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Dec 2021 02:15:13 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 180ms
179ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 183ms
183ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 182ms
180ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 188ms
187ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 187ms
186ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 4A79 131 B
155 B 39ms
21ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 16 Dec 2021 02:15:13 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DED5 932 B
2 KB 69ms
15ms Document
text/html 2600:9000:20eb:ac00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ac00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Thu, 16 Dec 2021 02:13:08 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: HmDPRg8t8sBN-panrRT6YFPnufiDgNLMNNAAtM8qx0AVtgizue_99w==
age: 170

POST
H2 200 csp-report
q.stripe.com/ Frame DED5 0
121 B 232ms
232ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Dec 2021 02:15:14 GMT
x-envoy-upstream-service-time: 53
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame DED5 0
120 B 191ms
191ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.hotbot.com
URL: https://www.hotbot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 16 Dec 2021 02:15:14 GMT
x-envoy-upstream-service-time: 9
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame DED5 85 KB
14 KB 16ms
15ms Script
text/javascript 2600:9000:20eb:ac00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ac00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 268
x-cache: Hit from cloudfront
date: Thu, 16 Dec 2021 02:11:25 GMT
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
x-amz-cf-id: cYP9s9mzBMV8pgwOgbuTvf3d_rD_AvADrqHuSEpDdMfXyNZmpsLZvQ==

POST
H2 200 0 Show response
r.stripe.com/ Frame A309 0
213 B 181ms
180ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 16 Dec 2021 02:15:14 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame DED5 156 B
522 B 580ms
193ms XHR
application/json 52.88.27.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.27.164 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-27-164.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

502d1e3c4aaae58ba1c04fed71e64735c708061fa363d32f27ee6c0668ceb79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Dec 2021 02:15:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Domain: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6627284bba2daff3f6dbb97e6e03969.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5e439d520ede429b331d0ce50c30566f.js

Domain: www.hotbot.com
URL: https://www.hotbot.com/cdn-cgi/bm/cv/result?req_id=6be466ffac5871ed

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Domain: io.clickguard.com
URL: https://io.clickguard.com/r/cHJvdGVjdG9y/fb0ndRqL

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hotbot.com/	1969-12-31 23:59:59	Name: defCurrencyTest Value: USD
www.hotbot.com/	1969-12-31 23:59:59	Name: RNLBSERVERID Value: ded6518
.hotbot.com/	1970-01-20 01:36:36	Name: _gcl_au Value: 1.1.1565082590.1639620910
.hotbot.com/	1970-01-20 16:58:12	Name: _ga Value: GA1.2.430356508.1639620911
.hotbot.com/	1970-01-19 23:28:27	Name: _gid Value: GA1.2.189725532.1639620911
.hotbot.com/	1970-01-19 23:27:00	Name: _gat_UA-117029043-1 Value: 1
.hotbot.com/	1970-01-20 01:36:36	Name: _rdt_uuid Value: 1639620910544.9fc0aee5-6c3e-418a-892b-955bfd698f69
.hotbot.com/	1970-01-20 01:36:36	Name: _fbp Value: fb.1.1639620910641.228002594
.www.hotbot.com/	1970-01-19 23:28:27	Name: _icl_visitor_lang_js Value: en_us
cdn.hotbot.com/	1969-12-31 23:59:59	Name: RNLBSERVERID Value: ded6518
.doubleclick.net/	1970-01-20 08:48:36	Name: IDE Value: AHWqTUnqjnN74gbuCWcjTpdQzuF07gvgML9jo5w0K3vk3U4TJJvVsk4N43ADe7Nk
www.hotbot.com/	1969-12-31 23:59:59	Name: wpml_browser_redirect_test Value: 0
.google.com/	1970-01-20 03:50:32	Name: NID Value: 511=OSyXYvllR7YAdafTepXObYKl9cNv5I7enX4p-4lsekBpvX9SPQmOvPO0KKlgGlQiu2rCIr7qIIiCEG4nSdjdbfs1-p7-rw6XMLw7XYaJOkospgOUe9pVXMsMy_PFOQq7oWg3Jui4LbIWEs96zoFDoTMaNAeJIQPeB5BPPGrKgH4
.hotbot.com/	1970-01-19 23:27:02	Name: __cf_bm Value: PLxUkggInoGLhA3M5Q6GF5BhZe36ymAHllbPDBgn6P0-1639620913-0-ASYgGpjUH3kLLvbHxhTSa/CfQUUd3dto50mivOGRMi/o/uDilFmnCjepB+5f2wz2Eta23Rz9OgTpZeKSYUH2Z1syQgogg9l6FMohmusSUI9dolxE9AV8AQflXoryn0TSJQ==
m.stripe.com/	1970-01-20 16:58:12	Name: m Value: 765421ef-cdc1-4c87-8b6b-a1cc8d2454cb273be4
.www.hotbot.com/	1970-01-20 08:12:36	Name: __stripe_mid Value: 155ccf3e-074d-4095-8f79-946094860ce7a2d0d9
.www.hotbot.com/	1970-01-19 23:27:02	Name: __stripe_sid Value: b026650f-be65-4b04-9bed-3e8994dbde6809fd97

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Message: The 'basic-card' payment method is deprecated and will be removed in M100, around March 2022. See https://www.chromestatus.com/features/5730051011117056 for more details.
deprecation	warning	URL: https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Message: The 'basic-card' payment method is deprecated and will be removed in M100, around March 2022. See https://www.chromestatus.com/features/5730051011117056 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alb.reddit.com
api.hotbotvpn.com
cdn.hotbot.com
cdn.jsdelivr.net
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
io.clickguard.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
stats.g.doubleclick.net
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.hotbot.com
www.redditstatic.com
io.clickguard.com
js.stripe.com
pay.google.com
q.stripe.com
r.stripe.com
www.hotbot.com
104.21.1.165
142.250.185.130
151.101.193.140
151.139.128.11
18.64.79.23
2600:9000:20eb:ac00:19:7d10:bd80:93a1
2606:4700:20::681a:c98
2606:4700:21::681b:c660
2606:4700::6810:5914
2606:4700::6810:7baf
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9c
2a00:1450:400c:c0a::5c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:600::396
52.88.27.164
54.186.23.98
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
0550aebb033eb335c25cfb327b557a262687a4d34967517cb8930b3f0cb24ecb
058d6bb45f407a87de0e1aafd110a5e3422d7d35f6c8b33b4f43e577fd1e0281
082e23a8604a4438618452f2d745477d3d0adc9cc65b588c5bb331a22a491b63
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111f1700ccb35898fa18b3bbf8eb1d0b0f6e7f744cf9fa6e59e5a2723dd9f20f
128f0a391a0d323fc665fd100272bedf75e38c9cc6708cadd10254fb59e601e6
1724d2d2457ffac005ef96ec0460096bbf48e40e79458889e208cbc00aa9696e
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1a4c74b39488e7dd6c90aa9d68b42dc1a4243b37e8afaea31c874cd924e39c1a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
25bd32e3e0df53001cd862c6253babb23337c0e9313f508eff667802a658878a
28b3143c8fde5fd9482e5ce5f8c84203f36bff7b7ad19989cbbc6ed56bd2877f
2960ac72bc348253f08abe240e403d0e1f394aa032ccb8ead9ab3b9efe33d890
2c36898df73761cd92547d3000354e04c2aa6600d597ae1f83c5275f329a93d4
349ce09d0aceb7ea96173c1d73dec16b8405b89453da98274e098491d9bbc180
38ed2f096a34c2c82b88f441492d3666cf348be21154ac56c37d1b639e7dfc68
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40a3be1a3422a8d3afc05bc4cf5b8a559ccc414022040153343dac7060335c0c
462662e6b43ec8641723893f83a11a20feb631cec7a9a9a4fff9c6daefa85a91
4db6dd2f24c66ef13fef09bffe3243e67b1d614d5eaa891ba8f336e82a877f8f
4f69bee70be15115852b73d34bc77d06e951cf3db33c16124c1a97e3d4e9750a
4ff0bee5046ebfb2949c27d9b49bd7a0faad93f8a00068c1e45de42650a9a701
502d1e3c4aaae58ba1c04fed71e64735c708061fa363d32f27ee6c0668ceb79d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
53a997bd51a3a1ad45ca16653c6044aa62fe3e120816276195538914db2c1dfd
5491f97bf1e04ad9a3f9c51d1154774729a3e3dd5aad5e82a42157bd172dc06b
593f8197a19220998c57519dc9dfe16ba89d676400447162e4c7e655a4fbc805
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5af47a9b678180535c1d5b56fee5bf534f87eeea8ab328bc9a323b943fa28c51
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ecd91757a0ebd62476c07a3e29ea31c56116eafdf591c12375c39abf8d3f2b2
6832e2945d8f31734a550b7926a27807488c6c6f9baa7358213e42148da57a08
6954406d57ccf441a6b4cdd9b482f7bf735aa5123d19751e65aca388cb04dbeb
69b529cab3a6cca2e0d02e07f8cd6e70d31af56aa9a7c5b78252f67302480ae4
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
709a80a72f8463fd56a736af129dd59907438f8e5b9442451b192a5e2fc57f36
71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d
7a1932aa34ccfff4e12c70801d4552b48dd2ba496538bfba9ed6decbc6969ade
7dfe94fdc9e2acd5a9317e05303593968cedf1174ed90d4d5e97be77fbfcbd6b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8664390f269923cfc07cec5a2f94704ff85786a0ee80ebf564654041e822fd3d
87fe996b58d5f02dd760c966d585b49625c7f2b11fda626aeb5c43ef7dc2291c
89a93e6a0e45a9766c2aeca2b3ea6eef5a87819f50172bed09900d9472ef40e0
8e6a329ada085770ba87fdf86f6209061b596bf59ffde8f2d77a726853d61576
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
97e9b984417245777c6c4082fe1e448e483c183a1ba916b60cc9a8fc78d766e5
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd
b4dbd700d8a25e7acaa6057c0b9b27a99610c8f930bb77d324ae505fe29e3e4a
b5fc18167c9bb2e3e5a3c27a8cf951a5d32770462a143b87989a5853d034dc8d
beacc3ecc4d78981f9d61e044b6bd41f30032050ccf7f2a3cae84b33a0849f92
c2cd48c792c277786dc203d956043be9b043628bd28d3a55cd89ea6a1eb7b395
c4cb839bfbdb8f6c0a9b79555f2aa04c3258f4b06a32e2210612ed6a38787e8b
c82f3893f663c65b8c85c05e601d98db40000ee784a303e01d1d128e3e236dbe
d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce
d2024aef946c9511bc14aba3096ef2697d92e601d04ab5a9055a56c82b294282
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8a148e1b9d6521e624ac4a4019a30a1095aaa74e0d45b419d858d6db4ca06f3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ecd6ac36f9286adc3730c5b8cbf06ded5a132a983e72dd478711d984a060d8a4
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9bc66ab6746487040058aef86469c62bef4e2aa23e747ba0c4611a628e138c
f247f38600a45372deb45935431309ab013368119d7299dfa6ce5a38e9b6b1c2
f2d9f427387d66c1e47f6fc9338e3877a8493526fbcf277cdb7f3e55d77cd85a
fcbbf1a2aa222513d090009c6c5d5c71aab266eade7d9343cdcf8ea96757f072
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.hotbot.com Open in urlscan Pro 2606:4700:21::681b:c660 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

211 Requests

87 %HTTPS

73 %IPv6

19 Domains

27 Subdomains

27 IPs

5 Countries

3030 kBTransfer

9744 kBSize

17 Cookies

8 Outgoing links

Page URL History

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hotbot.com Open in urlscan Pro
2606:4700:21::681b:c660 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

87 %
HTTPS

73 %
IPv6

19
Domains

27
Subdomains

27
IPs

5
Countries

3030 kB
Transfer

9744 kB
Size

17
Cookies

211 HTTP transactions
0 data transactions