members.howtogettheguy.com Open in urlscan Pro
52.222.236.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdn.exponea.com/matthew-hussey/e/.eJyNj7uKFEEUhnHwxrqCNIh4AQtk2qyru3rnYkOrM8uCu0Y6Rq4rVFedvrhTF6qrZ3dgwMwHMDIxEg...
Effective URL:
https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%...
Submission: On April 08 via api (April 8th 2023, 9:50:10 am UTC) from BE — Scanned from DE

Summary HTTP 292 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 22 domains to perform 292 HTTP transactions. The main IP is 52.222.236.62, located in United States and belongs to AMAZON-02, US. The main domain is members.howtogettheguy.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 20th 2023. Valid for: a year.

This is the only time members.howtogettheguy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.95.115.244 34.95.115.244	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
52	52.222.236.62 52.222.236.62	16509 (AMAZON-02) (AMAZON-02)
45	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
6	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	52.222.236.99 52.222.236.99	16509 (AMAZON-02) (AMAZON-02)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	76.223.13.31 76.223.13.31	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
66	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	52.205.62.94 52.205.62.94	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	35.244.143.131 35.244.143.131	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::1054:1	200325 (BUNNYCDN) (BUNNYCDN)
4	2600:9000:21f... 2600:9000:21f3:2c00:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	52.215.231.162 52.215.231.162	16509 (AMAZON-02) (AMAZON-02)
2	172.64.150.25 172.64.150.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	35.161.191.188 35.161.191.188	16509 (AMAZON-02) (AMAZON-02)
6	3.66.196.123 3.66.196.123	16509 (AMAZON-02) (AMAZON-02)
1	18.64.141.68 18.64.141.68	16509 (AMAZON-02) (AMAZON-02)
12	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
10	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2 4	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
2	2a04:4e42:200... 2a04:4e42:200::291	54113 (FASTLY) (FASTLY)
292	36

1 34.95.115.244 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 244.115.95.34.bc.googleusercontent.com

cdn.exponea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 52.222.236.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-62.fra56.r.cloudfront.net

members.howtogettheguy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-99.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.13.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.205.62.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-62-94.compute-1.amazonaws.com

pt.howtogettheguy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.143.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.143.244.35.bc.googleusercontent.com

api.exponea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1054:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:2c00:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

exp-framework.exponea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.231.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-231-162.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.25 (United States)

ASN13335 (CLOUDFLARENET, US)

gettheguy.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.191.188 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-191-188.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.66.196.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-196-123.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.141.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-141-68.mct50.r.cloudfront.net

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.4.245.84 (United States) 2 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
111	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 7063 r.stripe.com — Cisco Umbrella Rank: 4840 m.stripe.com — Cisco Umbrella Rank: 1249	1 MB
59	howtogettheguy.com members.howtogettheguy.com pt.howtogettheguy.com	481 KB
29	paypal.com 2 redirects checkout.paypal.com — Cisco Umbrella Rank: 15011 c.paypal.com — Cisco Umbrella Rank: 5512 www.paypal.com — Cisco Umbrella Rank: 2477 b.stats.paypal.com — Cisco Umbrella Rank: 5099 dub.stats.paypal.com — Cisco Umbrella Rank: 21041 t.paypal.com — Cisco Umbrella Rank: 3199 c6.paypal.com — Cisco Umbrella Rank: 6640	390 KB
19	google.com 1 redirects pay.google.com — Cisco Umbrella Rank: 3232 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 31	436 KB
9	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 7919 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 8355	40 KB
6	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3895 gettheguy.attn.tv	65 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	65 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4625	114 KB
6	exponea.com 1 redirects cdn.exponea.com — Cisco Umbrella Rank: 87088 api.exponea.com — Cisco Umbrella Rank: 22714 exp-framework.exponea.com	76 KB
4	gstatic.com www.gstatic.com	104 KB
4	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5098 api.omappapi.com — Cisco Umbrella Rank: 5253	29 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2321	34 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 407	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	157 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	241 B
2	google.de www.google.de — Cisco Umbrella Rank: 5216	562 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	17 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 10145	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	172 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 927	72 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
292	22

	Domain	Requested by
52	members.howtogettheguy.com	members.howtogettheguy.com
50	r.stripe.com	js.stripe.com
43	js.stripe.com	members.howtogettheguy.com js.stripe.com
16	q.stripe.com	members.howtogettheguy.com
13	play.google.com	www.gstatic.com
10	www.paypal.com	js.braintreegateway.com www.paypal.com www.paypalobjects.com
10	c.paypal.com	js.braintreegateway.com c.paypal.com www.paypal.com
7	pt.howtogettheguy.com	members.howtogettheguy.com pt.howtogettheguy.com
6	client-analytics.braintreegateway.com	js.braintreegateway.com
6	dev.visualwebsiteoptimizer.com	members.howtogettheguy.com dev.visualwebsiteoptimizer.com
5	www.google-analytics.com	www.googletagmanager.com members.howtogettheguy.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	cdn.attn.tv	www.googletagmanager.com cdn.attn.tv
4	api.exponea.com	members.howtogettheguy.com api.exponea.com
4	pay.google.com	js.stripe.com pay.google.com members.howtogettheguy.com www.gstatic.com
3	www.paypalobjects.com	members.howtogettheguy.com www.paypal.com www.paypalobjects.com
3	a.omappapi.com	www.googletagmanager.com a.omappapi.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com members.howtogettheguy.com
3	connect.facebook.net	members.howtogettheguy.com connect.facebook.net
3	js.braintreegateway.com	members.howtogettheguy.com
2	c6.paypal.com	members.howtogettheguy.com
2	t.paypal.com	members.howtogettheguy.com
2	dub.stats.paypal.com	members.howtogettheguy.com www.paypal.com
2	b.stats.paypal.com	2 redirects
2	gettheguy.attn.tv	cdn.attn.tv
2	www.facebook.com	members.howtogettheguy.com
2	www.google.de	members.howtogettheguy.com
2	www.google.com	1 redirects members.howtogettheguy.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	payments.braintree-api.com	js.braintreegateway.com
2	www.googletagmanager.com	members.howtogettheguy.com www.googletagmanager.com
1	checkout.paypal.com	js.braintreegateway.com
1	m.stripe.com	m.stripe.network
1	merchant-ui-api.stripe.com	js.stripe.com
1	exp-framework.exponea.com	api.exponea.com
1	api.omappapi.com	a.omappapi.com
1	googleads.g.doubleclick.net	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	members.howtogettheguy.com
1	cdn.exponea.com	1 redirects
292	43

This site contains links to these domains. Also see Links.

Domain
www.howtogettheguy.com

Subject Issuer	Validity	Valid
*.gettheguy.co.uk Amazon RSA 2048 M02	`2023-03-20` - `2024-04-16`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-15` - `2023-04-15`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-10-16`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
pt.howtogettheguy.com R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
api.exponea.com GTS CA 1D4	`2023-04-05` - `2023-07-04`	3 months	crt.sh
a.omappapi.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-02-22` - `2023-05-02`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
dev3.deephow.ai GTS CA 1D4	`2023-03-17` - `2023-06-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2023-02-24` - `2024-03-26`	a year	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-07-28` - `2023-08-28`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Frame ID: 2FAB8E3C6E853ACC78A8B121D0F817F4
Requests: 114 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 18FC7EF86B2443528E89DD9072CEF45C
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-f2b5256d2ac9dc347bbae6d110f51e74.html
Frame ID: 20688FCD5E63720291AFA3650AB05A7E
Requests: 56 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
Frame ID: 3A2752D02B98B6790DEB1814702F5CB7
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
Frame ID: 5E960E1CEBC20B7033AABC64589DB92A
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
Frame ID: 13D4E6089FCE7692CB7FFAF1F89C911C
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html
Frame ID: 6CEBDC7C7B5A5503C49B432695936527
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-29168aed44ba4fe262ea771ed11ef6de.html
Frame ID: 1033C27AB3AB36AC976F5F2FB767D7C6
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
Frame ID: E823D9B6875E91D676E8F757B84199B1
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
Frame ID: D96A62CDD1D7B85EFB0459BA95F57278
Requests: 9 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9CC2AD97FE5B5CD74A66956CEBC05B0B
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 29E948205541D09583C8767E12F7F792
Requests: 14 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.85.3/html/dispatch-frame.min.html
Frame ID: C854C52B336E7B29A1AB45DBFA7A2EF9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 63E148A0B53E7DD9FABF7E3CAA15764A
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=white&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.362&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmdmF1bHQ9dHJ1ZSZpbnRlbnQ9dG9rZW5pemUmY2xpZW50LWlkPUFXbHBtaEk3YTZjQUNpNWtDU3RsRWc1NHhPc3Z6eWhMUUx2a095aVFyTVpvVmpkUi1VWjF5XzNBR1JDTmRsXzVRdWRKZ0NWZWMxeHJZTW9FIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZnljcnhybGJ4cWNsZmRiaXNna3VzaHZvbXdlamh3In19&clientID=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&sdkCorrelationID=f62620033788c&storageID=uid_c9b788a35b_mdk6nta6mdu&sessionID=uid_df8e99d7e3_mdk6nta6mdu&buttonSessionID=uid_4dff6c95e3_mdk6nta6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 61F97531AAD7AFC3C3E606DF3D8D7442
Requests: 6 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 0A5FADDA473F404D72EE7B718618F6D3
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 3D0A07BA3559B2AA18BA594D50D68321
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=20ba26b0f51db2368af7e0e6780efac9&t=1680947405.623&a=14
Frame ID: 1AC5BA36D2962E35616BB86E5A54A267
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html
Frame ID: F789AAC1DF08E0E67C1338D57722FCB0
Requests: 9 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 9495EB39DEA3071CE63E75C7CF5510F7
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: D1F9A47C64A9E1475B3F59F5C02C5D7B
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS
Frame ID: 7FA85D8951FC2EB50D51624C7E3EF7DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secure Checkout - Matthew Hussey Members Area

Page URL History Show full URLs

https://cdn.exponea.com/matthew-hussey/e/.eJyNj7uKFEEUhnHwxrqCNIh4AQtk2qyru3rnYkOrM8uCu0Y6Rq4rVFedvr... HTTP 302
https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

292
Requests

94 %
HTTPS

41 %
IPv6

22
Domains

43
Subdomains

36
IPs

5
Countries

3653 kB
Transfer

11848 kB
Size

65
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.howtogettheguy.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.howtogettheguy.com/terms-and-conditions/
Title: Terms and Refund Policy

Search URL Search Domain Scan URL

URL: http://www.howtogettheguy.com/disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdn.exponea.com/matthew-hussey/e/.eJyNj7uKFEEUhnHwxrqCNIh4AQtk2qyru3rnYkOrM8uCu0Y6Rq4rVFedvrhTF6qrZ3dgwMwHMDIxEgMD9QFEEx_AeNM18AF8AatnFiMDg_rr_38OnO946ObL71cvjT3x4_jT0YfXna2fm50bV579Gp_9-O707_Of-bXjU6W1uk4wFiAyMHVQqgOrCrC2hKKZB0wJzEpg-6qx-J6peKqbSfl4x3eORH1CgQGjvd4wjjd8RoWmVSHTSdyNR10Sjp5sOn2g7LSqrXPdQZu3BK2mbSIx-Vtud8lAuF-qdrCoZpUsnGm0EyWdzFUTBIGvjeINsym1zLdqH2TqMyXzygjdGFbSGtLIN-C4BUgOPI2i7G386uH60Si5uNZpau8cHGolgSYXXBTeGWhxkrsuMG84iRPkqNEJM1qgJS26RZzdvi2Q40MrOtRopCRacSXX1zoleJdnYDhlpb1f0xyUPIAsyKDdBNOTTU8rjDPF59jSbArYrrzBlv9PsxvtrcqlWc7warZ8ere3h2trlCxwranENBvn_TAf9KNw2B9QEobxwkDhzgIDPPkn6iImeRTRjEQ9Qhkhd16sP__6KH4fffO_7By--QOjvsUs.1T6fKSLwkVhStg/click HTTP 302
https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&label=JizfCMCHiIMBENqS_MwD&hn=www.googleadservices.com&frm=0&tiba=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&value=0&auid=1510503213.1680947405&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zDgxZJCEM6XLmweK2b64Dw&sscte=1&crd=&eitems=ChAI8KHEoQYQ7tuHsMm24fYaEh0AYdSYBzz8vRw7hx0nBQO4uP7gUBD2CT9CKAleHQ&pscrd=Ek5DaEFJOEtIRW9RWVE5dEhVM3NyV2xKVmFFaVlBWWVMNVE1dUY2NUdCUDcwem1za096OXhxNVJ0TzBsakViS25tX3haQTQ5MXZaTzhMSncaWENoQUk4S0hFb1FZUWhkVGd1cDZFMmY4c0VpNEFIUlYxUTE2VnMwNWFJUVBVNHVpaWpIV0NQdWt0cWw1VmdUV2pJc0hTTUZxMEt2VlpyMU5NeTJHU3ZVOVg HTTP 302
https://www.google.com/pagead/1p-conversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&label=JizfCMCHiIMBENqS_MwD&hn=www.googleadservices.com&frm=0&tiba=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&value=0&auid=1510503213.1680947405&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtIRW9RWVE5dEhVM3NyV2xKVmFFaVlBWWVMNVE1dUY2NUdCUDcwem1za096OXhxNVJ0TzBsakViS25tX3haQTQ5MXZaTzhMSncaWENoQUk4S0hFb1FZUWhkVGd1cDZFMmY4c0VpNEFIUlYxUTE2VnMwNWFJUVBVNHVpaWpIV0NQdWt0cWw1VmdUV2pJc0hTTUZxMEt2VlpyMU5NeTJHU3ZVOVg&is_vtc=1&ocp_id=zDgxZJCEM6XLmweK2b64Dw&eitems=ChAI8KHEoQYQ7tuHsMm24fYaEh0AYdSYB6kfk8UmilwvN57HbOtnIDgXH_eabBg3kg&random=3792816785 HTTP 302
https://www.google.de/pagead/1p-conversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&label=JizfCMCHiIMBENqS_MwD&hn=www.googleadservices.com&frm=0&tiba=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&value=0&auid=1510503213.1680947405&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtIRW9RWVE5dEhVM3NyV2xKVmFFaVlBWWVMNVE1dUY2NUdCUDcwem1za096OXhxNVJ0TzBsakViS25tX3haQTQ5MXZaTzhMSncaWENoQUk4S0hFb1FZUWhkVGd1cDZFMmY4c0VpNEFIUlYxUTE2VnMwNWFJUVBVNHVpaWpIV0NQdWt0cWw1VmdUV2pJc0hTTUZxMEt2VlpyMU5NeTJHU3ZVOVg&is_vtc=1&ocp_id=zDgxZJCEM6XLmweK2b64Dw&eitems=ChAI8KHEoQYQ7tuHsMm24fYaEh0AYdSYB6kfk8UmilwvN57HbOtnIDgXH_eabBg3kg&random=3792816785&ipr=y&prhg=0&ezwbk=AZuM4hB7kLe2h0zZOKqIeEQStdIzARrY6CBBzrIUQEugYQW5QRE2vHmIgczMRUzoG_6GNYBxfrMotjeIfXCmjoymiG2H

Request Chain 224

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=20ba26b0f51db2368af7e0e6780efac9&t=1680947405.623&a=14 HTTP 302
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=20ba26b0f51db2368af7e0e6780efac9&t=1680947405.623&a=14

Request Chain 280

https://b.stats.paypal.com/v2/counter.cgi?p=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS

292 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
members.howtogettheguy.com/checkout/
Redirect Chain

https://cdn.exponea.com/matthew-hussey/e/.eJyNj7uKFEEUhnHwxrqCNIh4AQtk2qyru3rnYkOrM8uCu0Y6Rq4rVFedvrhTF6qrZ3dgwMwHMDIxEgMD9QFEEx_AeNM18AF8AatnFiMDg_rr_38OnO946ObL71cvjT3x4_jT0YfXna2fm50bV579Gp_9-O7...
https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&co...

51 KB
15 KB

761ms
690ms

Document
text/html

52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 741a8f17b9367aeede098de62279e908b841afab7107725ed4d969a8b30a0386

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 13398
content-type: text/html; charset=UTF-8
date: Sat, 08 Apr 2023 09:50:04 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://members.howtogettheguy.com/?p=1345>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: Apache
vary: Accept-Encoding
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-id: 6evdumyB0zLu3xW93_nAnvWrXx6uij1GbgsypWlqZDtxbjKOa_26sQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1285
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:03 GMT
location: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 5

GET
H2 200 style.css
members.howtogettheguy.com/wp-content/themes/gtgmember/ 197 B
634 B 14ms
9ms Stylesheet
text/css 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/style.css
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b71d2c55535499a27d7ba6a8c0d95fc10f973e5d97942306aeed272c90cd5306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 152
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "c5-5a574c21a6334-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: l5hPre0g-A-SayKG_o7sJ3Cjm0jN8Nakj8KJ3vY1BAeIUOcWrPZ7IQ==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 classic-themes.min.css
members.howtogettheguy.com/wp-includes/css/ 291 B
693 B 23ms
19ms Stylesheet
text/css 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 210
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "123-5f88ea2ba5107-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: Anwntm4nUkEWKLYR2L_OWo-zYjJsXm4HwVFLknI6ZnOxa1It5fR9Qg==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 bootstrap.min.css
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/ 118 KB
20 KB 20ms
15ms Stylesheet
text/css 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/bootstrap.min.css
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19751
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "1d9ac-5a574c217e295-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: DS09qCNFbjoyh_1qoqTBZ4mCa2wSKPSJiNIGV8uO86DSke-MZDPD3A==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 style.css
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/ 88 KB
16 KB 15ms
10ms Stylesheet
text/css 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/style.css
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9a5327bea00c524c91cc091ecdac66359f843fd90a7705c0f159fa49a62c3bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15937
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Sep 2021 17:44:11 GMT
server: Apache
etag: "15eb6-5ccad2db0786d-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: lTACJqxGJTAq4ANde9VZQzzmRdKAY6417JgsGG8NsYfW4x9WopM9HQ==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 design-refresh.css
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/ 31 KB
5 KB 21ms
17ms Stylesheet
text/css 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/design-refresh.css?ver=1680947403
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 68429fc0a76f1caf9a860427783ba16316972943bfbb8948ea9fad3140443767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:14 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226010
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5069
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "7a13-5f88ea2b54fc9-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: w7aghBjg6xeEFOXBbBN0-EbI6-A7XpxgIFbDZqzn2rHduEJmI4aKcg==
expires: Thu, 04 Apr 2024 19:03:14 GMT

GET
H2 200 short-form.css
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/ 11 KB
3 KB 22ms
18ms Stylesheet
text/css 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/short-form.css?ver=1680947403
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 274499be2ea5c6155ce6432349af30756f4d9132eff51692dc2551cf5d69846c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:14 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226010
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2448
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "2c7e-5f88ea2b54fc9-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: aZvJB2z7Br9Eb59IYoZZHgg4m7AbCoX0tx52TIAjizx4LNClHIOQpA==
expires: Thu, 04 Apr 2024 19:03:14 GMT

GET
H2 200 jquery.min.js Show response
members.howtogettheguy.com/wp-includes/js/jquery/ 88 KB
31 KB 23ms
19ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 31049
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "15ed7-5f88ea2b20076-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: ICvyvj50weOXPsUEmJAcE83SqlrpXRxjCXoCcMnOD1pxinaoWQaklw==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 jquery-migrate.min.js Show response
members.howtogettheguy.com/wp-includes/js/jquery/ 13 KB
5 KB 21ms
18ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4795
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "3470-5f88ea2b20076-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: J1vYh5mtwIevgzLjy_iuHS0LsZVOQJff4xyiv7gWUSHQEoMhomia0w==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 hotjar.js Show response
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/ 349 B
750 B 26ms
22ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/hotjar.js?ver=349382
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 140804b36b3276dae75fc0550e12240a9a1aef95a5a87d5e867b313544a81cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 256
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:53 GMT
server: Apache
etag: "15d-5a574c201ca57-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: sY2ryaJ_Anj1vI3LGHrPRGA-LXyMySYhcyPLqVIDcDuQrBevXUr2sw==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 jquery.validate.min.js Show response
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/ 21 KB
7 KB 25ms
22ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/jquery.validate.min.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6805
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:53 GMT
server: Apache
etag: "5262-5a574c201ca57-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: hnubJkvWIx_2y_Gn9w9iTHGjoAtUDAS8AzSBCoiQbnHTMEmxHzvR6w==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 gtgmember.js Show response
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/ 24 KB
4 KB 26ms
23ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/gtgmember.js?ver=1680947403
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8ff4ad73b319aa8682588d967ae2321e82085e034d2b1b59e9559df903752b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3831
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Apr 2022 19:15:11 GMT
server: Apache
etag: "602b-5dd9382ff7148-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: acrXixRNc2ugv7PXUIlSKx1uzvyare-Ep6OuhWlofDgKcT7wXnV9kQ==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 global.js Show response
members.howtogettheguy.com/wp-content/plugins/membermouse/resources/js/ 166 B
606 B 27ms
24ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/membermouse/resources/js/global.js?ver=2.4.0
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2f12115b1b0d7ef197f049ff2c6a603ba001d2824fa4ae9235b40d0240f41f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 114
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "a6-5a574c215bfb5-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: UiYgAbinvnjKrQnv3D2dvigtyp1E3k9p7EEImir0jGULceI1ZpWD9Q==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 mm-common-core.js Show response
members.howtogettheguy.com/wp-content/plugins/membermouse/resources/js/common/ 45 KB
13 KB 27ms
25ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/membermouse/resources/js/common/mm-common-core.js?ver=2.4.0
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: aea7bf45305fc9dd421863051cae416162e5ad473560f72f39e12d0fa097d691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226144
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12320
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 17:08:22 GMT
server: Apache
etag: "b484-5dee7b8cc5de4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 8jzKs8gonGSbBnK6RaxAiX7h87LPi23no0c1whsp4MN9YFpYuXwzGw==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 456 KB
123 KB 55ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=6.2

Requested by

Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

69cd775430c1b38cb65732ee23d64f0aa4b1362a9e47652aad6bdbcb57b8886d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 51
x-cache: HIT
content-length: 125407
x-request-id: 741982c9-9d23-4ed2-a796-8962c1fc7062
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:40:13 GMT
server: Fastly
etag: "71e4b8061670fd5c0e64589af6973fb4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25

GET
H2 200 design-refresh.js Show response
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/ 6 KB
2 KB 26ms
24ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/design-refresh.js?ver=1680947403
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: f75bc86d88383524670f53b25ca32eaf7faa893dc56f44aa490e013eede57ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:14 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226010
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1796
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Feb 2023 20:50:23 GMT
server: Apache
etag: "18b3-5f43669c3598c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: pUbSwX7OsjfyXqVPiiGLRzayB69fPsO9AyaWbNILjJk5c6VrC6YmzQ==
expires: Thu, 04 Apr 2024 19:03:14 GMT

GET
H2 200 short-form.js Show response
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/ 21 KB
4 KB 27ms
25ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/short-form.js?ver=1680947403
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8a0ee74923b0f6529369fce58129061a66c9ff31f8f96e50d3dfb73708959561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:14 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 226010
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3723
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 12:55:36 GMT
server: Apache
etag: "54ff-5e52d84253896-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: hzn-o_5H7h0AzUQtDJrUqzAgke3SSSl4REAkCdetRqNnaCOyzHjXXw==
expires: Thu, 04 Apr 2024 19:03:14 GMT

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.85.3/js/ 42 KB
13 KB 89ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.3/js/client.min.js?ver=6.2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b23dc12557153d518538d7b2f011ded0be477c1b18ba014e811530bf25650daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 87797c29e820
dc: ccg11-origin-www-1.paypal.com
content-length: 12909
x-served-by: cache-sjc10035-SJC, cache-hhn-etou8220076-HHN
last-modified: Thu, 07 Apr 2022 20:15:11 GMT
traceparent: 00-0000000000000000000087797c29e820-0f957de258d6c89a-01
x-timer: S1680947404.479973,VS0,VE0
etag: W/"624f464f-a813"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 22, 120

GET
H2 200 paypal-checkout.min.js Show response
js.braintreegateway.com/web/3.85.3/js/ 54 KB
15 KB 90ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.3/js/paypal-checkout.min.js?ver=6.2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

97053f3ac692e9219b08bb8c326260d324aa51d2a9a816ed6fd260092607e20c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 2fd9faac1abc1
dc: ccg11-origin-www-1.paypal.com
content-length: 15234
x-served-by: cache-sjc10027-SJC, cache-hhn-etou8220076-HHN
last-modified: Thu, 07 Apr 2022 20:15:11 GMT
traceparent: 00-00000000000000000002fd9faac1abc1-dab34bce16f910f5-01
x-timer: S1680947404.479997,VS0,VE0
etag: W/"624f464f-d9f7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 17, 3

GET
H2 200 data-collector.min.js Show response
js.braintreegateway.com/web/3.85.3/js/ 32 KB
11 KB 92ms
14ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.3/js/data-collector.min.js?ver=6.2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c46bd70559c0fe5398b80e45ef1eb05e3d69b5d6382a9108a8739558c9d6786f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: e71a2c29f6212
dc: ccg11-origin-www-1.paypal.com
content-length: 10769
x-served-by: cache-sjc10077-SJC, cache-hhn-etou8220076-HHN
last-modified: Thu, 07 Apr 2022 20:15:11 GMT
traceparent: 00-0000000000000000000e71a2c29f6212-be159efb5147d7a4-01
x-timer: S1680947404.480193,VS0,VE1
etag: W/"624f464f-7ee0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 5076, 1

GET
H3 200 secure_small.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 2 KB
3 KB 30ms
23ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/secure_small.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: f208ac9f10b246df43f7483cac60e1b888dbf42994ebc54a908c741fd8aae403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2522
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "9da-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: wopn9Lo_2QZteeZBXC49749J9o0m-cp5MYdWK_p6uaUxjqAlwOd3iA==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 product_atc.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 23 KB
24 KB 31ms
24ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/product_atc.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d0542f4063bcf356500ce98586fadb1fb0db44acbb39e797deec62b26db60759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 23:04:11 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 211553
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 23955
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "5d93-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: mW1e7qyR2c8i4Dx4ZSER0Q02pj1vpbdMzBwP8-4dU2xL9c0-gmQsIg==
expires: Thu, 04 Apr 2024 23:04:11 GMT

GET
H3 200 payment_type_cc.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 6 KB
6 KB 32ms
25ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/payment_type_cc.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a8c9134fde6e4c752e821f3ab736e398a6f6bd41300ea41da997db22a8ccd4de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6254
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "186e-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 2rEpclqD-Z2eQkTNuj2PQHEDDLsIjN9Ra-elo_wU_vN5WDiYXbOzWg==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 payment_type_paypal.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 5 KB
5 KB 32ms
25ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/payment_type_paypal.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 0c52172011ba565ee2f7be9bb7e30237b1ff85a551dcc73f6cfecc6b4cd7088f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4647
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "1227-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: u4j5ihZcUZgK7EZpViguiVji5x-WQGh0obojXlt-dlh2sWtMQn7GiA==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 matt_profile_2.jpg
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 38 KB
38 KB 32ms
25ms Image
image/jpeg 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/matt_profile_2.jpg
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: fd4946a796c80f1e0200daa3d4a9989be16087a601409812890fb24ff911a96c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 21:57:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 215542
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 38909
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "97fd-5a574c21a3454"
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 4gJ9YzsjlHKZRez8T_X83LIt7Llh4qqvqfYDhPKnYKfMSm6UKGA0rQ==
expires: Thu, 04 Apr 2024 21:57:42 GMT

GET
H3 200 matt_signature.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 2 KB
2 KB 27ms
20ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/matt_signature.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a1f431d9c27ed24f2d383ab78407ebe7008c4791f06fb6650f0b2f48c3c71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1993
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "7c9-5a574c21a3454"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: rdKGGbndQdyvo_ePrN5r0aO39tv6gWAfnMXwvQnujw6Idola93P2GA==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 satisfaction_money_back.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 20 KB
20 KB 32ms
25ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/satisfaction_money_back.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 86ec0edacac468fd04dfa47d9bd6fa7f93ea395b6b1d4444ef907864a14f3414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20063
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "4e5f-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: prPTDw6UrrgwH3Qx2AiKU_MwaGJgLc1S1QaYmI4kVEYVHNlFJtty_Q==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 secure_order.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 4 KB
5 KB 29ms
22ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/secure_order.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: df19e66d06bee5aaa262e321f186298d1f8aa4c665e7d175d7938e72ab3e3fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4532
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "11b4-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: tNjt3h6N4UFD1zNDsRHthdIpJOFjpltnkYYeImuVnxCvGXJY6URILw==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 nyt_logo.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 5 KB
6 KB 32ms
25ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/nyt_logo.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: f911ce416167ea52a7e889bc3e5b3ac91970772765f3b9e819a9c85e84f07d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5451
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "154b-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: tP4RFEP4tAn7an3KP8uHdVCNm04HSH7OX2rKCYMZo_YZMeZun6vleg==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 today_show_logo.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 3 KB
3 KB 32ms
25ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/today_show_logo.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9f8620e32b245ad169caff293ec033d87968c05ea40d19382b65d1c6641ece04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2941
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "b7d-5a574c21a5394"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: MKDsh0GUSk2VqpeV-UEYdFslt1DKwsPMTnniLO8ui7vcwhNV2Lw9AQ==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 cosmopolitan_logo.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 3 KB
3 KB 35ms
28ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/cosmopolitan_logo.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2721e452dc9a576227540fab20f6056949dbcd993fa06678d607c51a7e36fc79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2841
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "b19-5a574c219c6f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: _0yQnjD1ajG92xB3yeFurh8PMDlIX1AnvxkgE6TPuM9QmOa8kFZTGg==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 youtube_logo.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 2 KB
3 KB 37ms
30ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/youtube_logo.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: faba26697b88a881b7c50dec4a94987b60335adf659920e23fedbfbe82e26177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2532
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "9e4-5a574c21a5394"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: jMEA-VgLog5k2oJYZyADCECCVYDXY1k_LzJD-cDr_k39DN4XJ0RktQ==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 thumb_profile_cassandra.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 10 KB
10 KB 36ms
29ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/thumb_profile_cassandra.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 19b291d442e5f286be93935f098830493828dc47f79a5ab6b4d1a92544cd2cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 21:57:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 215542
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10184
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "27c8-5a574c21a5394"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: pt41yVNBoYt888K-ILthgZT5yoN8wfTYWLkF3bVDc9i1dCAyo2ULXQ==
expires: Thu, 04 Apr 2024 21:57:42 GMT

GET
H3 200 thumb_profile_debra.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 10 KB
10 KB 36ms
29ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/thumb_profile_debra.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 66de4b8fd89f0a933ff06146cd26b8ba3659bc1de31783c5c3688b85c3c68cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 21:57:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 215542
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9740
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "260c-5a574c21a5394"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: mXYTYvoxHq4j_tkpxxI73p93WfDYz6mpp_2Lli0Kshp01KORVCswrA==
expires: Thu, 04 Apr 2024 21:57:42 GMT

GET
H3 200 thumb_profile_amy.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 11 KB
11 KB 30ms
24ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/thumb_profile_amy.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: acef2b8282fd5aa3586f052fe852124b8ba7174d8ab4c310456af33e65d72b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 21:57:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 215542
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10756
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "2a04-5a574c21a5394"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: jU-auJm91BHvt5dccwsA_vZxdQpuyxHd0ZqFCD7m7pQp1rCVa6muQQ==
expires: Thu, 04 Apr 2024 21:57:42 GMT

GET
H3 200 thumb_profile_tanya.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 10 KB
11 KB 35ms
28ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/thumb_profile_tanya.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6a2acf2b7668877b993359250516a140580593b5be7472fab0e7c9b7b85df19d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 21:57:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 215542
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10422
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "28b6-5a574c21a5394"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 737Zj-8rGSM1V6VHWnqGT1H0MB9DXX5o8Rm2O6GcN5Yt-lENVjIzTw==
expires: Thu, 04 Apr 2024 21:57:42 GMT

GET
H3 200 underscore.min.js Show response
members.howtogettheguy.com/wp-includes/js/ 18 KB
8 KB 12ms
12ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7311
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Feb 2023 20:50:23 GMT
server: Apache
etag: "4991-5f43669cb680c-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: g-d8i48xhC8jCVowXuKOh962BiPRGHhkdYwZBhNWyVVOvZGsrrwUtg==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 backbone.min.js Show response
members.howtogettheguy.com/wp-includes/js/ 23 KB
8 KB 14ms
13ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/js/backbone.min.js?ver=1.4.1
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7879
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "5d28-5f88ea2b079d4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: pBAb7jx3tzznxYqmlnUFjqjzNUx-7O-PPKzfUStRKxRdsb9SJcU5mQ==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 api-request.min.js Show response
members.howtogettheguy.com/wp-includes/js/ 1023 B
986 B 12ms
11ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/js/api-request.min.js?ver=6.2
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 590
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 May 2022 09:40:51 GMT
server: Apache
etag: "3ff-5dffb1a18af4f-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: iv51244mHJv2FD7kp7u95yNAbTdJbK7WhH18eXRWHnh0wuJAC_1Tfg==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 wp-api.min.js Show response
members.howtogettheguy.com/wp-includes/js/ 14 KB
4 KB 14ms
8ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/js/wp-api.min.js?ver=6.2
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4136
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "395a-5f88ea2b21fb6-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 1jAaBCceDCpW8yusL9f7Dkp4PowCJJAm0RILXfkWYweVIhEXSQG8cw==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 bootstrap.min.js Show response
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/ 36 KB
10 KB 16ms
10ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/bootstrap.min.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9753
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "8fd6-5a574c21a5394-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 3RzA5pRGjxQbxCLdR3IJLwNNVviWUj4THmgerJpfb-x4OB9YiLbceg==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 owl.carousel.js Show response
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/ 53 KB
9 KB 19ms
13ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/owl.carousel.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8798
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "d424-5a574c21a5394-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: ymaY2l0c9y9aEmGxO_hdOQCPJJWirpfzacEms02qDPItursQWg49Wg==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 mobile-menu.js Show response
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/ 8 KB
3 KB 18ms
12ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/mobile-menu.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: fe37c828474deb4d61e63f78c54f24d3fdaf50cf6b9bd9e30e9539c3a66db0d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2939
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "2106-5a574c21a5394-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 9ZW416oBx0FkVbmK8DK0f7lEUgh8mDBxyZeju8ZmH-f7wm7eBbEU-Q==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 jquery.scrollTo.min.js Show response
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/ 2 KB
2 KB 20ms
13ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/jquery.scrollTo.min.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8873f8f2239b8c5127bc0e018c01a2d44f2ddb97779b4c8d09578e7972ed72e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1315
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "993-5a574c21a5394-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: dmmvBABQ2G3CYhhhY5F3zJnJ0ypMxo1qhp_TKkbQ7tRWRw7fDlxEjg==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 jquery.cookie.js Show response
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/ 3 KB
2 KB 20ms
14ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/jquery.cookie.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1365
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "c31-5a574c21a5394-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: HikYxLuv514lRz8CXg30mn4JTjIZI5iSlv2dmkj1K0kI_JipmjZGUA==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 custom.js Show response
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/ 2 KB
1 KB 20ms
13ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/js/custom.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 03273f38bfa675ffc5f3f645bc323e6ee709143fadc918ab414bae86d0491bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 802
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "85e-5a574c21a5394-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: D25hx8hqNmiJdfm2nLvz_5WXQ0ITxczyiLSf_5otXApV2jlCAQY5nA==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 gtgpayment.js Show response
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/ 17 KB
4 KB 23ms
17ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/gtgpayment.js?ver=1680947403
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bbfd2d6116c212e508161da9eca0ab6d58150cb654847305af2376eacde3d0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:00 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226144
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3432
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "4262-5f88ea2b54fc9-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 0ZDTVbDsBAjG3S-bMcKqQoZh3HxeHvuHUPTvd_looctRuQW8mj_jmA==
expires: Thu, 04 Apr 2024 19:01:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
members.howtogettheguy.com/wp-includes/js/ 18 KB
5 KB 28ms
21ms Script
application/x-javascript 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:02:54 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226029
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5039
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 03:46:22 GMT
server: Apache
etag: "4904-5f88ea2b21fb6-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 3N75EPyWeaEK6X5Wf4-Ns8Hu9RshxAHKQwCZoXjJ5X2xn0sSRbe_Kg==
expires: Thu, 04 Apr 2024 19:02:54 GMT

GET
H2 200 hotjar-349382.js Show response
static.hotjar.com/c/ 9 KB
4 KB 88ms
38ms Script
application/javascript 52.222.236.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-349382.js?sv=5

Requested by

Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/js/hotjar.js?ver=349382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-99.fra56.r.cloudfront.net

Software

Resource Hash

6f503d4d1a96ceff0ebb9825c1b87df3779d03b7340523df5177fd6658ffb953

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/4476771c52890e6f5c550f4d13d5bcb0
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zXo3sXgioAoiOlLRnbLOr3Evx1e1T2CWtymNLSAdssvT5MXdHmNBOg==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 10 KB
4 KB 53ms
14ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=395872&u=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&r=0.5298908843892578
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 7ad7a0af032b76b1a5dda7242a734953358ae437b5733d028e29c2e0e84a9b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1680895545"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 294 KB
95 KB 80ms
41ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65d4b53b73347324f9316aa5f05d7d1815ac1d70d713fd8e42945841582c5065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97052
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Apr 2023 09:50:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 46ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Apr 2023 09:50:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TiGAMNCAFiePgSy6BWpLuUCVedBKQANAa4AioJilHIxCkTXD1tJQ3ZU8V8nJwodUPAdKfgPwnHg4ivRGNP1hCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 checkmark2x.png
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/images/ 746 B
1 KB 30ms
25ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/images/checkmark2x.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/design-refresh.css?ver=1680947403
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 103305a86af314d1471f09da5b957049df33e5c0ed38b2189c4be671375fd592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/design-refresh.css?ver=1680947403
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:03 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223981
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 746
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:53 GMT
server: Apache
etag: "2ea-5a574c201ca57"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: mH-0xyrzHGC17gTuTPl923wswAWT6euVcQgSwm79gAbZYr6fKCoiCQ==
expires: Thu, 04 Apr 2024 19:37:03 GMT

GET
H3 200 caveat.woff2
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/fonts/caveat/ 45 KB
45 KB 29ms
26ms Font
application/font-woff2 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/fonts/caveat/caveat.woff2
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b46669d8fef28d74cbf44bd36ab2a9a5b89dd5de3b8d6f7f06ffbd307713ea7f

Request headers

Referer: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/style.css
Origin: https://members.howtogettheguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:15 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226009
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 46168
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "b43c-5a574c2196935-gzip"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: NvURg724bViatI5h9bfQ4-Mss1xo6Va6RXX0Abxj9aQHp3TSKWyOQA==
expires: Thu, 04 Apr 2024 19:03:15 GMT

GET
H3 200 pts55f-webfont.woff2
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/fonts/ptsans-reg/ 24 KB
24 KB 28ms
27ms Font
application/font-woff2 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/fonts/ptsans-reg/pts55f-webfont.woff2
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 63bdf2ad76189aac9f7e6f076b39d76489c946a7eb86965675fe50c6e2e086c8

Request headers

Referer: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/css/style.css
Origin: https://members.howtogettheguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:01:03 GMT
content-encoding: gzip
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226141
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 24535
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "5fc0-5a574c219b755-gzip"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: ju1uxc8WnHVlGvbdOF8vOtR6PL_eEoyHNJNddDXrBYy6CFu4plmAuw==
expires: Thu, 04 Apr 2024 19:01:03 GMT

GET
H3 401 / Show response
members.howtogettheguy.com/wp-json/wp/v2/ 118 B
636 B 302ms
302ms XHR
application/json 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.howtogettheguy.com/wp-json/wp/v2/

Requested by

Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.236.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-62.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

ed6a7c7c15db91f2b6ffbaec4ccb7be48bd7853833e3e3e642ccf701fa90f3de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: Apache
x-amz-cf-pop: FRA56-P4
vary: Origin
x-cache: Error from cloudfront
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
alt-svc: h3=":443"; ma=86400
link: <https://members.howtogettheguy.com/wp-json/>; rel="https://api.w.org/"
x-amz-cf-id: JF9_R_Am7anbii-zPfgh9PtLpRGjW0gz5AnLlnHyC2YYjJin9Q_qkA==
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H3 200 va-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 229 KB
65 KB 38ms
18ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=395872&u=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&r=0.5298908843892578
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 49315cdf4494665a0068469a4715c7e93cdd0af639cf555398966a53625abf06

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Origin: https://members.howtogettheguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 04 Apr 2023 09:39:06 GMT
server: gfra1
etag: "642bf03a-102a2"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66210

GET
H3 200 track-1109323de58fbf93c34cede3640c090f.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 33ms
13ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-1109323de58fbf93c34cede3640c090f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=395872&u=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&r=0.5298908843892578
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 0983ba0b797523e70cfe2e7f58ebeb84a667febfeaebb8445d2d1c44d9c2225d

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Origin: https://members.howtogettheguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 04 Apr 2023 09:39:06 GMT
server: gfra1
etag: "642bf03a-e80"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3712

GET
H3 200 opa-74021bde9081c83799a0980273db90d9.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 110 KB
28 KB 30ms
11ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=395872&u=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&r=0.5298908843892578
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 214ec09445bc537d1b141dc0106a5ecfc7df923b56bc92bca4bdca07cdd726ee

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Origin: https://members.howtogettheguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 04 Apr 2023 09:39:00 GMT
server: gfra1
etag: "642bf034-703a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28730

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 100ms
99ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=395872&d=members.howtogettheguy.com&u=D3E17A546836E4EB4160400CB024FE3A9&h=53c73eee1e4ed523becb478c03f8a1ae&t=false&r=0.9667307108741385

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:03 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 18FC 200 B
787 B 8ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10482301
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1161062
x-content-type-options: nosniff
x-request-id: b6b54f95-cf05-436a-8937-5c59203d11b1
x-served-by: cache-hhn-etou8220041-HHN

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Apr 2023 09:50:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: BqMPZR8DgEe3HkH5NenfzACfkf+nW8kUc8OmK3M2riz8fc6YaCnY4xNSHBvDYdAAC1OzZGBH+EAmeUGfSGfI/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 401376653365936 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 184ms
182ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/401376653365936?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

935c4f61d84cafa1bad8596c3bd49d247794de003b2784ae36821df4c95a7de8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Apr 2023 09:50:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5Nn+7hIG78lTUXC1IMxuOrltwhrHts4Ac79Ki47l8y9/L19zowsCTKznR84IcQJdnXyUOHunBq0uAgHaqLXcqw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 controller-f2b5256d2ac9dc347bbae6d110f51e74.html Show response
js.stripe.com/v3/ Frame 2068 325 B
693 B 8ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-f2b5256d2ac9dc347bbae6d110f51e74.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ac2b3f2bd81288e6fe88f240c7ce401af47a9b1986b9f678d7d4291c2057f25f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "f2b5256d2ac9dc347bbae6d110f51e74"
last-modified: Fri, 07 Apr 2023 20:11:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-content-type-options: nosniff
x-request-id: 223bf81d-39eb-4336-8edc-c876ac918c07
x-served-by: cache-hhn-etou8220041-HHN

GET
H2 200 elements-inner-card-80facb001782e9d06095b228f3b67d3d.html Show response
js.stripe.com/v3/ Frame 3A27 798 B
438 B 18ms
16ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4273f92c39603d90a2ed270015595fe17038f8a7a33d4c0aacf7bb5b34fc316c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48998
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "80facb001782e9d06095b228f3b67d3d"
last-modified: Fri, 07 Apr 2023 20:11:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 893
x-content-type-options: nosniff
x-request-id: 38f954a3-0ecb-4db1-a23d-b344794b8d8f
x-served-by: cache-hhn-etou8220041-HHN

GET
H2 200 elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
js.stripe.com/v3/ Frame 5E96 798 B
0 16ms
15ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48998
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "80facb001782e9d06095b228f3b67d3d"
last-modified: Fri, 07 Apr 2023 20:11:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 893
x-content-type-options: nosniff
x-request-id: 251f26c3-7901-44c0-a42a-37739c747e0d
x-served-by: cache-hhn-etou8220041-HHN

GET
H2 200 elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
js.stripe.com/v3/ Frame 13D4 798 B
0 12ms
11ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48998
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "80facb001782e9d06095b228f3b67d3d"
last-modified: Fri, 07 Apr 2023 20:11:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 894
x-content-type-options: nosniff
x-request-id: 2f0e822e-1c85-4213-9c8a-5f6a3c58941a
x-served-by: cache-hhn-etou8220041-HHN

GET
H2 200 payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html Show response
js.stripe.com/v3/ Frame 6CEB 408 B
901 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f3033ffa1590435c23fc767af273f495a6b029147ff84a276deb42a9928ba8ed

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48997
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "47e017691bb65089a0f00e71435ac7b2"
last-modified: Fri, 07 Apr 2023 20:11:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 375
x-content-type-options: nosniff
x-request-id: 79c6c698-5a24-4b5c-9d7a-281824acc234
x-served-by: cache-hhn-etou8220041-HHN

GET
H2 200 payment-request-inner-browser-29168aed44ba4fe262ea771ed11ef6de.html Show response
js.stripe.com/v3/ Frame 1033 344 B
944 B 8ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-29168aed44ba4fe262ea771ed11ef6de.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8ca31d7cfa92f6e83d7e58808b15351a940e1760252bf34a938b1ee89a146f87

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "29168aed44ba4fe262ea771ed11ef6de"
last-modified: Fri, 07 Apr 2023 20:11:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 6eba76ab-5502-4e88-a176-c27f84fe312d
x-served-by: cache-hhn-etou8220041-HHN

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 111ms
13ms Preflight 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://members.howtogettheguy.com
access-control-max-age: 1800
date: Sat, 08 Apr 2023 09:50:04 GMT
paypal-debug-id: ee15ee2d351d4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1 KB 794ms
793ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.3/js/client.min.js?ver=6.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5c0445574ee66a2bbbf9060cc6ab275137c061863cccfa2977f7f03f8595ef60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2ODEwMzM4MDQsImp0aSI6ImE5M2MxOGY3LTUxZGItNGQ0ZS1iY2JlLTM1ZjY5ZmIwZmMyZiIsInN1YiI6IjZ5OW01c2piYjNzbTNjYmciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjZ5OW01c2piYjNzbTNjYmciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6e319.wBYZQhFvcsQKoXAUOUPZ194Xa5H-8q_8RbvJGWGr_NZQEqeJUsYdzM7lMrU6mip-PLhqLT3xcH2VRPkAMNscyw
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://members.howtogettheguy.com
paypal-debug-id: 4f49858d6fbe4
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 762

GET
H2 200 modules.69d367ac7af64e17f043.js Show response
script.hotjar.com/ 263 KB
68 KB 80ms
8ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.69d367ac7af64e17f043.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-349382.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

0b5f60f812c72089312d5a443a3b9165bf3c5f15db67cbd09946a5bcff7f3c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 11:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 81777
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68692
last-modified: Fri, 07 Apr 2023 11:06:19 GMT
etag: "651be8c2e059394adc426f9d403421d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2XCqKAzDuXFhXTPSgs92WbIDUhs3xQVoL-yqkwyHjR5OlgEIRrY4qw==

GET
H3 200 secure_badge.png
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets//images/ 3 KB
4 KB 16ms
16ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets//images/secure_badge.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 922bc27a9ad35ad4cad93425275dec76979116f8e863124c61e00e1dfe0b0fca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:05 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223979
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3294
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Sep 2020 14:17:16 GMT
server: Apache
etag: "cde-5af0a57852b40"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: qWUBxHLseY4lFhXOHwkb_I1-T7qdMg8nhX8UbSgME8l1PohgQ5O4tA==
expires: Thu, 04 Apr 2024 19:37:05 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 18FC 0
718 B 809ms
424ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405388262
x-envoy-upstream-service-time: 47
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 17
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405371714
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 18FC 0
716 B 764ms
380ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380244
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405378924
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 18FC 631 B
663 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 10482300
x-cache: HIT
content-length: 332
x-request-id: 6447def5-4474-4ac8-84db-2f4296bc2ca2
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1050566

POST
H2 200 csp-report
q.stripe.com/ Frame 2068 0
717 B 777ms
397ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380264
x-envoy-upstream-service-time: 11
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405378967
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b6219261553f53937530555bf8cab132.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2068 398 KB
95 KB 11ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f2b5256d2ac9dc347bbae6d110f51e74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f2b5256d2ac9dc347bbae6d110f51e74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 49023
x-cache: HIT
content-length: 97466
x-request-id: f9f06c39-d69b-424d-acc5-78831851162d
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:30 GMT
server: Fastly
etag: "cf845716af6e007d929c18f46231e69a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4303

GET
H2 200 controller-5c9e57ca241c519dd28e35cff949c88d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2068 446 KB
122 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-5c9e57ca241c519dd28e35cff949c88d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f2b5256d2ac9dc347bbae6d110f51e74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ec5a356e497e4d363a8a744dda573d59dd48dc6aecedaf84b967bff8c1e8a55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f2b5256d2ac9dc347bbae6d110f51e74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 49023
x-cache: HIT
content-length: 124833
x-request-id: ef6351ea-dfda-4608-9230-8cdba6bd8533
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:28 GMT
server: Fastly
etag: "d68fe49fbebf759a08d316e763ded3a0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4273

POST
H2 200 csp-report
q.stripe.com/ Frame 3A27 0
717 B 774ms
398ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405381675
x-envoy-upstream-service-time: 10
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379473
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3A27 0
716 B 773ms
396ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405379936
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379024
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b6219261553f53937530555bf8cab132.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A27 398 KB
95 KB 17ms
15ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 49023
x-cache: HIT
content-length: 97466
x-request-id: 433dff28-9597-4fed-97c7-082f4108dd04
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:30 GMT
server: Fastly
etag: "cf845716af6e007d929c18f46231e69a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4304

GET
H2 200 ui-shared-e3e69ba2874f7013081996d5a9b6d236.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A27 280 KB
88 KB 25ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-e3e69ba2874f7013081996d5a9b6d236.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dbdb4b9eed433296fa9a0ece0fc619d83635f8c0e098b0669fd15da1c6f1e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 135922
x-cache: HIT
content-length: 89898
x-request-id: 4d8f597d-8118-4fcc-b333-a6745949efb4
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 06 Apr 2023 20:02:22 GMT
server: Fastly
etag: "d0ca81c8930c5b230999e50b9bcd8f98"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4142

GET
H2 200 elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A27 50 KB
13 KB 10ms
6ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 60273
x-cache: HIT
content-length: 13588
x-request-id: d22bbfd5-9bf6-457e-83f1-471357381f8b
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 17:03:19 GMT
server: Fastly
etag: "9c8911dcca80e60a94b3a9f397685e7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1059

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 3A27 19 KB
3 KB 26ms
24ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 1356236
x-cache: HIT
content-length: 3195
x-request-id: 2e51aa21-5d02-4e05-8d7a-bc1c605ad1fe
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6776

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame 3A27 10 KB
2 KB 25ms
24ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 60272
x-cache: HIT
content-length: 1614
x-request-id: aeb37362-d83f-4f98-af53-d5f11ff6577f
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1014

POST csp-report
q.stripe.com/ Frame 5E96 0
0

GET shared-b6219261553f53937530555bf8cab132.js
js.stripe.com/v3/fingerprinted/js/ Frame 5E96 0
0

GET ui-shared-e3e69ba2874f7013081996d5a9b6d236.js
js.stripe.com/v3/fingerprinted/js/ Frame 5E96 0
0

GET elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js
js.stripe.com/v3/fingerprinted/js/ Frame 5E96 0
0

GET ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 5E96 0
0

GET elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame 5E96 0
0

POST csp-report
q.stripe.com/ Frame 13D4 0
0

GET shared-b6219261553f53937530555bf8cab132.js
js.stripe.com/v3/fingerprinted/js/ Frame 13D4 0
0

GET ui-shared-e3e69ba2874f7013081996d5a9b6d236.js
js.stripe.com/v3/fingerprinted/js/ Frame 13D4 0
0

GET elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js
js.stripe.com/v3/fingerprinted/js/ Frame 13D4 0
0

GET ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 13D4 0
0

GET elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame 13D4 0
0

POST
H2 200 csp-report
q.stripe.com/ Frame 6CEB 0
718 B 798ms
434ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380857
x-envoy-upstream-service-time: 55
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 45
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379172
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6CEB 0
717 B 772ms
409ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380579
x-envoy-upstream-service-time: 11
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379205
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 6CEB 115 KB
35 KB 139ms
73ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ebaa46cb7fd434b788ac85a1164d3c4bdcf992706fe83de8821a35015e2a6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u-iN7DJ-8yoY7nwbSpS3gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-u-iN7DJ-8yoY7nwbSpS3gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 08 Apr 2023 09:50:04 GMT

GET
H2 200 shared-b6219261553f53937530555bf8cab132.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6CEB 398 KB
95 KB 50ms
31ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 49023
x-cache: HIT
content-length: 97466
x-request-id: 2fc42cc8-39a8-4162-b1ee-7185a66d5cb8
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:30 GMT
server: Fastly
etag: "cf845716af6e007d929c18f46231e69a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4307

GET
H2 200 payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6CEB 9 KB
4 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

65b9b932dd95ef6196e2422ef7749dd106724799f18daada01b44cc26e024a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-47e017691bb65089a0f00e71435ac7b2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish
age: 1528951
x-cache: HIT
content-length: 3806
x-request-id: ee346d25-aba4-4470-a9c2-1751efd894cf
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Fastly
etag: "0a91dbfac59829d4d2b5a973be16e802"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2340

POST
H2 200 csp-report
q.stripe.com/ Frame 1033 0
717 B 789ms
427ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405415879
x-envoy-upstream-service-time: 53
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 7
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379498
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1033 0
716 B 745ms
383ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380654
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379468
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b6219261553f53937530555bf8cab132.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1033 398 KB
95 KB 52ms
34ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-29168aed44ba4fe262ea771ed11ef6de.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-29168aed44ba4fe262ea771ed11ef6de.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 49023
x-cache: HIT
content-length: 97466
x-request-id: b8fbc18d-e243-4fb1-bb6c-0803fae63c87
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:30 GMT
server: Fastly
etag: "cf845716af6e007d929c18f46231e69a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4308

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1033 11 KB
5 KB 52ms
34ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-29168aed44ba4fe262ea771ed11ef6de.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-29168aed44ba4fe262ea771ed11ef6de.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 1529083
x-cache: HIT
content-length: 4751
x-request-id: 5fa5ff06-f2f3-4a51-befc-c00bba5bd64a
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Tue, 21 Mar 2023 17:03:35 GMT
server: Fastly
etag: "b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30147

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 113 KB
44 KB 61ms
24ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-53CKDW5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

817c04ace0f509746bbd8a078235959bcc4598212448c72853b9917331da790f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45013
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Apr 2023 09:50:04 GMT

GET
H/1.1 200 universal-script Show response
pt.howtogettheguy.com/v1/lst/ 36 KB
36 KB 501ms
199ms Script
text/javascript 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.howtogettheguy.com/v1/lst/universal-script?ph=348372b7bbaa44705954ca9fe3318d372002b6cd6d88312c22d5b7d215ce54cc&tag=!clicked
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-62-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d13459b093b67ec56ebf92d40118dc7544f032880030f28b0e914ae129ba595b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Content-Type: text/javascript;charset=ISO-8859-1
Front-End-Https: off
Access-Control-Expose-Headers: Session-ID
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 36498

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/966723930/ 3 KB
2 KB 80ms
25ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/966723930/?random=1680947404759&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&label=JizfCMCHiIMBENqS_MwD&hn=www.googleadservices.com&frm=0&tiba=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&value=0&bttype=purchase&auid=1510503213.1680947405&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7e61e68e6059763f9dd7255687091b8c9ec14c87919eba0e447e41304846952f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 89ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 08 Apr 2023 09:50:04 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FFE5C1219BA4FD08679A336ADCD7439 Ref B: FRA31EDGE0516 Ref C: 2023-04-08T09:50:04Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 exponea.min.js Show response
api.exponea.com/js/ 217 KB
66 KB 72ms
21ms Script
application/javascript 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/js/exponea.min.js
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1c46161b49891c827a4857b271e72a58d057c954bbbc47456c2e07e6a50141d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 16 Mar 2023 11:45:44 GMT
server: nginx
etag: "64130168-10865"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67685
expires: Sat, 08 Apr 2023 10:50:04 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 50 KB
19 KB 75ms
8ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 0103cbab85d8ec8b3118f6bc13de01c54f71a571f410ef195553c2bba0903183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
cdn-edgestorageid: 723
perma-cache: HIT
cdn-storageserver: DE-571
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Wed, 29 Mar 2023 18:39:24 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 571
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642485dc-c83d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b9f04e156d545c3b55a88095518d4fe6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dtag.js Show response
cdn.attn.tv/gettheguy/ 2 KB
1 KB 94ms
14ms Script
text/javascript 2600:9000:21f3:2c00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/gettheguy/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 444b70a04f7c645970da2c52362328babb37a8147b6a45c589159af5334cc686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: mFm4rmWZ0dN2w3vxQoOvsMU2FiuBSjmI
content-encoding: gzip
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
date: Sat, 08 Apr 2023 09:48:22 GMT
last-modified: Tue, 12 Apr 2022 20:03:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 103
etag: W/"cacfc208c6fd282d3f7e0283abcd4e73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: GQN8BfdsdV0AMAXLPyl2ocqZwC365f4AtkoXppTRMdeotimaTxnGjQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MRXEY45LL7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3404312ea7f6f3e2ed5e81a12d6105853d3eff96dbd86d2922d1c9ed9fb22cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8SBJ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 08:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6292
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 08 Apr 2023 10:05:12 GMT

GET
H3 200 checkmark2x_blue.png
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/images/ 1 KB
2 KB 18ms
18ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/images/checkmark2x_blue.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/design-refresh.css?ver=1680947403
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: df1e768aef89259992eddd9c38ebae25445a8bff7df6231cd44da46737f64791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/design-refresh.css?ver=1680947403
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:05 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223979
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1230
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Sep 2020 13:30:37 GMT
server: Apache
etag: "4ce-5af09b0b6cc7e"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: _iEmb0ztEOaVT7IVeDFuAJ-wa7p4BiEnctoyGsMKCn8WMSWbt-lpLQ==
expires: Thu, 04 Apr 2024 19:37:05 GMT

GET
H3 200 media_icons.png
members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/images/ 15 KB
15 KB 20ms
20ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/images/media_icons.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/design-refresh.css?ver=1680947403
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 669cbd01b4b82b98922d92211a048faba79aabcf0f15c79901a8a2ccaf096df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/design-refresh.css?ver=1680947403
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:37:05 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 223979
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14911
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Sep 2020 13:30:37 GMT
server: Apache
etag: "3a3f-5af09b0b6cc7e"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: GL6PVHwxyo9Ks30aFWJEzlU7V2aMOclRrr_k2Izn04aK4b-0ntIYBw==
expires: Thu, 04 Apr 2024 19:37:05 GMT

GET
H2 200 elements-inner-card-80facb001782e9d06095b228f3b67d3d.html Show response
js.stripe.com/v3/ Frame E823 798 B
1 KB 8ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Requested by

Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4273f92c39603d90a2ed270015595fe17038f8a7a33d4c0aacf7bb5b34fc316c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48998
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "80facb001782e9d06095b228f3b67d3d"
last-modified: Fri, 07 Apr 2023 20:11:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 895
x-content-type-options: nosniff
x-request-id: 784a54ca-ba2a-420d-a391-d3478e30bb2f
x-served-by: cache-hhn-etou8220041-HHN

GET
H2 200 elements-inner-card-80facb001782e9d06095b228f3b67d3d.html Show response
js.stripe.com/v3/ Frame D96A 798 B
614 B 15ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Requested by

Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4273f92c39603d90a2ed270015595fe17038f8a7a33d4c0aacf7bb5b34fc316c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48998
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
etag: "80facb001782e9d06095b228f3b67d3d"
last-modified: Fri, 07 Apr 2023 20:11:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 896
x-content-type-options: nosniff
x-request-id: 1916bfe9-9104-4503-8c1a-e56fab684149
x-served-by: cache-hhn-etou8220041-HHN

GET
H3 200 secure.png
members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/ 7 KB
8 KB 18ms
17ms Image
image/png 52.222.236.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.howtogettheguy.com/wp-content/themes/gtgmember/assets/images/secure.png
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/short-form.css?ver=1680947403
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.236.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-62.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bb4e478c8d7aed77088ddf3a8777d6a7cded9ee936a92a3467f5dfa0e5716171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/wp-content/plugins/gtgmember/assets/css/short-form.css?ver=1680947403
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:16 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
age: 226008
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7671
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 May 2020 15:02:54 GMT
server: Apache
etag: "1df7-5a574c21a43f4"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 13JePiqN4o_hsJHVGkX0sq_qsAcqo8fZlQhU7NBxi85xcP0ng3EZow==
expires: Thu, 04 Apr 2024 19:03:16 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 9CC2 930 B
1 KB 41ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 222
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:04 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 179
x-content-type-options: nosniff
x-request-id: a599283a-e19e-48ef-ab60-a3407c8a0231
x-served-by: cache-hhn-etou8220041-HHN
x-timer: S1680947405.976259,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame E823 0
716 B 537ms
384ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380309
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379219
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E823 0
716 B 537ms
384ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380433
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379274
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b6219261553f53937530555bf8cab132.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E823 398 KB
95 KB 11ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 49023
x-cache: HIT
content-length: 97466
x-request-id: d53e7282-b852-4f3f-b1f7-074b62d75d0d
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:30 GMT
server: Fastly
etag: "cf845716af6e007d929c18f46231e69a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4309

GET
H2 200 ui-shared-e3e69ba2874f7013081996d5a9b6d236.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E823 280 KB
88 KB 13ms
12ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-e3e69ba2874f7013081996d5a9b6d236.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dbdb4b9eed433296fa9a0ece0fc619d83635f8c0e098b0669fd15da1c6f1e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 135923
x-cache: HIT
content-length: 89898
x-request-id: 7d2f878c-12bf-4eb9-b962-db6d2bf1512b
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 06 Apr 2023 20:02:22 GMT
server: Fastly
etag: "d0ca81c8930c5b230999e50b9bcd8f98"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4145

GET
H2 200 elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E823 50 KB
13 KB 8ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 60273
x-cache: HIT
content-length: 13588
x-request-id: 12d204d0-fa13-474e-8541-7e0de8fb1a84
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 17:03:19 GMT
server: Fastly
etag: "9c8911dcca80e60a94b3a9f397685e7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1060

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame E823 19 KB
3 KB 13ms
13ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 1356236
x-cache: HIT
content-length: 3195
x-request-id: 6b78ebc7-ad81-49ee-8e48-57b89be395ac
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6779

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame E823 10 KB
2 KB 18ms
18ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 60273
x-cache: HIT
content-length: 1614
x-request-id: 25ebdadb-4d56-4d51-a5b3-5ce81a83e553
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1017

POST
H2 200 csp-report
q.stripe.com/ Frame D96A 0
717 B 540ms
398ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405381884
x-envoy-upstream-service-time: 10
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379642
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D96A 0
717 B 518ms
377ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405381302
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947405379844
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b6219261553f53937530555bf8cab132.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D96A 398 KB
95 KB 14ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 49023
x-cache: HIT
content-length: 97466
x-request-id: 5716c424-6b45-4be7-9fcf-563d7caac06d
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:30 GMT
server: Fastly
etag: "cf845716af6e007d929c18f46231e69a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4310

GET
H2 200 ui-shared-e3e69ba2874f7013081996d5a9b6d236.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D96A 280 KB
88 KB 15ms
12ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-e3e69ba2874f7013081996d5a9b6d236.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dbdb4b9eed433296fa9a0ece0fc619d83635f8c0e098b0669fd15da1c6f1e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 135923
x-cache: HIT
content-length: 89898
x-request-id: 6eb6cb9f-bdf0-4cd3-b756-c4378581d68d
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 06 Apr 2023 20:02:22 GMT
server: Fastly
etag: "d0ca81c8930c5b230999e50b9bcd8f98"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4146

GET
H2 200 elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D96A 50 KB
13 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 60273
x-cache: HIT
content-length: 13588
x-request-id: 70ea2e9e-0971-4af7-9f44-49819c76becb
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 17:03:19 GMT
server: Fastly
etag: "9c8911dcca80e60a94b3a9f397685e7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1061

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame D96A 19 KB
3 KB 12ms
9ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 1356236
x-cache: HIT
content-length: 3195
x-request-id: 8fbe28d7-11e5-46ef-a64c-92c31c5ad453
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6780

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame D96A 10 KB
2 KB 13ms
11ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:04 GMT
via: 1.1 varnish
age: 60273
x-cache: HIT
content-length: 1614
x-request-id: 22d16586-d134-4a02-87de-447e31dba71c
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1018

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 84ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-35652933-1&cid=2100281159.1680947405&jid=779370146&gjid=274002124&_gid=751107205.1680947405&_u=aGBAiEABRAAAAEAAI~&z=626748215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 08 Apr 2023 09:50:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://members.howtogettheguy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
192 B 8ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1539936020&t=pageview&_s=1&dl=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&dp=%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&ul=en-us&de=UTF-8&dt=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEABRAAAAAAAI~&jid=779370146&gjid=274002124&cid=2100281159.1680947405&tid=UA-35652933-1&_gid=751107205.1680947405&gtm=45He3430n71M8SBJ4&cd15=20230408&cd16=exponea%20%2F%20email&cd17=S3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...&cd18=(not%20set)&cd19=(not%20set)&cd20=%2Fcheckout%2F&z=1960083037

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56693
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 40ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MRXEY45LL7&gtm=45je3430&_p=1539936020&cid=2100281159.1680947405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680947405&sct=1&seg=0&dl=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&dt=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MRXEY45LL7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://members.howtogettheguy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/966723930/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmemb...
https://www.google.com/pagead/1p-conversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.co...
https://www.google.de/pagead/1p-conversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.com...

42 B
154 B

34ms
30ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&label=JizfCMCHiIMBENqS_MwD&hn=www.googleadservices.com&frm=0&tiba=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&value=0&auid=1510503213.1680947405&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtIRW9RWVE5dEhVM3NyV2xKVmFFaVlBWWVMNVE1dUY2NUdCUDcwem1za096OXhxNVJ0TzBsakViS25tX3haQTQ5MXZaTzhMSncaWENoQUk4S0hFb1FZUWhkVGd1cDZFMmY4c0VpNEFIUlYxUTE2VnMwNWFJUVBVNHVpaWpIV0NQdWt0cWw1VmdUV2pJc0hTTUZxMEt2VlpyMU5NeTJHU3ZVOVg&is_vtc=1&ocp_id=zDgxZJCEM6XLmweK2b64Dw&eitems=ChAI8KHEoQYQ7tuHsMm24fYaEh0AYdSYB6kfk8UmilwvN57HbOtnIDgXH_eabBg3kg&random=3792816785&ipr=y&prhg=0&ezwbk=AZuM4hB7kLe2h0zZOKqIeEQStdIzARrY6CBBzrIUQEugYQW5QRE2vHmIgczMRUzoG_6GNYBxfrMotjeIfXCmjoymiG2H

Requested by

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/966723930/?random=2081076563&cv=11&fst=1680947404759&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&label=JizfCMCHiIMBENqS_MwD&hn=www.googleadservices.com&frm=0&tiba=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&value=0&auid=1510503213.1680947405&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEtIRW9RWVE5dEhVM3NyV2xKVmFFaVlBWWVMNVE1dUY2NUdCUDcwem1za096OXhxNVJ0TzBsakViS25tX3haQTQ5MXZaTzhMSncaWENoQUk4S0hFb1FZUWhkVGd1cDZFMmY4c0VpNEFIUlYxUTE2VnMwNWFJUVBVNHVpaWpIV0NQdWt0cWw1VmdUV2pJc0hTTUZxMEt2VlpyMU5NeTJHU3ZVOVg&is_vtc=1&ocp_id=zDgxZJCEM6XLmweK2b64Dw&eitems=ChAI8KHEoQYQ7tuHsMm24fYaEh0AYdSYB6kfk8UmilwvN57HbOtnIDgXH_eabBg3kg&random=3792816785&ipr=y&prhg=0&ezwbk=AZuM4hB7kLe2h0zZOKqIeEQStdIzARrY6CBBzrIUQEugYQW5QRE2vHmIgczMRUzoG_6GNYBxfrMotjeIfXCmjoymiG2H
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
10ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=401376653365936&ev=PageView&dl=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&rl=&if=false&ts=1680947405086&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=62&cs_est=true&fbp=fb.1.1680947405085.1794497946&it=1680947404642&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 08 Apr 2023 09:50:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 9ms
9ms Stylesheet
text/css 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
cdn-edgestorageid: 755
perma-cache: HIT
cdn-storageserver: DE-569
cdn-cachedat: 04/06/2023 18:10:57
cdn-pullzone: 293267
last-modified: Wed, 29 Mar 2023 18:39:25 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 567
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642485dd-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 37412bc1159ab70ade7b382c2c7ebefc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9781 Show response
api.omappapi.com/v2/embed/ 227 B
824 B 133ms
98ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/9781?d=members.howtogettheguy.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 4832
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: iJ6nl_EAPG058aLpy_cw57Jg1QP-sNE1Qj3rizpPujJrr7C5FEXOWA==
expires: Sat, 08 Apr 2023 09:48:41 GMT

GET
H3 200 bundle Show response
api.exponea.com/webxp/projects/1ac239aa-95c2-11ea-80c9-d2ae0b12c430/ 9 KB
693 B 38ms
17ms Fetch
application/json 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/1ac239aa-95c2-11ea-80c9-d2ae0b12c430/bundle
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 599966ca2f410d4fb4ccab5ad26894ebe3d4ac97d3d625f3d7d338660e2f7c62

Request headers

Accept: application/json
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
via: 1.1 google
etag: "599966ca2f410d4fb4ccab5ad26894ebe3d4ac97d3d625f3d7d338660e2f7c62"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 exp.js Show response
exp-framework.exponea.com/ 21 KB
7 KB 66ms
8ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://exp-framework.exponea.com/exp.js

Requested by

Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e266cf094e49221cb485fa10259ec005bd96b2a97b94834105a4e9f753366c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220039-HHN
strict-transport-security: max-age=31556926
content-encoding: gzip
date: Sat, 08 Apr 2023 09:50:05 GMT
last-modified: Wed, 13 Feb 2019 09:35:23 GMT
x-timer: S1680947405.217412,VS0,VE0
etag: "577b4d98234ac092ef038f7d6c5e307cabed215f18e2572abc78d5f3bb0a6e3b"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7106
x-cache-hits: 25

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2068 474 B
610 B 23ms
8ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4bc45d3eaf7a786f271faaf7fc5ea1fb9f3d0a697dc99662ec061e8974665c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-f2b5256d2ac9dc347bbae6d110f51e74.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 41
x-cache: HIT
content-length: 296
x-request-id: 6ffa47e7-b788-4e33-bf76-29ec06632d4d
x-served-by: cache-hhn-etou8220038-HHN
last-modified: Fri, 07 Apr 2023 22:54:09 GMT
server: Fastly
etag: "e07181f80f527c7a6c7a6af11e27d253"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

POST
H2 200 csp-report
q.stripe.com/ Frame 9CC2 0
490 B 274ms
273ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405380532
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405379702
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 14ms
14ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 04 Apr 2023 09:39:00 GMT
server: gfra1
etag: "642bf034-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H2 200 attn.js Show response
cdn.attn.tv/ 187 KB
62 KB 13ms
12ms Script
application/javascript 2600:9000:21f3:2c00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/attn.js?v=4-latest_a3dff51dee
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/gettheguy/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75104ad76c2187be458542d13ef8b443772d09991ecb836baa83f2063152887d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: wD60ox.TcQyZ9t2bWUzJShs8_I7OOak_
content-encoding: gzip
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
date: Sat, 08 Apr 2023 09:49:31 GMT
x-amz-cf-pop: FRA2-C2
age: 91
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 63145
last-modified: Wed, 08 Mar 2023 16:34:13 GMT
server: AmazonS3
etag: "82db24f769e2ddff6ba97471a7605820"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: OezfvRmCeoV73_OSm8YMVykS3U5DXePIBQjYXyRG_HCeme7mu9zr9A==

GET
H2 204 analytics.js Show response
cdn.attn.tv/3.08.19/ 0
237 B 9ms
9ms Script
text/plain 2600:9000:21f3:2c00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/3.08.19/analytics.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/gettheguy/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:48:25 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
age: 100
x-cache: Hit from cloudfront
cache-control: public, max-age=120
x-amz-cf-id: 725_Pn7vv9M1YA3nAbcLmju9EvU9UJ6VwEw0M6lfukEVzNlhs1Tfxg==

GET
H2 204 5117984.js Show response
bat.bing.com/p/action/ 0
119 B 106ms
106ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5117984.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 08 Apr 2023 09:50:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C1B1CBF36DAC4DE1B975AAD5773D9B5C Ref B: FRA31EDGE0516 Ref C: 2023-04-08T09:50:05Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5117984&tm=gtm002&Ver=2&mid=369a8e28-9ae3-42bb-aa85-df81b57156b5&sid=bd456a60d5f211ed92091167fb3b0349&vid=bd45c950d5f211edad3eb16b2b05f412&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&p=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&r=&lt=1078&evt=pageLoad&sv=1&rn=645668

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Apr 2023 09:50:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2E0757C4B584BDE9AADB2C889FBC53C Ref B: FRA31EDGE0516 Ref C: 2023-04-08T09:50:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 3A27 474 B
370 B 9ms
9ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4bc45d3eaf7a786f271faaf7fc5ea1fb9f3d0a697dc99662ec061e8974665c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 41
x-cache: HIT
content-length: 296
x-request-id: 4b449433-0fa3-41c1-84b1-db73910758ec
x-served-by: cache-hhn-etou8220038-HHN
last-modified: Fri, 07 Apr 2023 22:54:09 GMT
server: Fastly
etag: "e07181f80f527c7a6c7a6af11e27d253"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 63ms
34ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35652933-1&cid=2100281159.1680947405&jid=779370146&_u=aGBAiEABRAAAAEAAI~&z=940495130

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 72ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-35652933-1&cid=2100281159.1680947405&jid=779370146&_u=aGBAiEABRAAAAEAAI~&z=940495130

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 9CC2 86 KB
16 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 08 Apr 2023 09:50:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 174
x-cache: HIT
content-length: 16031
x-request-id: 03098034-7313-41aa-aac7-e22f1700f93e
x-served-by: cache-hhn-etou8220041-HHN
server: Fastly
x-timer: S1680947405.317356,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 135

POST
H2 200 bulk Show response
api.exponea.com/ 497 B
750 B 22ms
21ms Fetch
application/json 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/bulk
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e92c8266af95655490cb8a2f529bd1c7012dc21150d69a6cee7f60fb3a7671e3

Request headers

Accept: application/json
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://members.howtogettheguy.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 497
x-request-id: 5244382c-2cf6-4af0-9b24-ac33295ad2e1

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 29E9 18 KB
8 KB 76ms
74ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31eb3999600578c84baa63b6e44051825dbea7f0086e493f09d698b95df56201

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tu87BF3tV68DNOIycAcc4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Tu87BF3tV68DNOIycAcc4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 08 Apr 2023 09:50:05 GMT
expires: Sat, 08 Apr 2023 09:50:05 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame 2068 1020 B
2 KB 300ms
208ms Fetch
application/json 52.215.231.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_51K0B3bBxh7yb1SSrmB0Vm05YAi1jg5FbKtnrgGAtoDvxn7MQeixq0nPmjcH5BCuk8bR1Lc1QoTvN3tPFzyt2ASIb00qEHUlAru&request_surface=web_elements_controller&stripe_js_id=d72484d5-4a07-4250-8b51-12aea6e7315e

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.215.231.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-231-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

726ceb0a99978a0b08971e399e3ee920212e862c8766a45ca839e5d3f021d153

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947405537399
content-length: 1020
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 53
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1680947405536532
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

GET
H2 200 5.112e6dc7.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 8ms
7ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.112e6dc7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
cdn-edgestorageid: 723
perma-cache: HIT
cdn-storageserver: DE-568
cdn-cachedat: 04/06/2023 18:10:56
cdn-pullzone: 293267
last-modified: Thu, 02 Feb 2023 22:05:53 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 541
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63dc33c1-3f86"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d08edf71e0769b0f035dcab0e0988c90
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E823 474 B
370 B 7ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4bc45d3eaf7a786f271faaf7fc5ea1fb9f3d0a697dc99662ec061e8974665c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 41
x-cache: HIT
content-length: 296
x-request-id: ddf427a4-925f-4d75-b11f-09cf9d62495f
x-served-by: cache-hhn-etou8220038-HHN
last-modified: Fri, 07 Apr 2023 22:54:09 GMT
server: Fastly
etag: "e07181f80f527c7a6c7a6af11e27d253"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D96A 474 B
371 B 9ms
9ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4bc45d3eaf7a786f271faaf7fc5ea1fb9f3d0a697dc99662ec061e8974665c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-80facb001782e9d06095b228f3b67d3d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 41
x-cache: HIT
content-length: 296
x-request-id: 4de67c53-a786-4bd3-8888-d7c82594dd04
x-served-by: cache-hhn-etou8220038-HHN
last-modified: Fri, 07 Apr 2023 22:54:09 GMT
server: Fastly
etag: "e07181f80f527c7a6c7a6af11e27d253"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 233ms
203ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405553608
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680947405553237
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 235ms
206ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405553869
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405553494
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 229ms
200ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405553565
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405553077
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 232ms
203ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405553872
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405553362
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 231ms
202ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405553574
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405553361
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 240ms
215ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561027
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405560489
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 223ms
199ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405553570
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405553185
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 232ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405560777
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405560544
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 237ms
214ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405560984
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405560599
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 237ms
214ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405560991
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405560661
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 236ms
212ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561071
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405560704
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 237ms
214ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561070
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405560847
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 236ms
213ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561100
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680947405560784
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 244ms
221ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561345
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405560927
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 238ms
216ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561359
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405561053
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 237ms
215ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561380
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405561072
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 245ms
223ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561616
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405561012
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 243ms
222ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561853
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405561185
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 244ms
223ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405561856
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405561411
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200 gusid Show response
pt.howtogettheguy.com/v1/lst/ 0
762 B 111ms
111ms XHR
text/plain 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.howtogettheguy.com/v1/lst/gusid?ref_url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26utm_medium%3Demail%26he%3Dverdacht%252540safeonweb.be%26el%3Demail
Requested by: Host: pt.howtogettheguy.com
URL: https://pt.howtogettheguy.com/v1/lst/universal-script?ph=348372b7bbaa44705954ca9fe3318d372002b6cd6d88312c22d5b7d215ce54cc&tag=!clicked
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-62-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Product-ID: 182863
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx/1.18.0 (Ubuntu)
Session-ID: HB-ET_bcee77fd12a6c9fd9b4555ea60e47b171015caa94888e1a398239d3ebd128943
ETag: HB-ET_bcee77fd12a6c9fd9b4555ea60e47b171015caa94888e1a398239d3ebd128943
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Expose-Headers: Session-ID
Front-End-Https: off
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

OPTIONS
H/1.1 200 gusid
pt.howtogettheguy.com/v1/lst/ Frame 0
0 275ms
93ms Preflight 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.howtogettheguy.com/v1/lst/gusid?ref_url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26utm_medium%3Demail%26he%3Dverdacht%252540safeonweb.be%26el%3Demail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-62-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: product-id
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Apr 2023 09:50:05 GMT
Front-End-Https: off
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 / Show response
gettheguy.attn.tv/d/ 5 B
276 B 433ms
383ms Fetch
application/json 172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gettheguy.attn.tv/d/?attn_vid=a14713ef98ba4f7caae79f1915063467
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4-latest_a3dff51dee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 7
cf-ray: 7b499aa47e2137c6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 200ms
200ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405562786
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405562119
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 200ms
200ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405562889
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680947405562569
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 198ms
197ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405566340
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405565784
access-control-allow-credentials: true
content-length: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 29E9 2 KB
2 KB 119ms
119ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/am=gPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame 29E9 158 KB
56 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/am=gPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgpplnrWBgBWp1rcBEckVh1-WyWZg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9403f7b8a6fc7007168928433acf8ef35a3a5391169498e500d2981b4129f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 16:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 01:39:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 16:34:13 GMT

GET
H2 200 gettheguy.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 752 B
1 KB 12ms
12ms Script
application/javascript 2600:9000:21f3:2c00:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/gettheguy.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4-latest_a3dff51dee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c8eb1a259ee7027fe7ad9353b6093163e75d7ead8f2d3ecaeebf343864f536c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: FJ3Zx21DM36qh02_LtwK0tBjs63Gh0lc
date: Sat, 08 Apr 2023 09:49:33 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 33
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 752
last-modified: Tue, 28 Mar 2023 18:56:58 GMT
server: AmazonS3
etag: "98165996e3f7a1df83cff95099d4335e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
accept-ranges: bytes
x-amz-cf-id: w0nypzdlkhuHCfvp6WNhNonB6PJkvHkFltpW3wrDfnwxklzXqDdfkw==

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 185ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405592522
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405591942
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 185ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405674567
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405674027
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 187ms
187ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405702542
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405702230
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 186ms
186ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405704840
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405704529
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 186ms
186ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405704936
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405704597
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 187ms
186ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405707887
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680947405707646
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 9CC2 156 B
668 B 582ms
194ms XHR
application/json 35.161.191.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.191.188 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-191-188.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

af0ab7937dac49a4f43085c759c5408d7fa521dcc095495ae1399327a3dc5680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947406102545
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680947406101910
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 show Show response
api.exponea.com/managed-tags/ 43 B
59 B 40ms
40ms Fetch
application/json 35.244.143.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.exponea.com/managed-tags/show

Requested by

Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.143.131 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

131.143.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ef51cee56d3dde41e94db0c99f36260c49143a2c05e85bcfed40e3a8f0edc1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
server: nginx
content-type: application/json
access-control-allow-origin: https://members.howtogettheguy.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

OPTIONS
H/1.1 200
OK 6y9m5sjbb3sm3cbg
client-analytics.braintreegateway.com/ Frame 0
0 81ms
11ms Preflight 3.66.196.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6y9m5sjbb3sm3cbg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.196.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-196-123.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx

OPTIONS
H/1.1 200
OK 6y9m5sjbb3sm3cbg
client-analytics.braintreegateway.com/ Frame 0
0 84ms
8ms Preflight 3.66.196.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6y9m5sjbb3sm3cbg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.196.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-196-123.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx

POST
H/1.1 200
OK 6y9m5sjbb3sm3cbg Show response
client-analytics.braintreegateway.com/ 0
291 B 12ms
11ms XHR
text/plain 3.66.196.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6y9m5sjbb3sm3cbg
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.3/js/client.min.js?ver=6.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.196.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-196-123.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 6y9m5sjbb3sm3cbg Show response
client-analytics.braintreegateway.com/ 0
291 B 11ms
11ms XHR
text/plain 3.66.196.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6y9m5sjbb3sm3cbg
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.3/js/client.min.js?ver=6.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.196.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-196-123.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
checkout.paypal.com/web/3.85.3/html/ Frame C854 10 KB
4 KB 1577ms
712ms Document
text/html 18.64.141.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.85.3/html/dispatch-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.3/js/paypal-checkout.min.js?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.64.141.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-141-68.mct50.r.cloudfront.net

Software

nginx /

Resource Hash

cd5730856794ecb3ef70532da9a9e6e2cc0448f117a0063b54c4be17826dcfb5

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32060
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sat, 08 Apr 2023 00:56:10 GMT
etag: W/"64274206-261a"
expires: Sun, 09 Apr 2023 00:55:46 GMT
last-modified: Fri, 31 Mar 2023 20:26:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 9704cd9f496805a492038a8530cea3ea.cloudfront.net (CloudFront)
x-amz-cf-id: _5s8dGXP9Ch-iT-4LPqXkw_pe6ld7Hm9Hx05zQcFUQytmNbobKlXsA==
x-amz-cf-pop: MCT50-P1
x-cache: Hit from cloudfront

OPTIONS
H/1.1 200
OK 6y9m5sjbb3sm3cbg
client-analytics.braintreegateway.com/ Frame 0
0 80ms
8ms Preflight 3.66.196.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6y9m5sjbb3sm3cbg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.196.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-196-123.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx

POST
H/1.1 200
OK 6y9m5sjbb3sm3cbg Show response
client-analytics.braintreegateway.com/ 0
291 B 12ms
11ms XHR
text/plain 3.66.196.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6y9m5sjbb3sm3cbg
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.3/js/client.min.js?ver=6.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.196.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-196-123.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 59 KB
21 KB 78ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.3/js/data-collector.min.js?ver=6.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 562759
x-cache: HIT
paypal-debug-id: a0af0219d37e6
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000a0af0219d37e6-ca072def60e7f7b8-01
etag: "63d97a76-ecbf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 09:50:05 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 259 KB
73 KB 59ms
16ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons&vault=true&intent=tokenize&client-id=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.3/js/paypal-checkout.min.js?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c187b79fea1d2ee50364d603fb2897e4192d555c19ffdda7d47c7b7a0730e1e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 7850
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f927571500261
server-timing: "traceparent;desc="00-0000000000000000000f927571500261-f9c5a3e49ad300a2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 74001
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220028-HHN, cache-fra-eddf8230128-FRA
traceparent: 00-0000000000000000000f927571500261-bd9e4aac310f17a1-01
x-timer: S1680947406.674121,VS0,VE3
etag: W/"12111-H5mYoJv1PhfWIlSjiCrTNWiPzUU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 187ms
187ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405740969
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680947405740666
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 188ms
187ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405741015
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680947405740724
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 63E1 0
56 B 15ms
9ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://members.howtogettheguy.com
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://members.howtogettheguy.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 09:50:05 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 190ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405756120
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680947405755867
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 188ms
187ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405756331
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405755960
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fC2... Frame 29E9 70 KB
26 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fC2KzXwSTPM.L.B1.O/am=gPEAIA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrj2pkAD1lWKB89po0yCFAs9EFWPGw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/am=gPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgpplnrWBgBWp1rcBEckVh1-WyWZg/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ee5f34800698076e3cc15bc0cc54edbcd45503a9fb1b7b1c257247891f3dbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 16:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26127
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 10:24:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 16:42:31 GMT

POST
H2 204 unrenderedCreative
gettheguy.attn.tv/ 0
0 385ms
384ms Fetch 172.64.150.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gettheguy.attn.tv/unrenderedCreative?v=614b568b&r=&id=a14713ef98ba4f7caae79f1915063467&pv=1&l=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/attn.js?v=4-latest_a3dff51dee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
cf-ray: 7b499aa59f8b37c6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 184ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405813904
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405813564
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 185ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405815004
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405814652
access-control-allow-credentials: true
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 29E9 1 MB
387 KB 75ms
75ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69c7e223d6730cb3400ce8a4cc3984017e157d5301cfdc387294e0896211a9d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5pAO8kJ4rB4RL4wSoaZZNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5pAO8kJ4rB4RL4wSoaZZNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 08 Apr 2023 09:50:05 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 12ms
12ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=members.howtogettheguy.com&t=xo&v=5.0.362&source=payments_sdk&client_id=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&comp=buttons&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons&vault=true&intent=tokenize&client-id=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

113659535c99dfe8f52a8e20bbaad01f1163f3a4abf9f6445eed5cb679aa3b9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-TADUF36PYLoiy/jTAhlTdloWfPBOb4FRrxYMX/Cpd5x262kx' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-TADUF36PYLoiy/jTAhlTdloWfPBOb4FRrxYMX/Cpd5x262kx' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 56656
x-cache: HIT, HIT
paypal-debug-id: f2995559d8a73
server-timing: "traceparent;desc="00-0000000000000000000f2995559d8a73-000c3e75a7e928a1-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4761
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220061-HHN, cache-fra-eddf8230128-FRA
traceparent: 00-0000000000000000000f2995559d8a73-c8b6cdca7afed842-01
x-timer: S1680947406.745061,VS0,VE2
etag: W/"3567-LuG9dj4h8GYrew34uxZKFVqXa4M"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 61F9 376 KB
137 KB 408ms
405ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=white&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.362&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmdmF1bHQ9dHJ1ZSZpbnRlbnQ9dG9rZW5pemUmY2xpZW50LWlkPUFXbHBtaEk3YTZjQUNpNWtDU3RsRWc1NHhPc3Z6eWhMUUx2a095aVFyTVpvVmpkUi1VWjF5XzNBR1JDTmRsXzVRdWRKZ0NWZWMxeHJZTW9FIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZnljcnhybGJ4cWNsZmRiaXNna3VzaHZvbXdlamh3In19&clientID=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&sdkCorrelationID=f62620033788c&storageID=uid_c9b788a35b_mdk6nta6mdu&sessionID=uid_df8e99d7e3_mdk6nta6mdu&buttonSessionID=uid_4dff6c95e3_mdk6nta6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81d118920bd7b1751bf6f813965ed2590276f1f1b7b2e599dba0c6ab8fa70d56

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:06 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5e0d7-m5SzC2uaslTpSAiSgGVLK31nEAI"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f460314a537b6
server-timing: "traceparent;desc="00-0000000000000000000f460314a537b6-c5ddd457b76f2cb0-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f460314a537b6-aac796bd2000574e-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn-etou8220052-HHN, cache-fra-eddf8230128-FRA
x-timer: S1680947406.798669,VS0,VE383
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 0A5F 3 KB
1 KB 19ms
12ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: fd35fefdc700d
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
x-served-by: cache-sjc10045-SJC, cache-hhn-etou8220076-HHN
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
traceparent: 00-0000000000000000000fd35fefdc700d-1b825df7f896bb0c-01
x-timer: S1680947406.801208,VS0,VE0
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 30, 3687

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 188ms
188ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405894085
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405893766
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 189ms
188ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405894218
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405893841
access-control-allow-credentials: true
content-length: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 3D0A 160 B
1 KB 163ms
162ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: f0eafff3171d4
date: Sat, 08 Apr 2023 09:50:05 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: f0eafff3171d4
server: ECAcc (frc/4CCC)
server-timing: traceparent;desc="00-0000000000000000000f0eafff3171d4-3c0b07eade2767aa-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000f0eafff3171d4-0de4511a3e2f189f-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/ Frame 1AC5
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=20ba26b0f51db2368af7e0e6780efac9&t=1680947405.623&a=14
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=20ba26b0f51db2368af7e0e6780efac9&t=1680947405.623&a=14

42 B
299 B

116ms
34ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=20ba26b0f51db2368af7e0e6780efac9&t=1680947405.623&a=14
Requested by: Host: members.howtogettheguy.com
URL: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 09:50:06 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=20ba26b0f51db2368af7e0e6780efac9&t=1680947405.623&a=14
Date: Sat, 08 Apr 2023 09:50:05 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fC2... Frame 29E9 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fC2KzXwSTPM.L.B1.O/am=gPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrj2pkAD1lWKB89po0yCFAs9EFWPGw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294dbc10d8f040313420c7c8a7432b7ef3f92ecce09599e2aa2645030cdfcbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 16:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9344
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 10:24:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 16:42:31 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fC2... Frame 29E9 36 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.W5qdPG19VOQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fC2KzXwSTPM.L.B1.O/am=gPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrj2pkAD1lWKB89po0yCFAs9EFWPGw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

605ccc895cf299566c149ab2390225100d52c2ac84f6669345bfa17a81a921bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 16:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13575
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 10:24:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 16:42:31 GMT

POST
H2 200 log Show response
play.google.com/ Frame 29E9 131 B
273 B 25ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 69ms
22ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 08 Apr 2023 09:50:05 GMT
expires: Sat, 08 Apr 2023 09:50:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 29E9 131 B
273 B 24ms
18ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 68ms
23ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 08 Apr 2023 09:50:05 GMT
expires: Sat, 08 Apr 2023 09:50:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 29E9 131 B
273 B 44ms
39ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 68ms
24ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 08 Apr 2023 09:50:05 GMT
expires: Sat, 08 Apr 2023 09:50:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 29E9 131 B
273 B 45ms
39ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 67ms
24ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 08 Apr 2023 09:50:05 GMT
expires: Sat, 08 Apr 2023 09:50:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200 pc Show response
pt.howtogettheguy.com/v1/lst/ 117 B
557 B 110ms
103ms XHR
application/json 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.howtogettheguy.com/v1/lst/pc?sl=email&is_el=true&ref_url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26utm_medium%3Demail%26he%3Dverdacht%252540safeonweb.be%26el%3Demail&fbp_id=401376653365936&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.146+Safari%2F537.36&is_he=true
Requested by: Host: pt.howtogettheguy.com
URL: https://pt.howtogettheguy.com/v1/lst/universal-script?ph=348372b7bbaa44705954ca9fe3318d372002b6cd6d88312c22d5b7d215ce54cc&tag=!clicked
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-62-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3ef683acf1e3f47955d71ad0c5ffa90fa174006dbc51cef40fea0331438655c1

Request headers

Session-ID: HB-ET_bcee77fd12a6c9fd9b4555ea60e47b171015caa94888e1a398239d3ebd128943
Product-ID: 182863
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Access-Control-Allow-Headers: *

Response headers

Date: Sat, 08 Apr 2023 09:50:06 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Expose-Headers: Session-ID
Front-End-Https: off
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 117

OPTIONS
H/1.1 200 pc
pt.howtogettheguy.com/v1/lst/ Frame 0
0 105ms
103ms Preflight 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.howtogettheguy.com/v1/lst/pc?sl=email&is_el=true&ref_url=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%25253A%252520ATC%252520Hotlist%252520%25257C%252520Email%252520%2525232%252520%25257C%252520I%252527m%252520not%252520giving%252520up%252520on%252520you...%26utm_medium%3Demail%26he%3Dverdacht%252540safeonweb.be%26el%3Demail&fbp_id=401376653365936&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.146+Safari%2F537.36&is_he=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-62-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Apr 2023 09:50:05 GMT
Front-End-Https: off
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 187ms
186ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405929255
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405928613
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 185ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405929762
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405929446
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 186ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405931712
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405931386
access-control-allow-credentials: true
content-length: 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 11ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=members.howtogettheguy.com&t=xo&v=5.0.362&source=payments_sdk&client_id=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&comp=buttons&vault=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
x-served-by: cache-sjc10081-SJC, cache-hhn-etou8220076-HHN
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1680947406.837422,VS0,VE0
etag: W/"6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1004776, 18185

GET
H2 200 ts
t.paypal.com/ 42 B
563 B 187ms
157ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AC7QUSA3Z7CPFC-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AC7QUSA3Z7CPFC-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=636c067b-2a46-4edc-aa62-7dcbd9bb6f4c&fltp=analytics&mrid=C7QUSA3Z7CPFC&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1680947405834&g=0&completeurl=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCF) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CCF)
traceparent: 00-00000000000000000003f5a3db31c8dc-df58dd8dc0929a83-01
content-type: image/gif
paypal-debug-id: 3f5a3db31c8dc
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Sat, 08 Apr 2023 09:50:05 GMT

POST
H2 200 log Show response
play.google.com/ Frame 29E9 131 B
273 B 45ms
40ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 49ms
24ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 08 Apr 2023 09:50:05 GMT
expires: Sat, 08 Apr 2023 09:50:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 29E9 131 B
578 B 57ms
26ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:05 GMT

POST
H2 200 log Show response
play.google.com/ Frame 29E9 131 B
273 B 25ms
19ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 09:50:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
23ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 08 Apr 2023 09:50:05 GMT
expires: Sat, 08 Apr 2023 09:50:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 185ms
184ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405949789
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405949552
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 186ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405950271
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405949985
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 186ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405956732
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405956200
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 186ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405957558
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405956951
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html Show response
js.stripe.com/v3/ Frame F789 820 B
1 KB 24ms
24ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

05ed1a5e93aded205e577253a3594ea40a170d900581af2f7514a18b5239a59e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48988
cache-control: max-age=31536000
content-encoding: br
content-length: 372
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 09:50:05 GMT
etag: "34c9e57a840ab5afb3b1095d3455e2c9"
last-modified: Fri, 07 Apr 2023 20:11:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 400
x-content-type-options: nosniff
x-request-id: ec7ad49d-e917-422a-8d05-ee794642d677
x-served-by: cache-hhn-etou8220041-HHN

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 190ms
189ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405967421
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405967073
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 190ms
189ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405970566
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680947405970180
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 191ms
190ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:05 GMT
x-stripe-server-envoy-start-time-us: 1680947405970587
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947405970267
access-control-allow-credentials: true
content-length: 0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 9495 54 KB
17 KB 19ms
19ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Sat, 08 Apr 2023 09:50:05 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 935084, 19655
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-hhn-etou8220076-HHN
x-timer: S1680947406.882849,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame F789 0
716 B 193ms
183ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947406001447
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947406001055
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F789 0
716 B 207ms
197ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680947406012633
x-envoy-upstream-service-time: 16
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680947406001118
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b6219261553f53937530555bf8cab132.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F789 398 KB
95 KB 18ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish
age: 49024
x-cache: HIT
content-length: 97466
x-request-id: fe48f2a8-2f6e-4c30-b494-f775ec85f162
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Fri, 07 Apr 2023 20:11:30 GMT
server: Fastly
etag: "cf845716af6e007d929c18f46231e69a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4312

GET
H2 200 ui-shared-e3e69ba2874f7013081996d5a9b6d236.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F789 280 KB
88 KB 17ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-e3e69ba2874f7013081996d5a9b6d236.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dbdb4b9eed433296fa9a0ece0fc619d83635f8c0e098b0669fd15da1c6f1e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish
age: 135924
x-cache: HIT
content-length: 89898
x-request-id: 99dc6483-6b7b-4e6b-8c67-6464f284e288
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 06 Apr 2023 20:02:22 GMT
server: Fastly
etag: "d0ca81c8930c5b230999e50b9bcd8f98"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4148

GET
H2 200 elements-inner-payment-request-8fc110aa9d28706f0807af24fd065eb4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F789 50 KB
16 KB 30ms
25ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-8fc110aa9d28706f0807af24fd065eb4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1157ba26d58dca281060a1a36464f280b1baed8c46cab588f6a4a939efa93a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish
age: 405766
x-cache: HIT
content-length: 16578
x-request-id: c2ae3358-d600-4d84-8f79-abb6e6f63e62
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Mon, 03 Apr 2023 17:04:06 GMT
server: Fastly
etag: "e6dd1961a99215d186f741880f4b2666"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4648

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame F789 19 KB
3 KB 16ms
6ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish
age: 1356237
x-cache: HIT
content-length: 3195
x-request-id: e4ad92ed-27d7-4af2-99cf-b1577746a57f
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6782

GET
H2 200 elements-inner-payment-request-2903d0b6081aebd61e361803159b8652.css
js.stripe.com/v3/fingerprinted/css/ Frame F789 10 KB
3 KB 18ms
9ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-2903d0b6081aebd61e361803159b8652.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0e9a079ff86fa5537a25c27a532a48b6d32c28c49c24fd4569ab8faefec38f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:05 GMT
via: 1.1 varnish
age: 837739
x-cache: HIT
content-length: 2434
x-request-id: 133df2fa-c7ff-414c-85e5-f55adf9bfbdd
x-served-by: cache-hhn-etou8220041-HHN
last-modified: Wed, 29 Mar 2023 17:04:43 GMT
server: Fastly
etag: "feff883b99e0e81980e8d7aa280a0034"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8288

GET
H2 200 ts
t.paypal.com/ 42 B
493 B 174ms
173ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AC7QUSA3Z7CPFC-1&page=muse%3Aoffer%3A%3A%3AC7QUSA3Z7CPFC-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=636c067b-2a46-4edc-aa62-7dcbd9bb6f4c&es=visitorInfoFlowStarted&mrid=C7QUSA3Z7CPFC&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1680947405952&g=0&completeurl=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC8) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CC8)
traceparent: 00-000000000000000000057877f1f826ef-4a3a7b749df32967-01
content-type: image/gif
paypal-debug-id: 57877f1f826ef
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Sat, 08 Apr 2023 09:50:06 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F789 474 B
372 B 10ms
10ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4bc45d3eaf7a786f271faaf7fc5ea1fb9f3d0a697dc99662ec061e8974665c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-34c9e57a840ab5afb3b1095d3455e2c9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 42
x-cache: HIT
content-length: 296
x-request-id: b1fa7eac-e9c7-4f8b-9206-1d89ea5feece
x-served-by: cache-hhn-etou8220038-HHN
last-modified: Fri, 07 Apr 2023 22:54:09 GMT
server: Fastly
etag: "e07181f80f527c7a6c7a6af11e27d253"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 9495 435 B
2 KB 269ms
268ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

090fb3ae70bbbe8582ef9f2537158ccc26b3c27fe49a9a15910c4c5dc03e2465

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-gHdTNJGf29VCWKzFRqS9Js/JyI6DVSYRrHvd6jcdmDKgXF4X' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-gHdTNJGf29VCWKzFRqS9Js/JyI6DVSYRrHvd6jcdmDKgXF4X' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f46031435be3c
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220048-HHN, cache-fra-eddf8230128-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f46031435be3c-ee5f5553b5964e2e-01
x-timer: S1680947406.167111,VS0,VE257
etag: W/"1b3-P4zkME7oP0hMVJdGPN56Ez9WgKQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 188ms
168ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 08 Apr 2023 09:50:06 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f460314f5ad56
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f460314f5ad56-e3240a680d139888-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-hhn-etou8220056-HHN, cache-fra-eddf8230084-FRA
x-timer: S1680947406.997181,VS0,VE161

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 3D0A 59 KB
20 KB 8ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 562759
x-cache: HIT
paypal-debug-id: a0af0219d37e6
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000a0af0219d37e6-ca072def60e7f7b8-01
etag: "63d97a76-ecbf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 09:50:05 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 185ms
185ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:06 GMT
x-stripe-server-envoy-start-time-us: 1680947406099123
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947406098628
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 194ms
193ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:06 GMT
x-stripe-server-envoy-start-time-us: 1680947406102037
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680947406101616
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 184ms
180ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:06 GMT
x-stripe-server-envoy-start-time-us: 1680947406114146
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680947406113901
access-control-allow-credentials: true
content-length: 0

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 3D0A 125 B
896 B 296ms
296ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDF) /

Resource Hash

2295bd2b5a9e373bfecb0f3e6d58184ee719fd73cdf3ddf36e0e2ce4363c1006

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 5552da692916
server: ECAcc (frc/4CDF)
traceparent: 00-000000000000000000005552da692916-e9b0108ad88fbd82-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: 5552da692916
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
server-timing: traceparent;desc="00-000000000000000000005552da692916-e5a438ef29687e4c-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 3D0A 0
179 B 179ms
178ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 09:50:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: f031858a7f465
server: ECAcc (frc/4C8D)
traceparent: 00-0000000000000000000f031858a7f465-f37ad416665c2571-01
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: f031858a7f465
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: traceparent;desc="00-0000000000000000000f031858a7f465-42464a39699416e5-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 3D0A 0
502 B 230ms
179ms Image
text/plain 2a04:4e42:200::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=20ba26b0f51db2368af7e0e6780efac9&s=BRAINTREE_SIGNIN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 8e17a24669233
server-timing: "traceparent;desc="00-00000000000000000008e17a24669233-8a6f4d81b376125c-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-hhn-etou8220024-HHN, cache-fra-eddf8230057-FRA
correlation-id: 8e17a24669233
traceparent: 00-00000000000000000008e17a24669233-bbcd0d5e1e5683ef-01
x-timer: S1680947406.087621,VS0,VE165
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

OPTIONS
H/1.1 200 hte
pt.howtogettheguy.com/v1/lst/ Frame 0
0 92ms
92ms Preflight 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.howtogettheguy.com/v1/lst/hte
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-62-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: POST
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Apr 2023 09:50:06 GMT
Front-End-Https: off
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200 hte Show response
pt.howtogettheguy.com/v1/lst/ 0
392 B 100ms
100ms XHR
text/plain 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.howtogettheguy.com/v1/lst/hte
Requested by: Host: pt.howtogettheguy.com
URL: https://pt.howtogettheguy.com/v1/lst/universal-script?ph=348372b7bbaa44705954ca9fe3318d372002b6cd6d88312c22d5b7d215ce54cc&tag=!clicked
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-62-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Session-ID: HB-ET_bcee77fd12a6c9fd9b4555ea60e47b171015caa94888e1a398239d3ebd128943
Product-ID: 182863
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
Access-Control-Allow-Headers: *

Response headers

Date: Sat, 08 Apr 2023 09:50:06 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://members.howtogettheguy.com
Access-Control-Expose-Headers: Session-ID
Front-End-Https: off
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 61F9 259 KB
73 KB 20ms
20ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons&vault=true&intent=tokenize&client-id=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=white&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.362&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmdmF1bHQ9dHJ1ZSZpbnRlbnQ9dG9rZW5pemUmY2xpZW50LWlkPUFXbHBtaEk3YTZjQUNpNWtDU3RsRWc1NHhPc3Z6eWhMUUx2a095aVFyTVpvVmpkUi1VWjF5XzNBR1JDTmRsXzVRdWRKZ0NWZWMxeHJZTW9FIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZnljcnhybGJ4cWNsZmRiaXNna3VzaHZvbXdlamh3In19&clientID=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&sdkCorrelationID=f62620033788c&storageID=uid_c9b788a35b_mdk6nta6mdu&sessionID=uid_df8e99d7e3_mdk6nta6mdu&buttonSessionID=uid_4dff6c95e3_mdk6nta6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c187b79fea1d2ee50364d603fb2897e4192d555c19ffdda7d47c7b7a0730e1e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=white&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.362&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmdmF1bHQ9dHJ1ZSZpbnRlbnQ9dG9rZW5pemUmY2xpZW50LWlkPUFXbHBtaEk3YTZjQUNpNWtDU3RsRWc1NHhPc3Z6eWhMUUx2a095aVFyTVpvVmpkUi1VWjF5XzNBR1JDTmRsXzVRdWRKZ0NWZWMxeHJZTW9FIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZnljcnhybGJ4cWNsZmRiaXNna3VzaHZvbXdlamh3In19&clientID=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&sdkCorrelationID=f62620033788c&storageID=uid_c9b788a35b_mdk6nta6mdu&sessionID=uid_df8e99d7e3_mdk6nta6mdu&buttonSessionID=uid_4dff6c95e3_mdk6nta6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s7I/8VgL0YxLXfDFrG5Vn0iyL6uxs6gNp+kz10jvS6YHQECB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 09:50:06 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 7851
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f927571500261
server-timing: "traceparent;desc="00-0000000000000000000f927571500261-f9c5a3e49ad300a2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 74001
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220028-HHN, cache-fra-eddf8230128-FRA
traceparent: 00-0000000000000000000f927571500261-bd9e4aac310f17a1-01
x-timer: S1680947406.241548,VS0,VE1
etag: W/"12111-H5mYoJv1PhfWIlSjiCrTNWiPzUU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1, 2

GET
DATA 200
OK truncated
/ Frame 61F9 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 61F9 59 KB
20 KB 9ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 562760
x-cache: HIT
paypal-debug-id: a0af0219d37e6
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000a0af0219d37e6-ca072def60e7f7b8-01
etag: "63d97a76-ecbf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 09:50:06 GMT

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame D1F9 160 B
1 KB 163ms
162ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 81276c17b3de3
date: Sat, 08 Apr 2023 09:50:06 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 81276c17b3de3
server: ECAcc (frc/4CCC)
server-timing: traceparent;desc="00-000000000000000000081276c17b3de3-34dbe5f9ff92c7ff-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000081276c17b3de3-0e4b7b9a50542094-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 7FA8
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS

42 B
299 B

104ms
39ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=white&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.362&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmdmF1bHQ9dHJ1ZSZpbnRlbnQ9dG9rZW5pemUmY2xpZW50LWlkPUFXbHBtaEk3YTZjQUNpNWtDU3RsRWc1NHhPc3Z6eWhMUUx2a095aVFyTVpvVmpkUi1VWjF5XzNBR1JDTmRsXzVRdWRKZ0NWZWMxeHJZTW9FIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZnljcnhybGJ4cWNsZmRiaXNna3VzaHZvbXdlamh3In19&clientID=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&sdkCorrelationID=f62620033788c&storageID=uid_c9b788a35b_mdk6nta6mdu&sessionID=uid_df8e99d7e3_mdk6nta6mdu&buttonSessionID=uid_4dff6c95e3_mdk6nta6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 09:50:07 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS
Date: Sat, 08 Apr 2023 09:50:06 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 61F9 1018 B
2 KB 249ms
248ms Ping
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e82c0460368170ae5b8ba9c35f5b2f2f8f15ad6b44e741a80cfd6108290b8b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=white&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.362&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmdmF1bHQ9dHJ1ZSZpbnRlbnQ9dG9rZW5pemUmY2xpZW50LWlkPUFXbHBtaEk3YTZjQUNpNWtDU3RsRWc1NHhPc3Z6eWhMUUx2a095aVFyTVpvVmpkUi1VWjF5XzNBR1JDTmRsXzVRdWRKZ0NWZWMxeHJZTW9FIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZnljcnhybGJ4cWNsZmRiaXNna3VzaHZvbXdlamh3In19&clientID=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&sdkCorrelationID=f62620033788c&storageID=uid_c9b788a35b_mdk6nta6mdu&sessionID=uid_df8e99d7e3_mdk6nta6mdu&buttonSessionID=uid_4dff6c95e3_mdk6nta6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 09:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f916097da6e17
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220068-HHN, cache-fra-eddf8230128-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f916097da6e17-40387fa9d6ac017b-01
x-timer: S1680947407.948063,VS0,VE235
etag: W/"3fa-iETq8ykjzGIAuv6lh2UG6dHuxuo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame D1F9 59 KB
20 KB 11ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 562761
x-cache: HIT
paypal-debug-id: a0af0219d37e6
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000a0af0219d37e6-ca072def60e7f7b8-01
etag: "63d97a76-ecbf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Apr 2023 09:50:07 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame D1F9 125 B
613 B 199ms
198ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD8) /

Resource Hash

2295bd2b5a9e373bfecb0f3e6d58184ee719fd73cdf3ddf36e0e2ce4363c1006

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: d947d482d2153
server: ECAcc (frc/4CD8)
traceparent: 00-0000000000000000000d947d482d2153-fd47bc20be2a6a3d-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: d947d482d2153
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
server-timing: traceparent;desc="00-0000000000000000000d947d482d2153-32dadcecaad3a12d-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame D1F9 0
243 B 202ms
201ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 09:50:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: a9ed4ba43e542
server: ECAcc (frc/4C8D)
traceparent: 00-0000000000000000000a9ed4ba43e542-7a09962dde670836-01
access-control-allow-origin: https://www.paypal.com
paypal-debug-id: a9ed4ba43e542
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: traceparent;desc="00-0000000000000000000a9ed4ba43e542-fde7109a449361a5-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame D1F9 0
276 B 188ms
187ms Image
text/plain 2a04:4e42:200::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_df8e99d7e3_mdk6nta6mdu&s=SMART_PAYMENT_BUTTONS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:50:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: baea2adc274c9
server-timing: "traceparent;desc="00-0000000000000000000baea2adc274c9-9ab177c280d049e4-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-hhn-etou8220079-HHN, cache-fra-eddf8230057-FRA
correlation-id: baea2adc274c9
traceparent: 00-0000000000000000000baea2adc274c9-2b275a6ec90d5aac-01
x-timer: S1680947407.102438,VS0,VE177
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 61F9 1016 B
2 KB 235ms
235ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e814a3b549190e3db517e3fe7070d00f44d9a96cb691891b6dfe2e052f201201

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=white&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.362&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmdmF1bHQ9dHJ1ZSZpbnRlbnQ9dG9rZW5pemUmY2xpZW50LWlkPUFXbHBtaEk3YTZjQUNpNWtDU3RsRWc1NHhPc3Z6eWhMUUx2a095aVFyTVpvVmpkUi1VWjF5XzNBR1JDTmRsXzVRdWRKZ0NWZWMxeHJZTW9FIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZnljcnhybGJ4cWNsZmRiaXNna3VzaHZvbXdlamh3In19&clientID=AWlpmhI7a6cACi5kCStlEg54xOsvzyhLQLvkOyiQrMZoVjdR-UZ1y_3AGRCNdl_5QudJgCVec1xrYMoE&sdkCorrelationID=f62620033788c&storageID=uid_c9b788a35b_mdk6nta6mdu&sessionID=uid_df8e99d7e3_mdk6nta6mdu&buttonSessionID=uid_4dff6c95e3_mdk6nta6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Sat, 08 Apr 2023 09:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f916097394ebf
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220033-HHN, cache-fra-eddf8230128-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f916097394ebf-46a42f488a62e1ad-01
x-timer: S1680947407.151571,VS0,VE221
etag: W/"3f8-urejza+YP18JrRDQQRWXhXUKDxU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2068 0
273 B 433ms
432ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 08 Apr 2023 09:50:07 GMT
x-stripe-server-envoy-start-time-us: 1680947407319041
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680947407318492
access-control-allow-credentials: true
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1539936020&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&ul=en-us&de=UTF-8&dt=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page-scroll&ea=25%25&el=%2Fcheckout%2F&_u=aHDAiEABRAAAAEAAI~&jid=&gjid=&cid=2100281159.1680947405&tid=UA-35652933-1&_gid=751107205.1680947405&gtm=45He3430n71M8SBJ4&cd2=2100281159.1680947405&cd15=20230408&cd16=exponea%20%2F%20email&cd17=S3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...&cd18=(not%20set)&cd19=(not%20set)&cd20=%2Fcheckout%2F&z=70839038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 10:31:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83934
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1539936020&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmembers.howtogettheguy.com%2Fcheckout%2F%3Frid%3DpuShRJ%26id%3D2162aececa558334%26campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26product%3Datc%26token%3D%26confirmpurchase%3D1%26recommended%3D1%26xnpe_tifc%3Dh.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8%26utm_source%3Dexponea%26utm_campaign%3DS3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...%26utm_medium%3Demail%26he%3Dverdacht%2540safeonweb.be%26el%3Demail&ul=en-us&de=UTF-8&dt=Secure%20Checkout%20-%20Matthew%20Hussey%20Members%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page-scroll&ea=50%25&el=%2Fcheckout%2F&_u=aHDAiEABRAAAAEAAI~&jid=&gjid=&cid=2100281159.1680947405&tid=UA-35652933-1&_gid=751107205.1680947405&gtm=45He3430n71M8SBJ4&cd2=2100281159.1680947405&cd15=20230408&cd16=exponea%20%2F%20email&cd17=S3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...&cd18=(not%20set)&cd19=(not%20set)&cd20=%2Fcheckout%2F&z=1509957267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 10:31:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83934
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1019 B
2 KB 209ms
209ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81254243de951f71b3efe68b08b74bcd39fa3da2934560f1385f082bb372ca2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://members.howtogettheguy.com/checkout/?rid=puShRJ&id=2162aececa558334&campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&product=atc&token=&confirmpurchase=1&recommended=1&xnpe_tifc=h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8&utm_source=exponea&utm_campaign=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...&utm_medium=email&he=verdacht%40safeonweb.be&el=email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Sat, 08 Apr 2023 09:50:07 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f91609764d71f
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220043-HHN, cache-fra-eddf8230084-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f91609764d71f-ce2cde908fccbdc2-01
x-timer: S1680947407.471341,VS0,VE200
etag: W/"3fb-UEfa702kIhXkc67tN6S3gSmlu0k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://members.howtogettheguy.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 200ms
200ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://members.howtogettheguy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://members.howtogettheguy.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 08 Apr 2023 09:50:07 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f9160979bd77c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9160979bd77c-619ceaf2de0ab0ae-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220047-HHN, cache-fra-eddf8230084-FRA
x-timer: S1680947407.270673,VS0,VE191

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/ui-shared-e3e69ba2874f7013081996d5a9b6d236.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b6219261553f53937530555bf8cab132.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/ui-shared-e3e69ba2874f7013081996d5a9b6d236.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pt.howtogettheguy.com/v1/lst	1970-01-20 20:31:47	Name: __mh_tt_s Value: HB-ET_bcee77fd12a6c9fd9b4555ea60e47b171015caa94888e1a398239d3ebd128943
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_rid Value: puShRJ
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_id Value: 2162aececa558334
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_campaign Value: S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%5C%27m%20not%20giving%20up%20on%20you...
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_product Value: atc
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_confirmpurchase Value: 1
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_recommended Value: 1
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_xnpe_tifc Value: h.bXh.VdxI174.ELx.1XxjpZhfEWVjQsVuU_O9hsVuQLbdLlny4LhuUva9EsbN8NhMXDxubpxfeNx.YJxue.x.H8
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_utm_source Value: exponea
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_utm_campaign Value: S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%5C%27m%20not%20giving%20up%20on%20you...
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_utm_medium Value: email
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_he Value: verdacht%40safeonweb.be
members.howtogettheguy.com/	1970-01-20 11:38:59	Name: mm_cookie_el Value: email
.members.howtogettheguy.com/	1970-01-20 19:42:49	Name: _vwo_uuid_v2 Value: D3E17A546836E4EB4160400CB024FE3A9\|53c73eee1e4ed523becb478c03f8a1ae
.howtogettheguy.com/	1970-01-20 13:05:23	Name: _gcl_au Value: 1.1.1510503213.1680947405
.howtogettheguy.com/	1970-01-20 20:31:47	Name: initialTrafficSource Value: utmcsr=exponea\|utmcmd=email\|utmccn=S3%3A%20ATC%20Hotlist%20%7C%20Email%20%232%20%7C%20I%27m%20not%20giving%20up%20on%20you...
.howtogettheguy.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
members.howtogettheguy.com/	1970-01-20 15:14:59	Name: ds_utm Value: dXRtX3NvdXJjZT1leHBvbmVhJnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPVMzJTNBJTIwQVRDJTIwSG90bGlzdCUyMCU3QyUyMEVtYWlsJTIwJTIzMiUyMCU3QyUyMEklMjdtJTIwbm90JTIwZ2l2aW5nJTIwdXAlMjBvbiUyMHlvdS4uLiZ1dG1fY29udGVudD0vY2hlY2tvdXQvJnV0bV9kYXRlPTIwMjMwNDA4JnV0bV9tb250aD0wNA==
.google.com/	1970-01-20 15:19:18	Name: NID Value: 511=duzdkLH3sHIEnGmFkwt3a7GJtEi_CsjS9YOt5GSmFqZuz-ADyKxIMZX28lsjA2ccBe2a02_oMjd3NPvXypa-LHciXtsQxxN0GmE4MvESzAv7hhIefHBEL0NooXjbip6Wd2AA4at9FJc0ykUoj1eCfgvnEXMm7PPUbrvbpy6kXKQ
.howtogettheguy.com/	1970-01-20 13:19:47	Name: _vis_opt_s Value: 1%7C
.howtogettheguy.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.howtogettheguy.com/	1970-01-20 20:31:47	Name: _vwo_uuid Value: D3E17A546836E4EB4160400CB024FE3A9
.howtogettheguy.com/	1970-01-20 10:55:49	Name: _vwo_sn Value: 0%3A1
.howtogettheguy.com/	1970-01-20 19:41:23	Name: _hjSessionUser_349382 Value: eyJpZCI6IjY1MGI0OTI2LWNhNzktNWNmYS04N2IwLTUzYjFmZWI3ZDIzOCIsImNyZWF0ZWQiOjE2ODA5NDc0MDUwMTQsImV4aXN0aW5nIjpmYWxzZX0=
.howtogettheguy.com/	1970-01-20 10:55:49	Name: _hjFirstSeen Value: 1
.howtogettheguy.com/	1970-01-20 10:55:47	Name: _hjIncludedInSessionSample_349382 Value: 0
.howtogettheguy.com/	1970-01-20 10:55:49	Name: _hjSession_349382 Value: eyJpZCI6ImQyYjJjNmI5LTlkMTEtNGMxNS1iOTExLTc3YzYwM2ZjMTM0ZiIsImNyZWF0ZWQiOjE2ODA5NDc0MDUwMjIsImluU2FtcGxlIjpmYWxzZX0=
.howtogettheguy.com/	1970-01-20 10:55:49	Name: _hjAbsoluteSessionInProgress Value: 0
.howtogettheguy.com/	1970-01-20 10:57:13	Name: _gid Value: GA1.2.751107205.1680947405
.howtogettheguy.com/	1970-01-20 10:55:47	Name: _dc_gtm_UA-35652933-1 Value: 1
.howtogettheguy.com/	1970-01-20 20:31:47	Name: _ga_MRXEY45LL7 Value: GS1.1.1680947405.1.0.1680947405.0.0.0
.howtogettheguy.com/	1970-01-20 13:05:23	Name: _fbp Value: fb.1.1680947405085.1794497946
members.howtogettheguy.com/	1970-01-20 20:31:47	Name: _omappvp Value: B9ofGZdcbTaITmZcZRskTA64JCrftQIa1urtcconA4Ws9Wkeq0vAO1t8bPY8oa2hYVqaod31OotehXnqR44FyqqP0vKWOh5c
members.howtogettheguy.com/	1970-01-20 10:55:48	Name: _omappvs Value: 1680947405103
.doubleclick.net/	1970-01-20 10:55:48	Name: test_cookie Value: CheckForPermission
.howtogettheguy.com/	1970-01-20 13:05:23	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241680947404%3A51.33876102%3A%3A%3A35_0%2C6_0%2C2_0%3A1
.howtogettheguy.com/	1970-01-20 10:57:13	Name: _uetsid Value: bd456a60d5f211ed92091167fb3b0349
.howtogettheguy.com/	1970-01-20 20:17:23	Name: _uetvid Value: bd45c950d5f211edad3eb16b2b05f412
.bing.com/	1970-01-20 20:17:23	Name: MUID Value: 0FE2888E60DB6C6222269A6361506DEF
api.exponea.com/	1970-01-20 20:31:47	Name: xnpe_1ac239aa-95c2-11ea-80c9-d2ae0b12c430 Value: 7b2c04a4-2061-4a8e-ab6c-a7a2c2b377f2
members.howtogettheguy.com/	1970-01-20 20:31:47	Name: __attentive_id Value: a14713ef98ba4f7caae79f1915063467
members.howtogettheguy.com/	1970-01-20 20:31:47	Name: __attentive_cco Value: 1680947405461
members.howtogettheguy.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_source Value: exponea
members.howtogettheguy.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_campaign Value: S3%253A%2520ATC%2520Hotlist%2520%257C%2520Email%2520%25232%2520%257C%2520I%2527m%2520not%2520giving%2520up%2520on%2520you...
members.howtogettheguy.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_medium Value: email
.howtogettheguy.com/	1970-01-20 20:31:47	Name: __exponea_etc__ Value: 7b2c04a4-2061-4a8e-ab6c-a7a2c2b377f2
.howtogettheguy.com/	1970-01-20 10:55:51	Name: __exponea_time2__ Value: -0.07303953170776367
members.howtogettheguy.com/	1970-01-20 10:55:49	Name: __attentive_pv Value: 1
members.howtogettheguy.com/	1970-01-20 10:55:49	Name: __attentive_ss_referrer Value: ORGANIC
members.howtogettheguy.com/	1970-01-20 10:57:13	Name: __attentive_dv Value: 1
m.stripe.com/	1970-01-20 20:31:47	Name: m Value: fa180437-9472-4de6-83e0-8dd3cae07806443604
.members.howtogettheguy.com/	1970-01-20 19:41:23	Name: __stripe_mid Value: 05145812-c1d4-478e-8f97-2f967fbaa750d587e0
.members.howtogettheguy.com/	1970-01-20 10:55:49	Name: __stripe_sid Value: c4a2f6ad-be76-48bd-b376-aeb3879a9408cfb722
.c.paypal.com/	1970-01-20 20:31:47	Name: sc_f Value: 8ynv_I41Fe3faYY2HeV1FT--7aMaOdebv_bitf1mdJpzDQmBMHZzhxUdDjwl7NcgD9kr442NcD89yhwP_zjH-i5Urb6H_61Ehib8Fm
.paypal.com/	1970-01-20 20:31:47	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: NSaVBr_c6m8tQ8v2dERRHhrqxiPibvdLFSL-sUuqzo9WxGyXbLyq5ddYbo6fNZHrFYlQrxUoZnZfATp9
.paypal.com/	1970-01-20 19:41:23	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 10:56:18	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AQcPs254OTZ8yvopeuQ4nLmvYojpnzEsb.onkF%2BR1doGve%2BaFDGY8c5X0CPZd6y1Qg7Jk%2Fk8%2FSxzc
.paypal.com/	1970-01-20 10:55:49	Name: l7_az Value: dcg13.slc
.paypalobjects.com/	1970-01-20 10:57:13	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 11:00:06	Name: tsrce Value: loggernodeweb
.howtogettheguy.com/	1970-01-20 20:31:47	Name: _ga Value: GA1.2.2100281159.1680947405
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MDk0NzQwNzI3OSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 20:31:47	Name: ts Value: vreXpYrS%3D1775641807%26vteXpYrS%3D1680949207%26vr%3D6045e9891870a1d61a54db4ff8acfb3f%26vt%3D6045e9891870a1d61a54db4ff8acfb3e%26vtyp%3Dnew
.paypal.com/	1970-01-20 20:31:47	Name: ts_c Value: vr%3D6045e9891870a1d61a54db4ff8acfb3f%26vt%3D6045e9891870a1d61a54db4ff8acfb3e

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://members.howtogettheguy.com/wp-json/wp/v2/ Message: Failed to load resource: the server responded with a status of 401 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
api.exponea.com
api.omappapi.com
b.stats.paypal.com
bat.bing.com
c.paypal.com
c6.paypal.com
cdn.attn.tv
cdn.exponea.com
checkout.paypal.com
client-analytics.braintreegateway.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
dub.stats.paypal.com
exp-framework.exponea.com
gettheguy.attn.tv
googleads.g.doubleclick.net
js.braintreegateway.com
js.stripe.com
m.stripe.com
m.stripe.network
members.howtogettheguy.com
merchant-ui-api.stripe.com
pay.google.com
payments.braintree-api.com
play.google.com
pt.howtogettheguy.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
t.paypal.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
js.stripe.com
q.stripe.com
142.250.185.162
151.101.1.21
151.101.128.176
151.101.65.195
151.101.66.133
172.64.150.25
18.64.141.68
18.66.112.92
192.229.221.25
2001:4860:4802:34::36
2400:52e0:1e00::1054:1
2600:9000:21f3:2c00:1c:9484:cec0:93a1
2620:1ec:c11::200
2a00:1450:4001:810::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::5c
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::291
3.66.196.123
34.95.115.244
34.96.102.137
35.161.191.188
35.244.143.131
52.205.62.94
52.215.231.162
52.222.236.43
52.222.236.62
52.222.236.99
54.186.23.98
64.4.245.84
76.223.13.31
0103cbab85d8ec8b3118f6bc13de01c54f71a571f410ef195553c2bba0903183
03273f38bfa675ffc5f3f645bc323e6ee709143fadc918ab414bae86d0491bb3
05ed1a5e93aded205e577253a3594ea40a170d900581af2f7514a18b5239a59e
090fb3ae70bbbe8582ef9f2537158ccc26b3c27fe49a9a15910c4c5dc03e2465
0983ba0b797523e70cfe2e7f58ebeb84a667febfeaebb8445d2d1c44d9c2225d
0b5f60f812c72089312d5a443a3b9165bf3c5f15db67cbd09946a5bcff7f3c58
0c52172011ba565ee2f7be9bb7e30237b1ff85a551dcc73f6cfecc6b4cd7088f
0e9a079ff86fa5537a25c27a532a48b6d32c28c49c24fd4569ab8faefec38f86
103305a86af314d1471f09da5b957049df33e5c0ed38b2189c4be671375fd592
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
113659535c99dfe8f52a8e20bbaad01f1163f3a4abf9f6445eed5cb679aa3b9a
1157ba26d58dca281060a1a36464f280b1baed8c46cab588f6a4a939efa93a16
140804b36b3276dae75fc0550e12240a9a1aef95a5a87d5e867b313544a81cea
19b291d442e5f286be93935f098830493828dc47f79a5ab6b4d1a92544cd2cf1
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e
1c46161b49891c827a4857b271e72a58d057c954bbbc47456c2e07e6a50141d4
214ec09445bc537d1b141dc0106a5ecfc7df923b56bc92bca4bdca07cdd726ee
2295bd2b5a9e373bfecb0f3e6d58184ee719fd73cdf3ddf36e0e2ce4363c1006
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2721e452dc9a576227540fab20f6056949dbcd993fa06678d607c51a7e36fc79
274499be2ea5c6155ce6432349af30756f4d9132eff51692dc2551cf5d69846c
294dbc10d8f040313420c7c8a7432b7ef3f92ecce09599e2aa2645030cdfcbba
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
2f12115b1b0d7ef197f049ff2c6a603ba001d2824fa4ae9235b40d0240f41f5e
31eb3999600578c84baa63b6e44051825dbea7f0086e493f09d698b95df56201
3404312ea7f6f3e2ed5e81a12d6105853d3eff96dbd86d2922d1c9ed9fb22cb8
3ef683acf1e3f47955d71ad0c5ffa90fa174006dbc51cef40fea0331438655c1
4273f92c39603d90a2ed270015595fe17038f8a7a33d4c0aacf7bb5b34fc316c
444b70a04f7c645970da2c52362328babb37a8147b6a45c589159af5334cc686
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49315cdf4494665a0068469a4715c7e93cdd0af639cf555398966a53625abf06
4bc45d3eaf7a786f271faaf7fc5ea1fb9f3d0a697dc99662ec061e8974665c32
4c8eb1a259ee7027fe7ad9353b6093163e75d7ead8f2d3ecaeebf343864f536c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52cc6d19f28b2c81aac89d8dd043c75f8807c80341de487561d669e717830ca3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
599966ca2f410d4fb4ccab5ad26894ebe3d4ac97d3d625f3d7d338660e2f7c62
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5c0445574ee66a2bbbf9060cc6ab275137c061863cccfa2977f7f03f8595ef60
605ccc895cf299566c149ab2390225100d52c2ac84f6669345bfa17a81a921bb
61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c
63bdf2ad76189aac9f7e6f076b39d76489c946a7eb86965675fe50c6e2e086c8
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
65b9b932dd95ef6196e2422ef7749dd106724799f18daada01b44cc26e024a39
65d4b53b73347324f9316aa5f05d7d1815ac1d70d713fd8e42945841582c5065
669cbd01b4b82b98922d92211a048faba79aabcf0f15c79901a8a2ccaf096df7
66de4b8fd89f0a933ff06146cd26b8ba3659bc1de31783c5c3688b85c3c68cd5
68429fc0a76f1caf9a860427783ba16316972943bfbb8948ea9fad3140443767
69c7e223d6730cb3400ce8a4cc3984017e157d5301cfdc387294e0896211a9d4
69cd775430c1b38cb65732ee23d64f0aa4b1362a9e47652aad6bdbcb57b8886d
6a2acf2b7668877b993359250516a140580593b5be7472fab0e7c9b7b85df19d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ee5f34800698076e3cc15bc0cc54edbcd45503a9fb1b7b1c257247891f3dbbb
6f503d4d1a96ceff0ebb9825c1b87df3779d03b7340523df5177fd6658ffb953
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
726ceb0a99978a0b08971e399e3ee920212e862c8766a45ca839e5d3f021d153
741a8f17b9367aeede098de62279e908b841afab7107725ed4d969a8b30a0386
75104ad76c2187be458542d13ef8b443772d09991ecb836baa83f2063152887d
7ad7a0af032b76b1a5dda7242a734953358ae437b5733d028e29c2e0e84a9b69
7e61e68e6059763f9dd7255687091b8c9ec14c87919eba0e447e41304846952f
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
81254243de951f71b3efe68b08b74bcd39fa3da2934560f1385f082bb372ca2f
817c04ace0f509746bbd8a078235959bcc4598212448c72853b9917331da790f
81d118920bd7b1751bf6f813965ed2590276f1f1b7b2e599dba0c6ab8fa70d56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86ec0edacac468fd04dfa47d9bd6fa7f93ea395b6b1d4444ef907864a14f3414
8873f8f2239b8c5127bc0e018c01a2d44f2ddb97779b4c8d09578e7972ed72e7
8a0ee74923b0f6529369fce58129061a66c9ff31f8f96e50d3dfb73708959561
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7
8ca31d7cfa92f6e83d7e58808b15351a940e1760252bf34a938b1ee89a146f87
8ff4ad73b319aa8682588d967ae2321e82085e034d2b1b59e9559df903752b14
922bc27a9ad35ad4cad93425275dec76979116f8e863124c61e00e1dfe0b0fca
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
935c4f61d84cafa1bad8596c3bd49d247794de003b2784ae36821df4c95a7de8
947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591
97053f3ac692e9219b08bb8c326260d324aa51d2a9a816ed6fd260092607e20c
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
9a5327bea00c524c91cc091ecdac66359f843fd90a7705c0f159fa49a62c3bb7
9f8620e32b245ad169caff293ec033d87968c05ea40d19382b65d1c6641ece04
a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43
a1f431d9c27ed24f2d383ab78407ebe7008c4791f06fb6650f0b2f48c3c71f0e
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8c9134fde6e4c752e821f3ab736e398a6f6bd41300ea41da997db22a8ccd4de
a9403f7b8a6fc7007168928433acf8ef35a3a5391169498e500d2981b4129f80
ac2b3f2bd81288e6fe88f240c7ce401af47a9b1986b9f678d7d4291c2057f25f
acef2b8282fd5aa3586f052fe852124b8ba7174d8ab4c310456af33e65d72b74
aea7bf45305fc9dd421863051cae416162e5ad473560f72f39e12d0fa097d691
af0ab7937dac49a4f43085c759c5408d7fa521dcc095495ae1399327a3dc5680
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b23dc12557153d518538d7b2f011ded0be477c1b18ba014e811530bf25650daf
b46669d8fef28d74cbf44bd36ab2a9a5b89dd5de3b8d6f7f06ffbd307713ea7f
b71d2c55535499a27d7ba6a8c0d95fc10f973e5d97942306aeed272c90cd5306
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b99993143ef5c98b746267c0a19fd2c2f4a6d64af3e1dae82a87573c4b9b1572
bb4e478c8d7aed77088ddf3a8777d6a7cded9ee936a92a3467f5dfa0e5716171
bbfd2d6116c212e508161da9eca0ab6d58150cb654847305af2376eacde3d0e8
c187b79fea1d2ee50364d603fb2897e4192d555c19ffdda7d47c7b7a0730e1e7
c46bd70559c0fe5398b80e45ef1eb05e3d69b5d6382a9108a8739558c9d6786f
cd5730856794ecb3ef70532da9a9e6e2cc0448f117a0063b54c4be17826dcfb5
d0542f4063bcf356500ce98586fadb1fb0db44acbb39e797deec62b26db60759
d13459b093b67ec56ebf92d40118dc7544f032880030f28b0e914ae129ba595b
d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dbdb4b9eed433296fa9a0ece0fc619d83635f8c0e098b0669fd15da1c6f1e175
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
df19e66d06bee5aaa262e321f186298d1f8aa4c665e7d175d7938e72ab3e3fdd
df1e768aef89259992eddd9c38ebae25445a8bff7df6231cd44da46737f64791
e266cf094e49221cb485fa10259ec005bd96b2a97b94834105a4e9f753366c37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e814a3b549190e3db517e3fe7070d00f44d9a96cb691891b6dfe2e052f201201
e82c0460368170ae5b8ba9c35f5b2f2f8f15ad6b44e741a80cfd6108290b8b49
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e92c8266af95655490cb8a2f529bd1c7012dc21150d69a6cee7f60fb3a7671e3
ec5a356e497e4d363a8a744dda573d59dd48dc6aecedaf84b967bff8c1e8a55d
ed6a7c7c15db91f2b6ffbaec4ccb7be48bd7853833e3e3e642ccf701fa90f3de
ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef51cee56d3dde41e94db0c99f36260c49143a2c05e85bcfed40e3a8f0edc1fe
f208ac9f10b246df43f7483cac60e1b888dbf42994ebc54a908c741fd8aae403
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f3033ffa1590435c23fc767af273f495a6b029147ff84a276deb42a9928ba8ed
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4ebaa46cb7fd434b788ac85a1164d3c4bdcf992706fe83de8821a35015e2a6e
f75bc86d88383524670f53b25ca32eaf7faa893dc56f44aa490e013eede57ffd
f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2
f911ce416167ea52a7e889bc3e5b3ac91970772765f3b9e819a9c85e84f07d2e
faba26697b88a881b7c50dec4a94987b60335adf659920e23fedbfbe82e26177
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd4946a796c80f1e0200daa3d4a9989be16087a601409812890fb24ff911a96c
fe37c828474deb4d61e63f78c54f24d3fdaf50cf6b9bd9e30e9539c3a66db0d6

members.howtogettheguy.com Open in urlscan Pro 52.222.236.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

292 Requests

94 %HTTPS

41 %IPv6

22 Domains

43 Subdomains

36 IPs

5 Countries

3653 kBTransfer

11848 kBSize

65 Cookies

3 Outgoing links

Page URL History

Redirected requests

292 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

members.howtogettheguy.com Open in urlscan Pro
52.222.236.62 Public Scan

Screenshot
Live screenshot

Full Image

292
Requests

94 %
HTTPS

41 %
IPv6

22
Domains

43
Subdomains

36
IPs

5
Countries

3653 kB
Transfer

11848 kB
Size

65
Cookies

292 HTTP transactions
1 data transactions