urlscan.io logo urlscan.io
SecurityTrails logo

checklist.realperformance.co Open in urlscan Pro
54.152.152.223  Public Scan

Go To Rescan Add Verdict Report
URL: https://checklist.realperformance.co/
Submission: On April 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 54.152.152.223, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is checklist.realperformance.co.
TLS certificate: Issued by R3 on April 9th 2024. Valid for: 3 months.
This is the only time checklist.realperformance.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.152.152.223 14618 (AMAZON-AES)
11 104.16.193.25 13335 (CLOUDFLAR...)
2 172.217.165.136 15169 (GOOGLE)
1 142.250.176.206 15169 (GOOGLE)
2 157.240.241.1 32934 (FACEBOOK)
1 157.240.14.35 32934 (FACEBOOK)
19 7
2    54.152.152.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-152-223.compute-1.amazonaws.com
checklist.realperformance.co
11    104.16.193.25 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.gumroad.com
2    172.217.165.136 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f8.1e100.net
www.googletagmanager.com
1    142.250.176.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f14.1e100.net
www.google-analytics.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
1    157.240.14.35 (Boca Raton, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-mia3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 gumroad.com
assets.gumroad.com — Cisco Umbrella Rank: 128603
881 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 248
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
140 KB
2 realperformance.co
checklist.realperformance.co
16 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 99
262 B
19 6
Domain Requested by
11 assets.gumroad.com checklist.realperformance.co
assets.gumroad.com
2 connect.facebook.net assets.gumroad.com
connect.facebook.net
2 www.googletagmanager.com assets.gumroad.com
www.googletagmanager.com
2 checklist.realperformance.co assets.gumroad.com
1 www.facebook.com connect.facebook.net
1 www.google-analytics.com www.googletagmanager.com
19 6

This site contains links to these domains. Also see Links.

Domain
9608819847243.gumroad.com
app.gumroad.com
Subject Issuer Validity Valid
checklist.realperformance.co
R3		 2024-04-09 -
2024-07-08		 3 months crt.sh
gumroad.com
E1		 2024-02-23 -
2024-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-17 -
2024-04-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://checklist.realperformance.co/
Frame ID: D21D7944F6EFCDACF9E2BD786D239BFB
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RE:AL Performance Check List

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1127 kB
Transfer

3702 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
checklist.realperformance.co/ 		11 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checklist.realperformance.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.152.152.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-152-223.compute-1.amazonaws.com
Software
openresty/1.19.9.1 /
Resource Hash
4b5ded266384848a933751b37141fd56b1d2fa02c07dc26cdbd5d3974dde0b61
Security Headers
Name Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com 'nonce-c/MXadUuUFy/Dzz6LwVMIKoZ17dzYv88jr6T8qjbahI=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Length
11489
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Apr 2024 11:45:11 GMT
Server
openresty/1.19.9.1
cache-control
max-age=0, private, must-revalidate
content-security-policy
default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com 'nonce-c/MXadUuUFy/Dzz6LwVMIKoZ17dzYv88jr6T8qjbahI=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
etag
W/"4b5ded266384848a933751b37141fd56"
link
<https://assets.gumroad.com/packs/css/design-ee646cd8.css>; rel=preload; as=style; crossorigin=anonymous; nopush,<https://assets.gumroad.com/assets/application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js>; rel=preload; as=script; nopush,<https://assets.gumroad.com/assets/i18n/en-b8f18966391f17bf7d8e30561fc0f04e9c8fda9e5bde82d375ec19aacd0b9266.js>; rel=preload; as=script; nopush
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-gr
PROD
x-permitted-cross-domain-policies
none
x-request-id
5824482a-a59a-4fe3-95bb-dc6eeca8b472
x-revision
1e4c06af9b0a
x-runtime
0.046885
x-xss-protection
1; mode=block
design-ee646cd8.css
assets.gumroad.com/packs/css/ 		406 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/css/design-ee646cd8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e333adfe599d3623d7ab6b01c1d9aec4e36025759d3552d1ff4de5b00e3527

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
Origin
https://checklist.realperformance.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 9885d1197a8b710ed089e2f642919cc4.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
DFW56-P7
cf-polished
origSize=434435
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 08 Apr 2024 12:25:44 GMT
server
cloudflare
etag
W/"93cae81690e39d2e8ec589bc120ddc99"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
vary
Origin, Accept-Encoding
cf-ray
871a3fdd9d3e80e2-EWR
x-amz-cf-id
IYxq1H56n9dSOZsE4imy5CNqLLLDZoyTizbLvsts_dZKhSxXKv9pPQ==
expires
Wed, 09 Apr 2025 11:45:11 GMT
application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js
assets.gumroad.com/assets/ 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/assets/application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dce389757d0e9cebc13ab01e21a987b51032bf51535b2a11289eef11517c2bb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 8fc19d425c5af8e0ecc9f1d76fca1cf0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SFO53-P5
age
2314938
cf-polished
origSize=108231
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Tue, 14 Nov 2023 19:37:30 GMT
server
cloudflare
etag
W/"3a0bda30ac6db6c82afddd80c7aec986"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
871a3fdd9fc97cf4-EWR
x-amz-cf-id
mXVV7Jd172qeY78wxL5jZ_rJ-CBaNIASV2JWxIXuYokDsDvJExXJlQ==
expires
Wed, 09 Apr 2025 11:45:11 GMT
en-b8f18966391f17bf7d8e30561fc0f04e9c8fda9e5bde82d375ec19aacd0b9266.js
assets.gumroad.com/assets/i18n/ 		382 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/assets/i18n/en-b8f18966391f17bf7d8e30561fc0f04e9c8fda9e5bde82d375ec19aacd0b9266.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684c5262cf227e3ee489fbb0cb9f57223c6dcc52cbab400c5ebed22e6ac85a17

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 375c695e49c84df5ace39057e6134b40.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-P2
age
80852
cf-polished
origSize=390698
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 08 Apr 2024 10:50:14 GMT
server
cloudflare
etag
W/"b6db739e1b78b8670bb8016d79497be4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
871a3fdd9fcb7cf4-EWR
x-amz-cf-id
qUcx8AxtFOVtzx2yIa8WLCDNYldtdZVNJKtBmFR1DJfW7wQ0Fm6zOg==
expires
Wed, 09 Apr 2025 11:45:11 GMT
gumroad-default-avatar-5-623b6723477dd15920db554b0a4e9aac6a5e41159fd3d7bb4c9f9745a44e4f85.png
assets.gumroad.com/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.gumroad.com/assets/gumroad-default-avatar-5-623b6723477dd15920db554b0a4e9aac6a5e41159fd3d7bb4c9f9745a44e4f85.png
Requested by
Host: checklist.realperformance.co
URL: https://checklist.realperformance.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a81256fbfa1979ee1b93b072031b3e5e532d3ebf23b611f8ca38ce3ab503dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 98b030ba90f9fb8f8b176298ebb3ab78.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
HIO50-C2
age
396697
cf-polished
origFmt=png, origSize=2139
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-disposition
inline; filename="gumroad-default-avatar-5-623b6723477dd15920db554b0a4e9aac6a5e41159fd3d7bb4c9f9745a44e4f85.webp"
content-length
1648
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 Apr 2024 20:10:28 GMT
server
cloudflare
etag
"b96741809c9ca1c58b0bdf58c9cfaa78"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
871a3fdd9fcd7cf4-EWR
x-amz-cf-id
mLCP7G5nX3DAYsP79bUCHz75hch9Rq-dAPwhfSfeRdb2TYNEA-oDMg==
expires
Wed, 09 Apr 2025 11:45:11 GMT
webpack-runtime-37b69f4b1de0efe8b971.js
assets.gumroad.com/packs/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/webpack-runtime-37b69f4b1de0efe8b971.js
Requested by
Host: checklist.realperformance.co
URL: https://checklist.realperformance.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ce0248e76472a7fdb2cdb9a3810ad03aaa7917b65c5e38e68c3247f0a8952e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 d5d5fbb221d1e1e64574f5113ce6ed5c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
TLV50-C1
age
2305428
cf-polished
origSize=3272
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Wed, 21 Feb 2024 15:16:18 GMT
server
cloudflare
etag
W/"c94c50ff46a242ba684cfa0b8a37d07f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
871a3fdd9fcf7cf4-EWR
x-amz-cf-id
AOR2ecD1_qxWW99k_8Iv6_Ses_DxNVoQSeG2RPXByLsB2qdKYzHVxA==
expires
Wed, 09 Apr 2025 11:45:11 GMT
webpack-commons-0095344131c915fb29f8.js
assets.gumroad.com/packs/js/ 		2 MB
534 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/webpack-commons-0095344131c915fb29f8.js
Requested by
Host: checklist.realperformance.co
URL: https://checklist.realperformance.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97713e7f5600fe7bbbd35d5355176be6af936c86d2d1999d0abcd05e36bb122a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 7686ec44f6fa46e832c73ad9c040ca32.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SFO53-P5
age
524662
cf-polished
origSize=1920574
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Wed, 03 Apr 2024 09:45:35 GMT
server
cloudflare
etag
W/"9941e69754759abcd71b7920a2695ca9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
871a3fdd9fce7cf4-EWR
x-amz-cf-id
yepy5RjciQNjcTu9JEZ85CfLkZkhTus9m9nN7I_8H6kKmtHnsXfAxA==
expires
Wed, 09 Apr 2025 11:45:11 GMT
8839-9fb2e423fc8a426b6703.js
assets.gumroad.com/packs/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/8839-9fb2e423fc8a426b6703.js
Requested by
Host: checklist.realperformance.co
URL: https://checklist.realperformance.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aadef14cbea31dc0e4cbfe287e9fc752565384acb2d634295ba6455286bd95b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 9b3a0b2647b64bb06aa470977314bbb2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
TLV50-C1
age
489895
cf-polished
origSize=97744
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 25 Mar 2024 21:20:27 GMT
server
cloudflare
etag
W/"1cc4105ce012fdf17b26e6f91e362484"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
871a3fddafe37cf4-EWR
x-amz-cf-id
rN-j8KD3j6Td8clIMMG7SjuDeyzDXr0XKbTiQEvFTaPwX90gkA2sQg==
expires
Wed, 09 Apr 2025 11:45:11 GMT
product-7af8bda655d94f5409fa.js
assets.gumroad.com/packs/js/ 		30 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/product-7af8bda655d94f5409fa.js
Requested by
Host: checklist.realperformance.co
URL: https://checklist.realperformance.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4bc54b273c8cccdd02672a819962bddd7c63d8bf4e0de4ee6f569368101ca04

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 111ebfb08854e3536ddd29ae1254b43e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-P2
age
80849
cf-polished
origSize=31094
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 08 Apr 2024 10:53:17 GMT
server
cloudflare
etag
W/"10a0f8b6277b96afd00116244f4d4c08"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
871a3fddafe47cf4-EWR
x-amz-cf-id
-QnuUHLhKMCMFlpv33c5zBeYyzEZ6vjqx-8g13PkVImllz9YXxWejg==
expires
Wed, 09 Apr 2025 11:45:11 GMT
b47cbdb8030bef7eda53.png
assets.gumroad.com/packs/static/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.gumroad.com/packs/static/b47cbdb8030bef7eda53.png
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/css/design-ee646cd8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef3ea5bbf01d5f22e0284f19366a8049a81245a49b3d2ea64216a753ee3768b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://assets.gumroad.com/packs/css/design-ee646cd8.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 15db3cca810568aab246ba24fafd371a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
SFO53-P5
age
2319127
cf-polished
origFmt=png, origSize=38219
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline; filename="b47cbdb8030bef7eda53.webp"
content-length
26278
cf-bgj
imgq:85,h2pri
last-modified
Fri, 08 Mar 2024 17:11:34 GMT
server
cloudflare
etag
"a424b4f4e239c15b206426ec56fe7a32"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
871a3fde98ab7cf4-EWR
x-amz-cf-id
qpNNvf4r0xtsUNCgVueEDzwxkdvY0GUEOaQedbbilC-vXeEMyx4AIQ==
expires
Wed, 09 Apr 2025 11:45:11 GMT
truncated
/ 		188 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88d2b25d018bea214057258fad3da095770eba6d7c5989c0c4720a15b5b50082

Request headers

Referer
Origin
https://checklist.realperformance.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		821 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bee0ac8d947c2bfcc6020fbb13f6ff24fa07f4a2bfe530823b4ffa530ba5f85

Request headers

Referer
Origin
https://checklist.realperformance.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2065258c5093f1e788ba7c67392446216e7280565a620edafc1badb0e0a1d229

Request headers

Referer
Origin
https://checklist.realperformance.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
19db990205089207b039.woff2
assets.gumroad.com/packs/static/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/static/19db990205089207b039.woff2
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/css/design-ee646cd8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://assets.gumroad.com/packs/css/design-ee646cd8.css
Origin
https://checklist.realperformance.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
via
1.1 e861e558d87b6246c64ee7cc8919bbb8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
DFW56-P7
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
67176
last-modified
Tue, 09 Apr 2024 07:32:38 GMT
server
cloudflare
etag
"d64a48ba0b9752af91d3858d8a95d2ec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
vary
Origin, Accept-Encoding
accept-ranges
bytes
cf-ray
871a3fdeadea80e2-EWR
x-amz-cf-id
_gcL9dTviSNGwoU44TH4OFD35sfCZILIEefe-Jdh8miZxkocVObwLQ==
expires
Wed, 09 Apr 2025 11:45:11 GMT
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/js/webpack-commons-0095344131c915fb29f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
702f2bb5c90c6e688639a285e5d845d7824def604d00145e09e3000c0f26d4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47795
x-xss-protection
0
last-modified
Tue, 09 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Apr 2024 11:45:11 GMT
js
www.googletagmanager.com/gtag/ 		269 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6LJN6D94N6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
717be9859a11ddd8d5cba7cc54d2b010cd1fb3a2ecdb361ded474e4662f2126a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94714
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Apr 2024 11:45:11 GMT
collect
www.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6LJN6D94N6&gtm=45je4430v883148965za200&_p=1712663111679&gcd=13l3l3l3l1&npa=0&dma=0&cid=78331726.1712663112&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712663111&sct=1&seg=0&dl=https%3A%2F%2Fchecklist.realperformance.co%2F&dt=RE%3AAL%20Performance%20Check%20List&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.dimension1=Not%20logged%20in&tfd=813
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6LJN6D94N6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 09 Apr 2024 11:45:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checklist.realperformance.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/assets/application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
0e49c3dff1cd615da56cfab642a26ba31d4a6ef8043417eb946c13d2d0fd8743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 11:45:12 GMT
content-md5
2MTF5g3VhoxD2lgZmIgW4A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1684
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=14, mss=1380, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
lhUGx0vZsMpW4iNMAUiFArp2xlG4p5l6m/tvvKLGj5gPYbP4mfsFLrYdW4YSjuli3g4EMkD/JUhmCnBMQxNZmA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e68b9118757b6a516b7eb3a284361295
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"44590f948ab56f92591f899db138d60e"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 09 Apr 2024 11:54:11 GMT
increment_views
checklist.realperformance.co/links/egxke/ 		16 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checklist.realperformance.co/links/egxke/increment_views
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/assets/application-cbf244e9109e70d7b04497041636f00173a1e588f9b879b3a3ef11f8dfb86e5c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.152.152.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-152-223.compute-1.amazonaws.com
Software
openresty/1.19.9.1 /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-CSRF-Token
aZsaFRY1To1MOx_LICcRi2d0I41JJjCrcq31bLUibJKwsWmSGISO8U3E6m-HkbYQxRsw3TPcukJTcqImNonsFw
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://checklist.realperformance.co/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 09 Apr 2024 11:45:11 GMT
content-security-policy
default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
Connection
keep-alive
x-revision
1e4c06af9b0a
Content-Length
16
x-xss-protection
1; mode=block
x-request-id
576bb609-48b7-46a7-9d40-f6bd4940936f
x-runtime
0.008538
Server
openresty/1.19.9.1
etag
W/"c955e57777ec0d73639dca6748560d00"
x-download-options
noopen
vary
Accept, Origin
Content-Type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-gr
PROD
gumroad-default-avatar-5-623b6723477dd15920db554b0a4e9aac6a5e41159fd3d7bb4c9f9745a44e4f85.png
assets.gumroad.com/assets/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/assets/gumroad-default-avatar-5-623b6723477dd15920db554b0a4e9aac6a5e41159fd3d7bb4c9f9745a44e4f85.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.193.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a81256fbfa1979ee1b93b072031b3e5e532d3ebf23b611f8ca38ce3ab503dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 11:45:12 GMT
via
1.1 98b030ba90f9fb8f8b176298ebb3ab78.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
HIO50-C2
age
396698
cf-polished
origFmt=png, origSize=2139
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-disposition
inline; filename="gumroad-default-avatar-5-623b6723477dd15920db554b0a4e9aac6a5e41159fd3d7bb4c9f9745a44e4f85.webp"
content-length
1648
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 Apr 2024 20:10:28 GMT
server
cloudflare
etag
"b96741809c9ca1c58b0bdf58c9cfaa78"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
871a3fe33cfd7cf4-EWR
x-amz-cf-id
mLCP7G5nX3DAYsP79bUCHz75hch9Rq-dAPwhfSfeRdb2TYNEA-oDMg==
expires
Wed, 09 Apr 2025 11:45:12 GMT
sdk.js
connect.facebook.net/en_US/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=cefd8753e0cdeb5061b643ab41c8b8ec
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
1dbdef25b5c54c46fdfd64545fc2da9f076ecf24f82ef60f57c932b50aa0d916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
Origin
https://checklist.realperformance.co
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 11:45:12 GMT
content-md5
h4R5f7k6SyD2L+sdllJkLA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88665
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=3, rtx=0, c=23, mss=1232, tbw=4287, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
jYVtPi1jUTyejgCkiE4cFxPnVKRoI5PU+6Cwtu5GEPcImlMwRz7a1l4YGY8hBV5Xu8xd/ztIGkcbA6b2vmMctA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ba2330579c7d7d93978b2252ae688a48
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"271679258349dcc6c3f9fabfb8d3b3ad"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 09 Apr 2025 09:38:42 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=149071038533330&input_token&origin=1&redirect_uri=https%3A%2F%2Fchecklist.realperformance.co%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=cefd8753e0cdeb5061b643ab41c8b8ec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.14.35 Boca Raton, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-mia3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://checklist.realperformance.co/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 09 Apr 2024 11:45:12 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1380, tbw=2765, tp=-1, tpl=-1, uplat=25, ullat=0
pragma
no-cache
x-fb-debug
7Uqzin5GAC1BgRrK47YQtIRMFLKeDgKxPAeGuzmmHPX65VvYPW8Y0gIixtNDLDD0D+CnBguNhgZMbNIEtqXg4g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://checklist.realperformance.co
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery183011013316331550005 object| __translations object| webpackChunk object| ReactOnRails boolean| __REACT_ON_RAILS_EVENT_HANDLERS_RAN_ONCE__ number| __activeRequests string| __reactRouterVersion string| GoogleTagObject function| async object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| roots function| fbAsyncInit object| FB object| __buffer

3 Cookies

Domain/Path Name / Value
.realperformance.co/ Name: _gumroad_guid
Value: 522832a1-9f47-4996-ba0c-54412da31795
.realperformance.co/ Name: _ga
Value: GA1.1.78331726.1712663112
.realperformance.co/ Name: _ga_6LJN6D94N6
Value: GS1.1.1712663111.1.0.1712663111.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' blob: www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net *.google-analytics.com *.g.doubleclick.net *.googletagmanager.com analytics.google.com *.analytics.google.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly beaconapi.helpscout.net d3hb14vkzrxvla.cloudfront.net app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com *.google-analytics.com *.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com www.dropbox.com s.ytimg.com cdn.iframe.ly platform.twitter.com cdn.jwplayer.com *.jwpcdn.com gumroad.us3.list-manage.com analytics.twitter.com beacon-v2.helpscout.net app.gumroad.com assets.gumroad.com 'nonce-c/MXadUuUFy/Dzz6LwVMIKoZ17dzYv88jr6T8qjbahI=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com optimize.google.com fonts.googleapis.com assets.gumroad.com; worker-src * data: blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.gumroad.com
checklist.realperformance.co
connect.facebook.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.16.193.25
142.250.176.206
157.240.14.35
157.240.241.1
172.217.165.136
54.152.152.223
0e49c3dff1cd615da56cfab642a26ba31d4a6ef8043417eb946c13d2d0fd8743
1dbdef25b5c54c46fdfd64545fc2da9f076ecf24f82ef60f57c932b50aa0d916
1dce389757d0e9cebc13ab01e21a987b51032bf51535b2a11289eef11517c2bb
2065258c5093f1e788ba7c67392446216e7280565a620edafc1badb0e0a1d229
3aadef14cbea31dc0e4cbfe287e9fc752565384acb2d634295ba6455286bd95b
4b5ded266384848a933751b37141fd56b1d2fa02c07dc26cdbd5d3974dde0b61
58a81256fbfa1979ee1b93b072031b3e5e532d3ebf23b611f8ca38ce3ab503dd
684c5262cf227e3ee489fbb0cb9f57223c6dcc52cbab400c5ebed22e6ac85a17
6bee0ac8d947c2bfcc6020fbb13f6ff24fa07f4a2bfe530823b4ffa530ba5f85
6ef3ea5bbf01d5f22e0284f19366a8049a81245a49b3d2ea64216a753ee3768b
702f2bb5c90c6e688639a285e5d845d7824def604d00145e09e3000c0f26d4a3
717be9859a11ddd8d5cba7cc54d2b010cd1fb3a2ecdb361ded474e4662f2126a
88d2b25d018bea214057258fad3da095770eba6d7c5989c0c4720a15b5b50082
94e333adfe599d3623d7ab6b01c1d9aec4e36025759d3552d1ff4de5b00e3527
97713e7f5600fe7bbbd35d5355176be6af936c86d2d1999d0abcd05e36bb122a
b1ce0248e76472a7fdb2cdb9a3810ad03aaa7917b65c5e38e68c3247f0a8952e
b4bc54b273c8cccdd02672a819962bddd7c63d8bf4e0de4ee6f569368101ca04
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855